dnes jsem udelal co jste rekl, ten script.... restartoval se mi PC.... kvuli nejakym rootkitum, na tom neni nic zvlastniho, ale kdyz se to dodelalo zacli mi vsechny soubory hazet nejakou chybu kde bylo napsane
"Cesta k souboru"
"Pokus pouzit neplatnou operaci klice registu, ktery je oznacen pro odstraneni"
tak jsem skousel dat restart PC, ale neslo... musel jsem pouzit "tvrdy restar" (pridrzet zapinaci kolik cca 10sec) pak jsem nastartoval PC a dal F8 a posledni funkcni konfigurace....
prikladam ten log z Combofixu, ktery jsem ulozil...
ComboFix 10-04-21.01 - Boris 23.04.2010 16:42:12.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.1355 [GMT 2:00]
Spuštěný z: c:\users\Boris\Documents\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Boris\Desktop\CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AskTBar
c:\program files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL
Nakažená kopie c:\windows\system32\drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy9_!Windows!System32!drivers!atapi.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-23 do 2010-04-23 )))))))))))))))))))))))))))))))
.
2010-04-23 15:06 . 2010-04-23 15:10 -------- d-----w- c:\users\Boris\AppData\Local\temp
2010-04-23 15:06 . 2010-04-23 15:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-23 15:06 . 2010-04-23 15:06 -------- d-----w- c:\users\Hanulka\AppData\Local\temp
2010-04-23 15:06 . 2010-04-23 15:06 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-04-23 15:06 . 2010-04-23 15:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-21 19:44 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-04-14 11:45 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 11:45 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 11:45 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 11:45 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 11:45 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 11:44 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 11:44 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 11:44 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-14 11:44 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-14 11:44 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-14 11:43 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-05 20:57 . 2010-04-05 20:57 93056 ----a-w- C:\uflcyuog.sys
2010-04-04 16:22 . 2010-04-04 16:22 -------- d-----w- c:\users\Guest\AppData\Local\Apps
2010-04-04 16:20 . 2010-04-04 16:20 -------- d-----w- c:\users\Guest\AppData\Roaming\DivX
2010-04-04 16:20 . 2010-04-04 16:20 -------- d-----w- c:\users\Guest\AppData\Roaming\Malwarebytes
2010-04-04 16:19 . 2010-04-04 16:19 100432 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-03 05:39 . 2010-04-03 05:39 -------- d-----w- c:\windows\Sun
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-23 14:35 . 2007-01-08 21:09 606912 ----a-w- c:\windows\system32\perfh005.dat
2010-04-23 14:35 . 2007-01-08 21:09 119398 ----a-w- c:\windows\system32\perfc005.dat
2010-04-22 12:11 . 2007-11-05 19:08 -------- d-----w- c:\users\Boris\AppData\Roaming\OpenOffice.org2
2010-04-21 19:30 . 2010-01-14 19:17 -------- d-----w- c:\program files\trend micro
2010-04-21 10:57 . 2010-04-21 10:57 242696 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-04-21 10:56 . 2010-01-05 21:13 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-21 10:54 . 2010-04-21 10:54 1689952 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-15 14:29 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-13 17:36 . 2007-07-18 09:38 -------- d-----w- c:\users\Boris\AppData\Roaming\ICQ
2010-04-08 13:03 . 2010-04-08 13:03 4255072 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-07 21:08 . 2007-07-18 20:11 -------- d-----w- c:\users\Boris\AppData\Roaming\Skype
2010-04-07 17:28 . 2010-01-10 09:05 -------- d-----w- c:\users\Boris\AppData\Roaming\skypePM
2010-04-04 14:07 . 2010-01-05 21:13 -------- d-----w- c:\programdata\avg9
2010-04-03 09:03 . 2007-10-28 19:05 7244 ----a-w- c:\users\Boris\AppData\Local\d3d9caps.dat
2010-04-02 07:50 . 2010-04-02 07:50 4076824 ----a-w- c:\programdata\avg9\update\backup\avgui.exe
2010-04-02 07:50 . 2010-04-02 07:50 2059544 ----a-w- c:\programdata\avg9\update\backup\avgtray.exe
2010-04-02 07:50 . 2010-04-02 07:50 1598744 ----a-w- c:\programdata\avg9\update\backup\avgssie.dll
2010-04-02 07:50 . 2010-04-02 07:50 1515224 ----a-w- c:\programdata\avg9\update\backup\avgwd.dll
2010-04-02 07:50 . 2010-04-02 07:50 1274136 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe
2010-04-02 07:50 . 2010-04-02 07:50 598296 ----a-w- c:\programdata\avg9\update\backup\avgsrmx.dll
2010-04-02 07:50 . 2010-04-02 07:50 313112 ----a-w- c:\programdata\avg9\update\backup\avglogx.dll
2010-04-02 07:50 . 2010-04-02 07:50 1086744 ----a-w- c:\programdata\avg9\update\backup\avgchsvx.exe
2010-04-02 07:50 . 2010-04-02 07:50 556824 ----a-w- c:\programdata\avg9\update\backup\avgchjwx.dll
2010-04-02 07:50 . 2010-04-02 07:50 459544 ----a-w- c:\programdata\avg9\update\backup\avgcclix.dll
2010-04-02 07:50 . 2010-04-02 07:50 341272 ----a-w- c:\programdata\avg9\update\backup\avgxch32.dll
2010-04-02 07:50 . 2010-04-02 07:50 301336 ----a-w- c:\programdata\avg9\update\backup\avgchclx.dll
2010-04-02 07:49 . 2010-04-02 07:49 1035032 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2010-03-13 07:11 . 2010-03-13 07:11 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-13 07:11 . 2010-01-05 21:13 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-13 07:09 . 2010-01-05 21:13 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-24 13:15 . 2007-07-13 11:52 100432 ----a-w- c:\users\Boris\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-23 06:39 . 2010-03-31 14:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-31 14:08 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-31 14:08 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-31 14:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:06 . 2010-03-11 22:00 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-11 22:00 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-11 22:00 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-25 12:00 . 2010-02-23 20:58 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-23 20:57 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-23 20:57 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-23 20:58 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-23 20:57 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-23 20:57 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-23 20:57 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-23 20:57 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-23 20:57 518144 ----a-w- c:\windows\system32\RMActivate.exe
2006-05-08 03:36 . 2007-09-03 10:23 6195970 ----a-w- c:\program files\XP Codec Pack 1.3.4.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2004-12-02 05:18 . 2007-04-13 10:17 222390 --sha-r- c:\windows\ConfigSetRoot\IO.SYS
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
c:\users\Hanulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-6-8 393216]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^Boris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Boris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Jabbim.lnk]
path=c:\users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jabbim.lnk
backup=c:\windows\pss\Jabbim.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2007-07-23 10:48 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-07 15:38 135664 ----atw- c:\users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-02-11 18:13 166424 ----a-w- c:\windows\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPUsageTracking]
2007-11-02 13:52 36864 ----a-w- c:\program files\HP\HP UT\bin\hppusg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-11 18:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2007-05-31 18:16 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-06-16 04:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
2007-07-25 14:02 563984 ----a-w- c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2007-07-25 14:06 2027792 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 15:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-09-17 21:55 13580832 ----a-w- c:\windows\System32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-09-17 21:55 92704 ----a-w- c:\windows\System32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-11 18:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-06-13 11:11 4489216 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-05-28 18:39 1826816 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-05-01 07:47 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-05-14 22:22 35328 ----a-w- c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a4,c1,05,92,28,3a,ca,01
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3038224116-2228616904-308158760-1000]
"EnableNotificationsRef"=dword:00000001
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [2004-10-04 75925]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
R3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
R3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
R3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
R3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
R3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-01-07 38224]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-02 1083520]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [x]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-13 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 33800]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-13 308064]
S3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
S3 Atc002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\L260x86.sys [2006-12-13 25600]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2007-07-19 16384]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2007-07-20 9856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
2010-04-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000Core.job
- c:\users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 15:38]
2010-04-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000UA.job
- c:\users\Boris\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-07 15:38]
2010-04-23 c:\windows\Tasks\User_Feed_Synchronization-{1CB939E2-DFCB-4177-9C92-76757785239D}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
2010-04-23 c:\windows\Tasks\User_Feed_Synchronization-{1E0B1D22-D565-4A9E-9DC2-120B0F690ABE}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
2010-04-23 c:\windows\Tasks\User_Feed_Synchronization-{6C33CF46-6887-4FC2-A862-CE0598A2CBEF}.job
- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://wow.spojka.org/
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.yahoo.com
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Download with Star Downloader - c:\program files\Star Downloader\sdie.htm
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-23 17:10
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x861B4230]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x88cb3d24
\Driver\ACPI -> acpi.sys @ 0x8364bd68
\Driver\atapi -> 0x861b4230
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(9008)
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\WUDFHost.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\conime.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2010-04-23 17:18:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-23 15:18
ComboFix2.txt 2010-04-04 16:13
Před spuštěním: Volných bajtů: 94 601 224 192
Po spuštění: Volných bajtů: 94 572 990 464
- - End Of File - - F4FA6094B28353E6A4A8C2A423775AAD
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
AVG mi našlo několik viru
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG mi našlo několik viru
Stáhněte a uložte na plochu SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe- Spusťte, do okénka zkopírujte text z bílého okna.
Kód: Vybrat vše
:filefind
atapi.sys- klikněte na Look, po dokončení skenu na Vás vyskočí log, zkopírujte ho sem.
Re: AVG mi našlo několik viru
SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 19:52 on 23/04/2010 by Boris (Administrator - Elevation successful)
========== filefind ==========
Searching for "atapi.sys"
C:\Windows\ERDNT\cache\atapi.sys --a--- 19944 bytes [16:11 04/04/2010] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys --a--- 21560 bytes [22:02 13/02/2008] [22:02 13/02/2008] B35CFCEF838382AB6490B321C87EDF17
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys --a--- 19944 bytes [06:43 23/07/2009] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys --a--- 19048 bytes [10:25 02/11/2006] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys --a--- 21560 bytes [12:44 18/06/2008] [07:41 19/01/2008] 2D9C903DC76A66813D350A562DE40ED9
C:\Windows\System32\drivers\atapi.sys --a--- 19944 bytes [06:43 23/07/2009] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys --a--- 21560 bytes [22:02 13/02/2008] [22:02 13/02/2008] B35CFCEF838382AB6490B321C87EDF17
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys --a--- 21560 bytes [22:02 13/02/2008] [22:02 13/02/2008] E03E8C99D15D0381E02743C36AFC7C6F
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys --a--- 21560 bytes [12:44 18/06/2008] [07:41 19/01/2008] 2D9C903DC76A66813D350A562DE40ED9
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys --a--- 19944 bytes [06:43 23/07/2009] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
-=End Of File=-
Log created at 19:52 on 23/04/2010 by Boris (Administrator - Elevation successful)
========== filefind ==========
Searching for "atapi.sys"
C:\Windows\ERDNT\cache\atapi.sys --a--- 19944 bytes [16:11 04/04/2010] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys --a--- 21560 bytes [22:02 13/02/2008] [22:02 13/02/2008] B35CFCEF838382AB6490B321C87EDF17
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys --a--- 19944 bytes [06:43 23/07/2009] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys --a--- 19048 bytes [10:25 02/11/2006] [09:49 02/11/2006] 4F4FCB8B6EA06784FB6D475B7EC7300F
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys --a--- 21560 bytes [12:44 18/06/2008] [07:41 19/01/2008] 2D9C903DC76A66813D350A562DE40ED9
C:\Windows\System32\drivers\atapi.sys --a--- 19944 bytes [06:43 23/07/2009] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys --a--- 21560 bytes [22:02 13/02/2008] [22:02 13/02/2008] B35CFCEF838382AB6490B321C87EDF17
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys --a--- 21560 bytes [22:02 13/02/2008] [22:02 13/02/2008] E03E8C99D15D0381E02743C36AFC7C6F
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys --a--- 21560 bytes [12:44 18/06/2008] [07:41 19/01/2008] 2D9C903DC76A66813D350A562DE40ED9
C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys --a--- 19944 bytes [06:43 23/07/2009] [06:32 11/04/2009] 1F05B78AB91C9075565A9D8A4B880BC4
-=End Of File=-
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG mi našlo několik viru
Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878 (přejmenovaný z nouzového režimu).Re: AVG mi našlo několik viru
a nehodi to zase modrou smrt?:D
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG mi našlo několik viru
ja to skusim teda zitra...dneska mam jeste nejake vyrizovani a nerad kdyby se mi to ztratilo:D
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG mi našlo několik viru
znovu se mi to podelalo:D takze tento log postnout nemuzu, pokud chcete 1. tak ho postunu;)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG mi našlo několik viru
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: AVG mi našlo několik viru
extras
Kód: Vybrat vše
OTL Extras logfile created on: 25.4.2010 7:43:51 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Boris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 87,67 Gb Free Space | 37,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PAZDEROVI-PC
Current User Name: Boris
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3038224116-2228616904-308158760-1000]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA02446-AC9F-443A-A68E-3BDA3FB975B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4546E5AE-6766-429A-8810-7D1A26D1B1FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{48754E0C-D6D8-43CE-8AE3-51367E851D2C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{64F95880-902A-4A07-A3DA-10265DE4135A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{7EAEB24E-611C-4E16-9F64-151CE7C63D25}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8585EC9D-926A-4AEF-9253-8FC37AB00F0F}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{85E09314-C499-4046-A713-A84F4782CBED}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8D29CE36-88D9-407F-A8B9-2FF02709051A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8EE3B59D-2A81-4028-A3DF-3D0A27304051}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A2B0EB8-8E9E-49CE-9FAE-51B1DA3B2FD0}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{AAF2176D-C62A-4870-AF37-27CAC1228B80}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{C286FBDA-A3D4-42CA-B34F-710F2FA63BB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CCB745D4-4984-40C4-8FE8-F905E9BB5578}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{DDD1DE5E-054C-4B24-B843-55357FB6C639}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{EDBF7FDF-C1DF-4175-91EA-8C9DE60FE71F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{F190AD68-4A0A-497E-811C-E613B636484F}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{FF7F553A-F71B-4CA7-9896-7AC820EB5481}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00306FCB-7CDE-45B3-997F-BB97884F7590}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{02A19336-B382-46C5-8B38-A7CE02149609}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-enus-downloader.exe |
"{15D1268E-95C7-40B6-A87A-37724A52BC08}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{3A4355C5-2CE8-42D7-B005-59F63A086FA3}" = protocol=6 | dir=out | app=system |
"{435F9498-BFE9-4672-87B3-5E7DD7B9023C}" = protocol=17 | dir=in | app=c:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{4977A7DD-82F4-4A8A-A2B0-43BCB225BB6D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{4AC62A43-C486-4768-B929-545455890E2F}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{4D3C68EB-30B4-4224-B25D-CB6AD046837D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{72F5C4EA-A543-4888-B1B0-1A65C16D8597}" = protocol=6 | dir=in | app=c:\games\world of warcraft\wow.exe |
"{75EA324B-E1FC-4830-BD4D-52AF8FE0977C}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{8288606C-AB36-41EF-BF12-9952930D9287}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{8C0F6CC8-577A-44B3-80A3-3327EC867112}" = protocol=17 | dir=in | app=c:\games\world of warcraft\wow.exe |
"{8C516824-7C8B-456D-9F2A-64411CF82DE0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9B51A174-C851-46AA-8B46-8B9387178D1F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9EB05691-26F8-485E-A39C-972CB19DDC3E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-enus-downloader.exe |
"{B0F15719-5322-4D19-B9BE-849F66E09181}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{BAB2E557-6DD2-4F37-9935-56F0E8925A5F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C209C801-6D98-4161-9045-677C2DF07395}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-enus-downloader.exe |
"{CE71DAAC-666D-4F77-BF7C-F4FB442DFB32}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D01CF29A-46A4-405E-BB65-855EAA2B7F6D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{DEC5A89D-5CA8-430F-AA1D-ADADC9225B27}" = protocol=6 | dir=in | app=c:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E84F5709-F637-4601-A83D-063543E43EAC}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{EB25806B-FBB7-4821-AED8-E8365C899B66}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F0C74A65-CC2A-41B2-ABAE-55EA93B4C4BC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-enus-downloader.exe |
"{F16DAB79-7238-469E-8C15-E2853067B18C}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{FA7EDCEB-D5BC-458C-BB9A-F4B6C6D4F38D}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FB22513B-FF60-499B-8A39-57224ACF631F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{FB79238C-A73E-4DFD-8380-17208E4523D3}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{03CD16C6-E526-4C62-BD1A-67E6ED4495AF}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0A863D0D-506F-4407-98B3-26A716660EB6}C:\games\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\hl.exe |
"TCP Query User{2B2CA86F-8D1E-4CF0-8D66-8CD223A9B48A}C:\games\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=6 | dir=in | app=c:\games\codemasters\cmr dirt demo\dirtdemo.exe |
"TCP Query User{2CFFAF9B-5EF1-459F-AB2D-2BA799FD2AB3}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"TCP Query User{30A9863A-34F6-492D-9637-8F438D3A8010}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{35552BBA-E708-4C72-A0E5-8174655F92B7}C:\games\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\cstrike.exe |
"TCP Query User{362B165F-ACC1-4A6F-9805-1A885688E0B2}C:\games\counter-strike 1.6 - kopie\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6 - kopie\hl.exe |
"TCP Query User{3E6EB44D-E3A6-4640-A0AC-9CAB75E56EC8}C:\games\sierra\counter-strike 1.5\half-life\hl.exe" = protocol=6 | dir=in | app=c:\games\sierra\counter-strike 1.5\half-life\hl.exe |
"TCP Query User{47A73CB4-DC35-46FF-8F57-A115D6C9FD68}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{49D205A6-D889-41EE-B428-2B291D3AFA57}C:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\games\warcraft iii\war3.exe |
"TCP Query User{567E4F69-7931-41C8-8A6E-46DE7705B718}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{56C3AE7C-A0B0-40F8-85A2-92B133645D36}C:\games\valve\cs 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\games\valve\cs 1.6\cstrike.exe |
"TCP Query User{593C291B-93AD-415B-A64B-08B713E25C3A}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{799A7374-C9EE-4D6D-B681-8247D59A657E}C:\users\hanulka\sdc204\sdc204\strongdc.exe" = protocol=6 | dir=in | app=c:\users\hanulka\sdc204\sdc204\strongdc.exe |
"TCP Query User{82D67CD1-409C-4628-ADED-DEAC2BA65E2F}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{8DBA088A-F158-4EFD-ACC0-3CFD6F3D1340}C:\games\valve\cs 1.6\hl.exe" = protocol=6 | dir=in | app=c:\games\valve\cs 1.6\hl.exe |
"TCP Query User{9ADF870D-554B-4D4C-BD8A-FC3D2FCEAE2B}C:\games\railroad tycoon ii - platinum\rt2_plat.exe" = protocol=6 | dir=in | app=c:\games\railroad tycoon ii - platinum\rt2_plat.exe |
"TCP Query User{9C3F7BC9-D81F-4CC5-873E-7B806BA92B37}C:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe" = protocol=6 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe |
"TCP Query User{A1DBFBFA-2909-413D-A486-0063C842E9AB}C:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe" = protocol=6 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe |
"TCP Query User{A2A59272-A50C-4417-9507-9651A0AF8AE4}C:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\hl.exe |
"TCP Query User{A5869810-5343-4078-BEA2-D60FADC4F026}C:\games\world of warcraft sss\launcher.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft sss\launcher.exe |
"TCP Query User{A6647A7C-7D1B-45D5-A739-7DBDD418A4D0}C:\games\counter-strike 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\cstrike.exe |
"TCP Query User{B3BEB6E1-4460-4497-849A-B3C74828ADE5}C:\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C48C2822-1175-4D51-8541-FC0496A7D321}C:\users\boris\desktop\cabaltemp\estsetuploader.exe" = protocol=6 | dir=in | app=c:\users\boris\desktop\cabaltemp\estsetuploader.exe |
"TCP Query User{CA369C3E-1252-4326-95A2-49775413A431}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CFDF8F80-CB5D-430A-8511-2BBE270533CA}C:\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\repair.exe |
"TCP Query User{DEF8A4CC-FDC5-4699-A56D-CC1ACF78DDCC}C:\game\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=6 | dir=in | app=c:\game\codemasters\cmr dirt demo\dirtdemo.exe |
"TCP Query User{DFEA15CF-35A7-43A4-BAD9-F7A75DBB3012}C:\games\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\games\counter-strike source\hl2.exe |
"TCP Query User{E25CCFD5-2689-4063-BE07-38AE6A807B5D}C:\games\counter-strike 1.6\hltv.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\hltv.exe |
"TCP Query User{E7F67F26-A86E-4ED3-85AE-86F125CCB740}C:\games\counter-strike 1.6 - kopie\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6 - kopie\cstrike.exe |
"TCP Query User{ED9DC388-1E8B-491A-9409-0B5B94572306}C:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\launcher.exe |
"TCP Query User{F3165052-3DFC-4C97-AE00-A14780FB2347}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{082981BE-5CB1-4AE1-B441-E930BEA3CB8B}C:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\hl.exe |
"UDP Query User{0B4B3712-4616-4C1B-8109-57E02EAF2C40}C:\users\boris\desktop\cabaltemp\estsetuploader.exe" = protocol=17 | dir=in | app=c:\users\boris\desktop\cabaltemp\estsetuploader.exe |
"UDP Query User{177FBD98-2C2C-4DBF-BFDF-1BC841D3B681}C:\games\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\hl.exe |
"UDP Query User{47626C29-B9AE-4C5A-9420-983A0C96554C}C:\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{4A35C30F-48F2-4E89-B452-CB1F91C22E9B}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{4F530B68-C361-43EA-BBC5-2509CC737DCD}C:\games\counter-strike 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\cstrike.exe |
"UDP Query User{52574D6E-E774-497F-AA0D-30BB80C9AB4F}C:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\launcher.exe |
"UDP Query User{6239525D-5100-429F-8554-107C38C1E976}C:\games\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=17 | dir=in | app=c:\games\codemasters\cmr dirt demo\dirtdemo.exe |
"UDP Query User{67AE03D8-A102-4AA7-903D-746255172F00}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{6D016738-5168-4C0F-8D03-2943DBC3A6CC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{6E9C4A3D-D35E-4F61-AFCD-87E2ABDAC482}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{70052713-0931-4916-8943-47004E44D0A6}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{829857D9-EAAC-4FF0-90C6-0D6CE373F77D}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"UDP Query User{8D301480-F094-492C-89DC-8D76FC724041}C:\games\counter-strike 1.6 - kopie\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6 - kopie\cstrike.exe |
"UDP Query User{96797B0E-79DD-44D7-AE18-8211171EAE4E}C:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe" = protocol=17 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe |
"UDP Query User{9A77C595-7482-4916-AF5A-B0146006C8FB}C:\game\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=17 | dir=in | app=c:\game\codemasters\cmr dirt demo\dirtdemo.exe |
"UDP Query User{9D6BB21D-5368-4FEE-8B44-ECCE84F0FC68}C:\games\sierra\counter-strike 1.5\half-life\hl.exe" = protocol=17 | dir=in | app=c:\games\sierra\counter-strike 1.5\half-life\hl.exe |
"UDP Query User{A4FBF1C3-C922-4C82-95C2-606D015B4F9C}C:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe" = protocol=17 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe |
"UDP Query User{AA8372B0-671D-49B9-ADC3-E19B4221130B}C:\games\counter-strike 1.6\hltv.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\hltv.exe |
"UDP Query User{AD94166C-B816-4F6D-A323-9990FE541BFF}C:\games\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\games\counter-strike source\hl2.exe |
"UDP Query User{BF5BF17C-B442-44BE-81F6-7F8E59DBF2AC}C:\games\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\cstrike.exe |
"UDP Query User{C0646F38-0B64-4029-8DB3-07A1CEB445AB}C:\games\railroad tycoon ii - platinum\rt2_plat.exe" = protocol=17 | dir=in | app=c:\games\railroad tycoon ii - platinum\rt2_plat.exe |
"UDP Query User{C395AB8A-DAD9-47DE-AD0E-37794A35564D}C:\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\repair.exe |
"UDP Query User{C611D3DC-F5F4-43A3-8FC2-859D129542C2}C:\users\hanulka\sdc204\sdc204\strongdc.exe" = protocol=17 | dir=in | app=c:\users\hanulka\sdc204\sdc204\strongdc.exe |
"UDP Query User{C860697B-0F1A-42C4-8DA7-AD1A5910F181}C:\games\counter-strike 1.6 - kopie\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6 - kopie\hl.exe |
"UDP Query User{CB11AACD-3201-4091-84F9-B5B2A6CD4E52}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{D752603C-B131-4B7A-B37F-6FB28DA4410B}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{D9035A9B-8D28-45A5-A966-024EBAD93FDD}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{E78BFBD3-F6F6-4A67-AC82-309C34F5773F}C:\games\valve\cs 1.6\hl.exe" = protocol=17 | dir=in | app=c:\games\valve\cs 1.6\hl.exe |
"UDP Query User{E847F26A-37DF-44D5-AAF9-E9E784F6B0EE}C:\games\world of warcraft sss\launcher.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft sss\launcher.exe |
"UDP Query User{F1975ED5-9539-4939-914D-E73D31FDE9FE}C:\games\valve\cs 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\games\valve\cs 1.6\cstrike.exe |
"UDP Query User{F6A277D7-BF7E-4C89-B69B-5AC72C852E2B}C:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\games\warcraft iii\war3.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1204162A-1E08-4BB4-8F9C-D963D6375834}" = Scan To
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}" = Gothic III Release Update
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3DACACEC-5F90-4CEF-AB6B-77E0AF71BF5C}" = hppusgM1120
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{465BB659-D126-44A9-A857-6708D0F48DB1}" = OpenOffice.org 2.2
"{49F864F5-1A85-4E69-8764-C7E4EABD8BA0}" = KWorld TV Tuner Card Utilities
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83B0CE83-BE3C-464B-851B-19555F6A8633}" = Vista Manager
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C85AA4E-D246-4900-B6CF-D8EAF2C142F1}" = Testy Autoškola
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAF626C-D2E6-455C-9A5A-ACDF049A6168}" = ASUS nVidia Driver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB1DE0B0-3AEB-4890-A4F0-3388D51BC331}" = MrvlUsgTracking
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D64FCFC0-A9A2-4F1F-AB20-7C7219735632}" = Quake Live Internet Explorer Plugin
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E110480C-5C8D-46F5-A9FE-D680E51E0D0A}" = Rhabot
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"Azureus" = Azureus
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"eMusic Promotion" = eMusic - 50 Free MP3 offer
"Fraps" = Fraps
"Game Maker 6.0" = Game Maker 6.0
"Game Maker 6.1" = Game Maker 6.1
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HP LaserJet M1120 MFP" = HP LaserJet M1120 MFP Series
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.0.0
"LastFM_is1" = Last.fm 1.5.2.38918
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegauploadToolbar" = Megaupload Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobMap_is1" = MobMap 1.30
"NVIDIA Drivers" = NVIDIA Drivers
"Opera" = Opera
"PhotoFiltre Studio" = PhotoFiltre Studio
"PROHYBRIDR" = 2007 Microsoft Office system
"PROR" = Microsoft Office Professional 2007
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera Driver
"Scorpions WinCheater 2.07 (s databází 92)_is1" = Scorpions WinCheater
"SpeedFan" = SpeedFan (remove only)
"sporic_new_is1" = sporic_new
"Star Downloader Free" = Star Downloader Free
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Totalcmd" = Total Commander (Remove or Repair)
"TVP3XDrv" = KWorld TV713X BDA Driver
"Warcraft III" = Warcraft III
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"538e2a4af313161a" = FasterPing
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 2.0.9030 RC4
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 30.3.2008 12:17:53 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7e4, čas
spuštění aplikace 0x01c8928197f12005.
Error - 31.3.2008 9:00:49 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7d4, čas
spuštění aplikace 0x01c8932f3af92596.
Error - 1.4.2008 9:39:35 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x998, čas
spuštění aplikace 0x01c893fdcfbd2545.
Error - 1.4.2008 11:38:20 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x1670, čas
spuštění aplikace 0x01c8940e660b7785.
Error - 2.4.2008 7:27:50 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x8c8, čas
spuštění aplikace 0x01c894b491a5fc32.
Error - 2.4.2008 12:50:52 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ICQ.exe, verze 6.0.0.6043, časové razítko 0x47691dee,
chybující modul kernel32.dll, verze 6.0.6000.16386, časové razítko 0x4549bd80,
kód výjimky 0xe06d7363, posun chyby 0x0001b09e, ID procesu 0x166c, čas spuštění aplikace
0x01c894b667413932.
Error - 3.4.2008 11:20:02 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x118, čas
spuštění aplikace 0x01c8959e29add0fa.
Error - 3.4.2008 11:22:53 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Ventrilo.exe, verze 2.1.4.0, časové razítko 0x3fe763cd,
chybující modul USER32.dll, verze 6.0.6000.16438, časové razítko 0x45d3dc0e, kód
výjimky 0xc0000005, posun chyby 0x0002f133, ID procesu 0x16dc, čas spuštění aplikace
0x01c8959e7b0cd72a.
Error - 4.4.2008 7:20:35 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x5c8, čas
spuštění aplikace 0x01c89645e24adb23.
Error - 4.4.2008 7:50:12 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7bc, čas
spuštění aplikace 0x01c8964a0701b3cc.
[ Media Center Events ]
Error - 16.4.2008 12:06:36 | Computer Name = Pazderovi-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku MCESpotlight
se nezdařilo.
[ System Events ]
Error - 23.4.2010 11:26:41 | Computer Name = Pazderovi-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:24:29, 23.4.2010) bylo neočekávané.
Error - 23.4.2010 11:27:41 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.4.2010 11:27:41 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.4.2010 1:01:54 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.4.2010 1:01:54 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.4.2010 13:56:26 | Computer Name = Pazderovi-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (19:54:29, 24.4.2010) bylo neočekávané.
Error - 24.4.2010 13:58:00 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.4.2010 13:58:00 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.4.2010 1:37:35 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.4.2010 1:37:35 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
< End of report >
Re: AVG mi našlo několik viru
OTL cast 1
Kód: Vybrat vše
OTL logfile created on: 25.4.2010 7:43:51 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Boris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 87,67 Gb Free Space | 37,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PAZDEROVI-PC
Current User Name: Boris
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010.04.25 07:41:42 | 000,562,688 | ---- | M] (OldTimer Tools) -- C:\Users\Boris\Desktop\OTL.exe
PRC - [2010.04.21 13:44:02 | 007,393,944 | ---- | M] (Blizzard Entertainment) -- C:\games\World of Warcraft\Wow.exe
PRC - [2010.04.21 12:56:38 | 004,094,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgui.exe
PRC - [2010.04.21 12:56:31 | 000,620,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.04.16 21:04:31 | 000,532,976 | ---- | M] (Google Inc.) -- C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.04.02 09:49:40 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.03.13 09:11:27 | 000,508,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.03.13 09:11:19 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.03.13 09:09:10 | 000,710,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.03.11 02:03:17 | 007,359,640 | ---- | M] (Blizzard Entertainment) -- C:\games\World of Warcraft - Kopie\Wow.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2007.07.20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007.07.20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010.04.25 07:41:42 | 000,562,688 | ---- | M] (OldTimer Tools) -- C:\Users\Boris\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2007.07.20 00:40:36 | 000,113,176 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2010.03.13 09:11:19 | 000,308,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.06.15 15:34:20 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.07.23 12:48:08 | 000,067,072 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Stopped] -- C:\Windows\System32\ATKFUSService.exe -- (ATKFUSService)
SRV - [2007.07.20 00:42:30 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007.07.20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007.07.20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2006.07.05 15:02:03 | 000,358,008 | ---- | M] (Protection Technology (StarForce)) [Auto | Stopped] -- C:\Windows\System32\sfrem01.exe -- (sfrem01) SF FrontLine Drivers Auto Removal (v1)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2010.04.21 12:56:31 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.03.13 09:11:25 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.03.13 09:09:11 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.01.07 17:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.10.09 21:47:10 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.09.17 23:55:00 | 007,379,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.02.20 12:11:16 | 000,033,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2008.02.20 12:02:22 | 000,029,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\easdrv.sys -- (easdrv)
DRV - [2008.02.20 12:01:30 | 000,039,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008.02.11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008.02.11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2007.07.23 13:01:42 | 000,030,848 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKDispLowFilter.sys -- (atkdisplf)
DRV - [2007.07.23 12:48:10 | 000,013,696 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asusgsb.sys -- (asusgsb)
DRV - [2007.07.23 12:48:08 | 000,012,288 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\EIO.sys -- (EIO)
DRV - [2007.07.20 18:08:54 | 000,009,856 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2007.07.20 00:39:50 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007.07.20 00:37:56 | 002,109,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007.07.19 20:13:10 | 000,016,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2007.07.19 02:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.07.18 17:42:42 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007.07.14 21:24:09 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2007.07.14 21:24:07 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007.06.12 07:05:34 | 001,787,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.04.20 13:34:54 | 000,674,048 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2007.03.06 17:49:20 | 000,491,168 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2006.12.13 12:00:08 | 000,025,600 | ---- | M] (Attansic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L260x86.sys -- (Atc002)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:27:22 | 001,083,520 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.10.18 14:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006.08.18 11:10:24 | 000,061,504 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\K320bus.sys -- (K320bus) Sony Ericsson K320 driver (WDM)
DRV - [2006.08.18 11:10:22 | 000,097,056 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\K320mdm.sys -- (K320mdm)
DRV - [2006.08.18 11:10:22 | 000,009,328 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\K320mdfl.sys -- (K320mdfl)
DRV - [2006.08.18 11:10:20 | 000,088,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\K320mgmt.sys -- (K320mgmt) Sony Ericsson K320 USB WMC Device Management Drivers (WDM)
DRV - [2006.08.18 11:10:18 | 000,086,368 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\K320obex.sys -- (K320obex)
DRV - [2006.08.11 15:47:13 | 000,059,776 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.07.12 05:48:46 | 000,017,408 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gMouPS2.sys -- (gMouPS2)
DRV - [2006.07.05 14:39:29 | 000,059,256 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.10.04 11:34:56 | 000,075,925 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\wf2kvcap.sys -- (BT848)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://wow.spojka.org/
IE - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/skinit/icq/"
[2008.10.23 19:11:33 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Mozilla\Extensions
[2008.10.23 19:11:33 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\srdwpqqv.default\extensions
O1 HOSTS File: ([2010.04.23 17:09:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: () - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\Program Files\Star Downloader\SDIEInt.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - Reg Error: Value error. File not found
O4 - Startup: C:\Users\Hanulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008.06.18 20:05:47 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Re: AVG mi našlo několik viru
OTL cast 2
Kód: Vybrat vše
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
OTL cannot create restorepoints on Vista OSs!
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.04.25 07:41:39 | 000,562,688 | ---- | C] (OldTimer Tools) -- C:\Users\Boris\Desktop\OTL.exe
[2010.04.23 17:18:51 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.04.23 17:18:50 | 000,000,000 | ---D | C] -- C:\Users\Boris\AppData\Local\temp
[2010.04.23 17:09:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.04.22 22:43:05 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.04.22 22:43:00 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.04.22 22:42:59 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.04.22 22:42:41 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.04.22 22:41:28 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.04.21 21:44:06 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.04.14 13:45:04 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 13:44:58 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 13:44:57 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 13:44:45 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 13:44:45 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.05 22:57:36 | 000,093,056 | ---- | C] (GMER) -- C:\uflcyuog.sys
[2010.04.05 06:28:41 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.04.04 19:44:47 | 000,880,624 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\Boris\Desktop\SPTDinst-v162-x86.exe
[2010.04.04 17:31:41 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.04.03 07:39:07 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.03.31 16:08:32 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.03.31 16:08:31 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.03.31 16:08:31 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.03.31 16:08:31 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.03.31 16:08:30 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.03.31 16:08:30 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.03.31 16:08:30 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.03.31 16:08:29 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.03.31 16:08:29 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.03.31 16:08:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.03.31 16:08:29 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.03.31 16:08:29 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.03.31 16:08:29 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.03.31 16:08:29 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.03.31 16:08:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.04.25 07:50:22 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6C33CF46-6887-4FC2-A862-CE0598A2CBEF}.job
[2010.04.25 07:50:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1E0B1D22-D565-4A9E-9DC2-120B0F690ABE}.job
[2010.04.25 07:49:59 | 000,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1CB939E2-DFCB-4177-9C92-76757785239D}.job
[2010.04.25 07:49:51 | 004,194,304 | -HS- | M] () -- C:\Users\Boris\NTUSER.DAT
[2010.04.25 07:43:17 | 059,241,570 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.04.25 07:41:51 | 001,419,592 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.25 07:41:51 | 000,606,912 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.25 07:41:51 | 000,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.25 07:41:51 | 000,119,398 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.25 07:41:51 | 000,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.25 07:41:42 | 000,562,688 | ---- | M] (OldTimer Tools) -- C:\Users\Boris\Desktop\OTL.exe
[2010.04.25 07:36:07 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.25 07:36:07 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.25 07:36:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.25 07:36:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.25 07:35:57 | 2146,689,024 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.24 23:40:21 | 000,524,288 | -HS- | M] () -- C:\Users\Boris\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.04.24 23:40:21 | 000,065,536 | -HS- | M] () -- C:\Users\Boris\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.24 23:39:25 | 004,510,644 | -H-- | M] () -- C:\Users\Boris\AppData\Local\IconCache.db
[2010.04.24 22:55:01 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000UA.job
[2010.04.24 22:55:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3038224116-2228616904-308158760-1000Core.job
[2010.04.24 19:56:20 | 190,958,261 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.04.23 17:21:38 | 000,000,000 | ---- | M] () -- C:\Users\Boris\Desktop\ss.bmp
[2010.04.23 17:09:59 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.04.23 17:09:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.04.22 22:40:39 | 000,000,991 | ---- | M] () -- C:\Users\Boris\Desktop\ComboFix – zástupce.lnk
[2010.04.21 12:56:31 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.04.21 12:56:28 | 000,002,042 | ---- | M] () -- C:\Users\Boris\Desktop\Google Chrome.lnk
[2010.04.18 07:12:09 | 000,000,918 | ---- | M] () -- C:\Users\Boris\Desktop\realmlist – zástupce.lnk
[2010.04.14 22:45:59 | 000,027,988 | ---- | M] () -- C:\Users\Boris\Documents\STUDENA VALKA.odt
[2010.04.11 13:07:18 | 000,018,587 | ---- | M] () -- C:\Users\Boris\Desktop\kupní smlouva.odt
[2010.04.05 22:57:36 | 000,093,056 | ---- | M] (GMER) -- C:\uflcyuog.sys
[2010.04.05 12:25:10 | 000,090,907 | ---- | M] () -- C:\Users\Boris\Desktop\Bez názvu.jpg
[2010.04.05 11:45:18 | 000,077,312 | ---- | M] () -- C:\Users\Boris\Desktop\mbr.exe
[2010.04.05 11:39:39 | 000,000,000 | ---- | M] () -- C:\Users\Boris\defogger_reenable
[2010.04.04 19:44:51 | 000,880,624 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\Boris\Desktop\SPTDinst-v162-x86.exe
[2010.04.04 17:27:26 | 000,000,186 | ---- | M] () -- C:\Users\Boris\Documents\smazani.reg
[2010.04.03 11:03:05 | 000,007,244 | ---- | M] () -- C:\Users\Boris\AppData\Local\d3d9caps.dat
[2010.04.02 22:27:12 | 000,002,051 | ---- | M] () -- C:\Users\Boris\Desktop\1-Click Cleaner.lnk
[2010.04.02 22:27:12 | 000,001,997 | ---- | M] () -- C:\Users\Boris\Desktop\Vista Manager.lnk
[2010.04.02 21:16:42 | 000,002,954 | ---- | M] () -- C:\Users\Boris\Documents\cc_20100402_211634.reg
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.04.24 19:56:20 | 190,958,261 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.04.23 17:21:38 | 000,000,000 | ---- | C] () -- C:\Users\Boris\Desktop\ss.bmp
[2010.04.22 22:43:05 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.04.22 22:43:02 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010.04.22 22:43:00 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.04.22 22:43:00 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.04.22 22:43:00 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.04.22 22:40:39 | 000,000,991 | ---- | C] () -- C:\Users\Boris\Desktop\ComboFix – zástupce.lnk
[2010.04.18 07:12:09 | 000,000,918 | ---- | C] () -- C:\Users\Boris\Desktop\realmlist – zástupce.lnk
[2010.04.14 21:34:26 | 000,027,988 | ---- | C] () -- C:\Users\Boris\Documents\STUDENA VALKA.odt
[2010.04.11 13:07:17 | 000,018,587 | ---- | C] () -- C:\Users\Boris\Desktop\kupní smlouva.odt
[2010.04.05 23:01:54 | 2146,689,024 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.05 12:25:09 | 000,090,907 | ---- | C] () -- C:\Users\Boris\Desktop\Bez názvu.jpg
[2010.04.05 12:17:41 | 000,293,376 | ---- | C] () -- C:\Users\Boris\Desktop\neco.com.exe
[2010.04.05 11:45:17 | 000,077,312 | ---- | C] () -- C:\Users\Boris\Desktop\mbr.exe
[2010.04.05 11:39:39 | 000,000,000 | ---- | C] () -- C:\Users\Boris\defogger_reenable
[2010.04.04 17:27:26 | 000,000,186 | ---- | C] () -- C:\Users\Boris\Documents\smazani.reg
[2010.04.02 22:27:12 | 000,002,051 | ---- | C] () -- C:\Users\Boris\Desktop\1-Click Cleaner.lnk
[2010.04.02 22:27:12 | 000,001,997 | ---- | C] () -- C:\Users\Boris\Desktop\Vista Manager.lnk
[2010.04.02 21:16:36 | 000,002,954 | ---- | C] () -- C:\Users\Boris\Documents\cc_20100402_211634.reg
[2009.07.23 08:44:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008.12.10 20:45:41 | 000,167,936 | ---- | C] () -- C:\Windows\System32\hpsfs.dll
[2008.10.08 17:16:24 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.10.08 17:15:41 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2008.07.23 16:05:00 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.07.23 16:05:00 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.02.20 12:11:16 | 000,033,800 | ---- | C] () -- C:\Windows\System32\drivers\epfwtdir.sys
[2008.02.11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008.01.02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2007.12.14 13:51:58 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hppatusg01.dll
[2007.09.03 13:29:41 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.09.03 13:29:36 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.09.03 13:29:36 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.07.18 17:42:42 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2007.07.14 21:24:09 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2007.07.14 21:24:07 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2007.07.13 20:34:14 | 000,000,604 | ---- | C] () -- C:\Windows\Thps3.INI
[2007.06.28 17:11:55 | 000,051,370 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007.06.28 16:37:54 | 000,001,324 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2007.06.28 16:37:28 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007.06.28 16:32:05 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2007.04.13 11:32:50 | 000,000,000 | ---- | C] () -- C:\Windows\sporic_new.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2002.01.13 07:27:52 | 000,016,384 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2002.01.13 07:27:52 | 000,009,856 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
[color=#E56717]========== LOP Check ==========[/color]
[2008.10.22 21:08:25 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\aAvgApi
[2009.10.10 17:34:13 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Azureus
[2008.08.28 18:51:37 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Canneverbe_Limited
[2007.07.18 14:26:38 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\GHISLER
[2010.04.13 19:36:51 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\ICQ
[2007.09.06 21:21:36 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\ICQ Toolbar
[2010.02.16 22:40:06 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\jabbim
[2008.01.16 18:49:03 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\MegauploadToolbar
[2008.11.08 14:42:40 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\MobMapUpdater
[2007.07.18 12:29:15 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Opera
[2007.11.03 20:33:52 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\PeerNetworking
[2002.03.31 19:33:40 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\QIP
[2009.06.08 16:54:24 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\TeamViewer
[2007.07.29 20:51:51 | 000,000,000 | ---D | M] -- C:\Users\Hanulka\AppData\Roaming\Azureus
[2007.11.10 19:22:06 | 000,000,000 | ---D | M] -- C:\Users\Hanulka\AppData\Roaming\ICQ
[2007.08.22 18:17:45 | 000,000,000 | ---D | M] -- C:\Users\Hanulka\AppData\Roaming\ICQ Toolbar
[2007.10.27 13:08:57 | 000,000,000 | ---D | M] -- C:\Users\Hanulka\AppData\Roaming\Opera
[2010.01.17 00:23:59 | 000,000,000 | ---D | M] -- C:\Users\Hanulka\AppData\Roaming\uTorrent
[2007.09.09 21:22:49 | 000,000,000 | ---D | M] -- C:\Users\Rodiče\AppData\Roaming\ICQ
[2009.07.14 20:57:57 | 000,000,000 | ---D | M] -- C:\Users\Rodiče\AppData\Roaming\Opera
[2010.04.24 23:40:01 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.04.25 07:49:59 | 000,000,440 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1CB939E2-DFCB-4177-9C92-76757785239D}.job
[2010.04.25 07:50:00 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1E0B1D22-D565-4A9E-9DC2-120B0F690ABE}.job
[2010.04.25 07:50:22 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{6C33CF46-6887-4FC2-A862-CE0598A2CBEF}.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >[/color]
[color=#A23BEC]< c:\windows\*.* /U >[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2008.10.22 21:08:25 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\aAvgApi
[2008.06.17 14:57:39 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Adobe
[2009.10.10 17:34:13 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Azureus
[2008.08.28 18:51:37 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Canneverbe_Limited
[2007.12.03 21:41:53 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\DivX
[2007.07.18 14:26:38 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\GHISLER
[2008.03.11 19:39:58 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Google
[2009.10.17 23:20:46 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Hamachi
[2008.12.10 20:41:05 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\HP
[2010.04.13 19:36:51 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\ICQ
[2007.09.06 21:21:36 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\ICQ Toolbar
[2007.07.13 13:52:31 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Identities
[2007.08.22 08:16:00 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\InstallShield
[2010.02.16 22:40:06 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\jabbim
[2007.07.18 11:27:19 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Macromedia
[2010.01.15 22:25:05 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Media Center Programs
[2008.01.20 13:07:33 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Media Player Classic
[2008.01.16 18:49:03 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\MegauploadToolbar
[2010.01.05 23:08:16 | 000,000,000 | --SD | M] -- C:\Users\Boris\AppData\Roaming\Microsoft
[2008.11.08 14:42:40 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\MobMapUpdater
[2008.10.23 19:11:33 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Mozilla
[2007.12.11 20:04:14 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Nero
[2010.04.22 14:11:13 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\OpenOffice.org2
[2007.07.18 12:29:15 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Opera
[2007.11.03 20:33:52 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\PeerNetworking
[2002.03.31 19:33:40 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\QIP
[2010.01.15 21:36:11 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Real
[2010.04.23 19:52:28 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Skype
[2010.04.23 18:53:26 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\skypePM
[2008.12.13 14:25:11 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\teamspeak2
[2009.06.08 16:54:24 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\TeamViewer
[2007.11.15 23:17:30 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Ventrilo
[2008.03.10 12:44:50 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Winamp
[2007.07.14 21:57:27 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\WinRAR
[2008.07.22 13:00:21 | 000,000,000 | ---D | M] -- C:\Users\Boris\AppData\Roaming\Yahoo!
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2006.11.03 18:56:58 | 000,837,576 | ---- | M] () -- C:\Users\Boris\AppData\Roaming\MegauploadToolbar\megauper.exe
[2007.10.26 18:21:52 | 000,010,134 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
[2002.02.15 22:33:03 | 000,005,120 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\ClickCleaner.exe
[2010.04.02 22:27:15 | 000,017,542 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\ContextMenuManager.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\DiskAnalyzer.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\DuplicateFilesFinder.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\FileSecurity.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\FileSplitter.exe
[2010.04.02 22:27:15 | 000,017,542 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\FreeMemory.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\IconManager.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\IEManager.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\JunkFileCleaner.exe
[2010.04.02 22:27:15 | 000,005,430 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\LiveUpdate.exe
[2010.04.02 22:27:15 | 000,013,262 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\OptimizationWizard.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\PrivacyProtector.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\ProcessManager.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\RegistryCleaner.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\RegistryDefrag.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\RepairCenter.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\RunShortcutCreator.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\ServiceManager.exe
[2010.04.02 22:27:15 | 000,017,542 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\SmartUninstaller.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\StartupManager.exe
[2010.04.02 22:27:15 | 000,014,534 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\SystemFolder_msiexec.exe
[2010.04.02 22:27:15 | 000,007,886 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\SystemInfo.exe
[2010.04.02 22:27:15 | 000,017,542 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\TaskSchedulerManager.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\VistaManager.exe
[2010.04.02 22:27:15 | 000,015,086 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\WallpaperChanger.exe
[2010.04.02 22:27:15 | 000,013,262 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{83B0CE83-BE3C-464B-851B-19555F6A8633}\WinUtilities.exe
[2008.05.26 19:41:51 | 000,000,766 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{8C85AA4E-D246-4900-B6CF-D8EAF2C142F1}\_26e91eb.exe
[2008.05.26 19:41:51 | 000,000,766 | R--- | M] () -- C:\Users\Boris\AppData\Roaming\Microsoft\Installer\{8C85AA4E-D246-4900-B6CF-D8EAF2C142F1}\_5af141bb.exe
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.14 00:02:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.14 00:02:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.14 00:02:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[color=#A23BEC]< MD5 for: CRYPTSVC.DLL >[/color]
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.14 23:48:17 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.14 23:48:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[color=#A23BEC]< MD5 for: HAL.DLL >[/color]
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
[color=#A23BEC]< MD5 for: ISAPNP.SYS >[/color]
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
[color=#A23BEC]< MD5 for: LSASS.EXE >[/color]
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\ERDNT\cache\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[color=#A23BEC]< MD5 for: NDIS.SYS >[/color]
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[color=#A23BEC]< MD5 for: NVRAID.SYS >[/color]
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[color=#A23BEC]< MD5 for: SMSS.EXE >[/color]
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
[color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[color=#A23BEC]< MD5 for: TCPIP.SYS >[/color]
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2008.01.16 14:57:21 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2008.01.16 14:57:20 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.14 00:02:26 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.14 00:02:26 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[color=#A23BEC]< MD5 for: WS2_32.DLL >[/color]
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\ERDNT\cache\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
[color=#A23BEC]< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >[/color]
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /3 >[/color]
[color=#A23BEC]< %systemroot%\system32\*.* /3 >[/color]
[2010.04.25 07:36:07 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.25 07:36:07 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.25 07:41:51 | 000,119,398 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.25 07:41:51 | 000,104,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.25 07:41:51 | 000,606,912 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.25 07:41:51 | 000,595,308 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.25 07:41:51 | 001,419,592 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: AVG mi našlo několik viru
extras
OTL Extras logfile created on: 25.4.2010 7:43:51 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Boris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 87,67 Gb Free Space | 37,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PAZDEROVI-PC
Current User Name: Boris
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3038224116-2228616904-308158760-1000]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA02446-AC9F-443A-A68E-3BDA3FB975B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4546E5AE-6766-429A-8810-7D1A26D1B1FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{48754E0C-D6D8-43CE-8AE3-51367E851D2C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{64F95880-902A-4A07-A3DA-10265DE4135A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{7EAEB24E-611C-4E16-9F64-151CE7C63D25}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8585EC9D-926A-4AEF-9253-8FC37AB00F0F}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{85E09314-C499-4046-A713-A84F4782CBED}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8D29CE36-88D9-407F-A8B9-2FF02709051A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8EE3B59D-2A81-4028-A3DF-3D0A27304051}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A2B0EB8-8E9E-49CE-9FAE-51B1DA3B2FD0}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{AAF2176D-C62A-4870-AF37-27CAC1228B80}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{C286FBDA-A3D4-42CA-B34F-710F2FA63BB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CCB745D4-4984-40C4-8FE8-F905E9BB5578}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{DDD1DE5E-054C-4B24-B843-55357FB6C639}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{EDBF7FDF-C1DF-4175-91EA-8C9DE60FE71F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{F190AD68-4A0A-497E-811C-E613B636484F}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{FF7F553A-F71B-4CA7-9896-7AC820EB5481}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00306FCB-7CDE-45B3-997F-BB97884F7590}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{02A19336-B382-46C5-8B38-A7CE02149609}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-enus-downloader.exe |
"{15D1268E-95C7-40B6-A87A-37724A52BC08}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{3A4355C5-2CE8-42D7-B005-59F63A086FA3}" = protocol=6 | dir=out | app=system |
"{435F9498-BFE9-4672-87B3-5E7DD7B9023C}" = protocol=17 | dir=in | app=c:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{4977A7DD-82F4-4A8A-A2B0-43BCB225BB6D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{4AC62A43-C486-4768-B929-545455890E2F}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{4D3C68EB-30B4-4224-B25D-CB6AD046837D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{72F5C4EA-A543-4888-B1B0-1A65C16D8597}" = protocol=6 | dir=in | app=c:\games\world of warcraft\wow.exe |
"{75EA324B-E1FC-4830-BD4D-52AF8FE0977C}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{8288606C-AB36-41EF-BF12-9952930D9287}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{8C0F6CC8-577A-44B3-80A3-3327EC867112}" = protocol=17 | dir=in | app=c:\games\world of warcraft\wow.exe |
"{8C516824-7C8B-456D-9F2A-64411CF82DE0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9B51A174-C851-46AA-8B46-8B9387178D1F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9EB05691-26F8-485E-A39C-972CB19DDC3E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-enus-downloader.exe |
"{B0F15719-5322-4D19-B9BE-849F66E09181}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{BAB2E557-6DD2-4F37-9935-56F0E8925A5F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C209C801-6D98-4161-9045-677C2DF07395}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-enus-downloader.exe |
"{CE71DAAC-666D-4F77-BF7C-F4FB442DFB32}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D01CF29A-46A4-405E-BB65-855EAA2B7F6D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{DEC5A89D-5CA8-430F-AA1D-ADADC9225B27}" = protocol=6 | dir=in | app=c:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E84F5709-F637-4601-A83D-063543E43EAC}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{EB25806B-FBB7-4821-AED8-E8365C899B66}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F0C74A65-CC2A-41B2-ABAE-55EA93B4C4BC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-enus-downloader.exe |
"{F16DAB79-7238-469E-8C15-E2853067B18C}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{FA7EDCEB-D5BC-458C-BB9A-F4B6C6D4F38D}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FB22513B-FF60-499B-8A39-57224ACF631F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{FB79238C-A73E-4DFD-8380-17208E4523D3}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{03CD16C6-E526-4C62-BD1A-67E6ED4495AF}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0A863D0D-506F-4407-98B3-26A716660EB6}C:\games\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\hl.exe |
"TCP Query User{2B2CA86F-8D1E-4CF0-8D66-8CD223A9B48A}C:\games\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=6 | dir=in | app=c:\games\codemasters\cmr dirt demo\dirtdemo.exe |
"TCP Query User{2CFFAF9B-5EF1-459F-AB2D-2BA799FD2AB3}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"TCP Query User{30A9863A-34F6-492D-9637-8F438D3A8010}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{35552BBA-E708-4C72-A0E5-8174655F92B7}C:\games\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\cstrike.exe |
"TCP Query User{362B165F-ACC1-4A6F-9805-1A885688E0B2}C:\games\counter-strike 1.6 - kopie\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6 - kopie\hl.exe |
"TCP Query User{3E6EB44D-E3A6-4640-A0AC-9CAB75E56EC8}C:\games\sierra\counter-strike 1.5\half-life\hl.exe" = protocol=6 | dir=in | app=c:\games\sierra\counter-strike 1.5\half-life\hl.exe |
"TCP Query User{47A73CB4-DC35-46FF-8F57-A115D6C9FD68}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{49D205A6-D889-41EE-B428-2B291D3AFA57}C:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\games\warcraft iii\war3.exe |
"TCP Query User{567E4F69-7931-41C8-8A6E-46DE7705B718}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{56C3AE7C-A0B0-40F8-85A2-92B133645D36}C:\games\valve\cs 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\games\valve\cs 1.6\cstrike.exe |
"TCP Query User{593C291B-93AD-415B-A64B-08B713E25C3A}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{799A7374-C9EE-4D6D-B681-8247D59A657E}C:\users\hanulka\sdc204\sdc204\strongdc.exe" = protocol=6 | dir=in | app=c:\users\hanulka\sdc204\sdc204\strongdc.exe |
"TCP Query User{82D67CD1-409C-4628-ADED-DEAC2BA65E2F}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{8DBA088A-F158-4EFD-ACC0-3CFD6F3D1340}C:\games\valve\cs 1.6\hl.exe" = protocol=6 | dir=in | app=c:\games\valve\cs 1.6\hl.exe |
"TCP Query User{9ADF870D-554B-4D4C-BD8A-FC3D2FCEAE2B}C:\games\railroad tycoon ii - platinum\rt2_plat.exe" = protocol=6 | dir=in | app=c:\games\railroad tycoon ii - platinum\rt2_plat.exe |
"TCP Query User{9C3F7BC9-D81F-4CC5-873E-7B806BA92B37}C:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe" = protocol=6 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe |
"TCP Query User{A1DBFBFA-2909-413D-A486-0063C842E9AB}C:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe" = protocol=6 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe |
"TCP Query User{A2A59272-A50C-4417-9507-9651A0AF8AE4}C:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\hl.exe |
"TCP Query User{A5869810-5343-4078-BEA2-D60FADC4F026}C:\games\world of warcraft sss\launcher.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft sss\launcher.exe |
"TCP Query User{A6647A7C-7D1B-45D5-A739-7DBDD418A4D0}C:\games\counter-strike 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\cstrike.exe |
"TCP Query User{B3BEB6E1-4460-4497-849A-B3C74828ADE5}C:\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C48C2822-1175-4D51-8541-FC0496A7D321}C:\users\boris\desktop\cabaltemp\estsetuploader.exe" = protocol=6 | dir=in | app=c:\users\boris\desktop\cabaltemp\estsetuploader.exe |
"TCP Query User{CA369C3E-1252-4326-95A2-49775413A431}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CFDF8F80-CB5D-430A-8511-2BBE270533CA}C:\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\repair.exe |
"TCP Query User{DEF8A4CC-FDC5-4699-A56D-CC1ACF78DDCC}C:\game\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=6 | dir=in | app=c:\game\codemasters\cmr dirt demo\dirtdemo.exe |
"TCP Query User{DFEA15CF-35A7-43A4-BAD9-F7A75DBB3012}C:\games\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\games\counter-strike source\hl2.exe |
"TCP Query User{E25CCFD5-2689-4063-BE07-38AE6A807B5D}C:\games\counter-strike 1.6\hltv.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\hltv.exe |
"TCP Query User{E7F67F26-A86E-4ED3-85AE-86F125CCB740}C:\games\counter-strike 1.6 - kopie\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6 - kopie\cstrike.exe |
"TCP Query User{ED9DC388-1E8B-491A-9409-0B5B94572306}C:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\launcher.exe |
"TCP Query User{F3165052-3DFC-4C97-AE00-A14780FB2347}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{082981BE-5CB1-4AE1-B441-E930BEA3CB8B}C:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\hl.exe |
"UDP Query User{0B4B3712-4616-4C1B-8109-57E02EAF2C40}C:\users\boris\desktop\cabaltemp\estsetuploader.exe" = protocol=17 | dir=in | app=c:\users\boris\desktop\cabaltemp\estsetuploader.exe |
"UDP Query User{177FBD98-2C2C-4DBF-BFDF-1BC841D3B681}C:\games\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\hl.exe |
"UDP Query User{47626C29-B9AE-4C5A-9420-983A0C96554C}C:\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{4A35C30F-48F2-4E89-B452-CB1F91C22E9B}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{4F530B68-C361-43EA-BBC5-2509CC737DCD}C:\games\counter-strike 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\cstrike.exe |
"UDP Query User{52574D6E-E774-497F-AA0D-30BB80C9AB4F}C:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\launcher.exe |
"UDP Query User{6239525D-5100-429F-8554-107C38C1E976}C:\games\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=17 | dir=in | app=c:\games\codemasters\cmr dirt demo\dirtdemo.exe |
"UDP Query User{67AE03D8-A102-4AA7-903D-746255172F00}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{6D016738-5168-4C0F-8D03-2943DBC3A6CC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{6E9C4A3D-D35E-4F61-AFCD-87E2ABDAC482}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{70052713-0931-4916-8943-47004E44D0A6}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{829857D9-EAAC-4FF0-90C6-0D6CE373F77D}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"UDP Query User{8D301480-F094-492C-89DC-8D76FC724041}C:\games\counter-strike 1.6 - kopie\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6 - kopie\cstrike.exe |
"UDP Query User{96797B0E-79DD-44D7-AE18-8211171EAE4E}C:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe" = protocol=17 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe |
"UDP Query User{9A77C595-7482-4916-AF5A-B0146006C8FB}C:\game\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=17 | dir=in | app=c:\game\codemasters\cmr dirt demo\dirtdemo.exe |
"UDP Query User{9D6BB21D-5368-4FEE-8B44-ECCE84F0FC68}C:\games\sierra\counter-strike 1.5\half-life\hl.exe" = protocol=17 | dir=in | app=c:\games\sierra\counter-strike 1.5\half-life\hl.exe |
"UDP Query User{A4FBF1C3-C922-4C82-95C2-606D015B4F9C}C:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe" = protocol=17 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe |
"UDP Query User{AA8372B0-671D-49B9-ADC3-E19B4221130B}C:\games\counter-strike 1.6\hltv.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\hltv.exe |
"UDP Query User{AD94166C-B816-4F6D-A323-9990FE541BFF}C:\games\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\games\counter-strike source\hl2.exe |
"UDP Query User{BF5BF17C-B442-44BE-81F6-7F8E59DBF2AC}C:\games\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\cstrike.exe |
"UDP Query User{C0646F38-0B64-4029-8DB3-07A1CEB445AB}C:\games\railroad tycoon ii - platinum\rt2_plat.exe" = protocol=17 | dir=in | app=c:\games\railroad tycoon ii - platinum\rt2_plat.exe |
"UDP Query User{C395AB8A-DAD9-47DE-AD0E-37794A35564D}C:\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\repair.exe |
"UDP Query User{C611D3DC-F5F4-43A3-8FC2-859D129542C2}C:\users\hanulka\sdc204\sdc204\strongdc.exe" = protocol=17 | dir=in | app=c:\users\hanulka\sdc204\sdc204\strongdc.exe |
"UDP Query User{C860697B-0F1A-42C4-8DA7-AD1A5910F181}C:\games\counter-strike 1.6 - kopie\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6 - kopie\hl.exe |
"UDP Query User{CB11AACD-3201-4091-84F9-B5B2A6CD4E52}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{D752603C-B131-4B7A-B37F-6FB28DA4410B}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{D9035A9B-8D28-45A5-A966-024EBAD93FDD}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{E78BFBD3-F6F6-4A67-AC82-309C34F5773F}C:\games\valve\cs 1.6\hl.exe" = protocol=17 | dir=in | app=c:\games\valve\cs 1.6\hl.exe |
"UDP Query User{E847F26A-37DF-44D5-AAF9-E9E784F6B0EE}C:\games\world of warcraft sss\launcher.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft sss\launcher.exe |
"UDP Query User{F1975ED5-9539-4939-914D-E73D31FDE9FE}C:\games\valve\cs 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\games\valve\cs 1.6\cstrike.exe |
"UDP Query User{F6A277D7-BF7E-4C89-B69B-5AC72C852E2B}C:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\games\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1204162A-1E08-4BB4-8F9C-D963D6375834}" = Scan To
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}" = Gothic III Release Update
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3DACACEC-5F90-4CEF-AB6B-77E0AF71BF5C}" = hppusgM1120
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{465BB659-D126-44A9-A857-6708D0F48DB1}" = OpenOffice.org 2.2
"{49F864F5-1A85-4E69-8764-C7E4EABD8BA0}" = KWorld TV Tuner Card Utilities
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83B0CE83-BE3C-464B-851B-19555F6A8633}" = Vista Manager
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C85AA4E-D246-4900-B6CF-D8EAF2C142F1}" = Testy Autoškola
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAF626C-D2E6-455C-9A5A-ACDF049A6168}" = ASUS nVidia Driver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB1DE0B0-3AEB-4890-A4F0-3388D51BC331}" = MrvlUsgTracking
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D64FCFC0-A9A2-4F1F-AB20-7C7219735632}" = Quake Live Internet Explorer Plugin
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E110480C-5C8D-46F5-A9FE-D680E51E0D0A}" = Rhabot
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"Azureus" = Azureus
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"eMusic Promotion" = eMusic - 50 Free MP3 offer
"Fraps" = Fraps
"Game Maker 6.0" = Game Maker 6.0
"Game Maker 6.1" = Game Maker 6.1
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HP LaserJet M1120 MFP" = HP LaserJet M1120 MFP Series
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.0.0
"LastFM_is1" = Last.fm 1.5.2.38918
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegauploadToolbar" = Megaupload Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobMap_is1" = MobMap 1.30
"NVIDIA Drivers" = NVIDIA Drivers
"Opera" = Opera
"PhotoFiltre Studio" = PhotoFiltre Studio
"PROHYBRIDR" = 2007 Microsoft Office system
"PROR" = Microsoft Office Professional 2007
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera Driver
"Scorpions WinCheater 2.07 (s databází 92)_is1" = Scorpions WinCheater
"SpeedFan" = SpeedFan (remove only)
"sporic_new_is1" = sporic_new
"Star Downloader Free" = Star Downloader Free
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Totalcmd" = Total Commander (Remove or Repair)
"TVP3XDrv" = KWorld TV713X BDA Driver
"Warcraft III" = Warcraft III
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"538e2a4af313161a" = FasterPing
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 2.0.9030 RC4
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.3.2008 12:17:53 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7e4, čas
spuštění aplikace 0x01c8928197f12005.
Error - 31.3.2008 9:00:49 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7d4, čas
spuštění aplikace 0x01c8932f3af92596.
Error - 1.4.2008 9:39:35 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x998, čas
spuštění aplikace 0x01c893fdcfbd2545.
Error - 1.4.2008 11:38:20 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x1670, čas
spuštění aplikace 0x01c8940e660b7785.
Error - 2.4.2008 7:27:50 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x8c8, čas
spuštění aplikace 0x01c894b491a5fc32.
Error - 2.4.2008 12:50:52 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ICQ.exe, verze 6.0.0.6043, časové razítko 0x47691dee,
chybující modul kernel32.dll, verze 6.0.6000.16386, časové razítko 0x4549bd80,
kód výjimky 0xe06d7363, posun chyby 0x0001b09e, ID procesu 0x166c, čas spuštění aplikace
0x01c894b667413932.
Error - 3.4.2008 11:20:02 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x118, čas
spuštění aplikace 0x01c8959e29add0fa.
Error - 3.4.2008 11:22:53 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Ventrilo.exe, verze 2.1.4.0, časové razítko 0x3fe763cd,
chybující modul USER32.dll, verze 6.0.6000.16438, časové razítko 0x45d3dc0e, kód
výjimky 0xc0000005, posun chyby 0x0002f133, ID procesu 0x16dc, čas spuštění aplikace
0x01c8959e7b0cd72a.
Error - 4.4.2008 7:20:35 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x5c8, čas
spuštění aplikace 0x01c89645e24adb23.
Error - 4.4.2008 7:50:12 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7bc, čas
spuštění aplikace 0x01c8964a0701b3cc.
[ Media Center Events ]
Error - 16.4.2008 12:06:36 | Computer Name = Pazderovi-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku MCESpotlight
se nezdařilo.
[ System Events ]
Error - 23.4.2010 11:26:41 | Computer Name = Pazderovi-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:24:29, 23.4.2010) bylo neočekávané.
Error - 23.4.2010 11:27:41 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.4.2010 11:27:41 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.4.2010 1:01:54 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.4.2010 1:01:54 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.4.2010 13:56:26 | Computer Name = Pazderovi-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (19:54:29, 24.4.2010) bylo neočekávané.
Error - 24.4.2010 13:58:00 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.4.2010 13:58:00 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.4.2010 1:37:35 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.4.2010 1:37:35 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
< End of report >
OTL Extras logfile created on: 25.4.2010 7:43:51 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Users\Boris\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 32,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 87,67 Gb Free Space | 37,65% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PAZDEROVI-PC
Current User Name: Boris
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Boris\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3038224116-2228616904-308158760-1000]
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA02446-AC9F-443A-A68E-3BDA3FB975B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4546E5AE-6766-429A-8810-7D1A26D1B1FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{48754E0C-D6D8-43CE-8AE3-51367E851D2C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{64F95880-902A-4A07-A3DA-10265DE4135A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{7EAEB24E-611C-4E16-9F64-151CE7C63D25}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8585EC9D-926A-4AEF-9253-8FC37AB00F0F}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{85E09314-C499-4046-A713-A84F4782CBED}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{8D29CE36-88D9-407F-A8B9-2FF02709051A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8EE3B59D-2A81-4028-A3DF-3D0A27304051}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9A2B0EB8-8E9E-49CE-9FAE-51B1DA3B2FD0}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{AAF2176D-C62A-4870-AF37-27CAC1228B80}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{C286FBDA-A3D4-42CA-B34F-710F2FA63BB7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CCB745D4-4984-40C4-8FE8-F905E9BB5578}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{DDD1DE5E-054C-4B24-B843-55357FB6C639}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{EDBF7FDF-C1DF-4175-91EA-8C9DE60FE71F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{F190AD68-4A0A-497E-811C-E613B636484F}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{FF7F553A-F71B-4CA7-9896-7AC820EB5481}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00306FCB-7CDE-45B3-997F-BB97884F7590}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{02A19336-B382-46C5-8B38-A7CE02149609}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-enus-downloader.exe |
"{15D1268E-95C7-40B6-A87A-37724A52BC08}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{3A4355C5-2CE8-42D7-B005-59F63A086FA3}" = protocol=6 | dir=out | app=system |
"{435F9498-BFE9-4672-87B3-5E7DD7B9023C}" = protocol=17 | dir=in | app=c:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{4977A7DD-82F4-4A8A-A2B0-43BCB225BB6D}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{4AC62A43-C486-4768-B929-545455890E2F}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{4D3C68EB-30B4-4224-B25D-CB6AD046837D}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{72F5C4EA-A543-4888-B1B0-1A65C16D8597}" = protocol=6 | dir=in | app=c:\games\world of warcraft\wow.exe |
"{75EA324B-E1FC-4830-BD4D-52AF8FE0977C}" = protocol=6 | dir=in | app=c:\program files\curse\curseclient.exe |
"{8288606C-AB36-41EF-BF12-9952930D9287}" = protocol=17 | dir=in | app=c:\program files\curse\curseclient.exe |
"{8C0F6CC8-577A-44B3-80A3-3327EC867112}" = protocol=17 | dir=in | app=c:\games\world of warcraft\wow.exe |
"{8C516824-7C8B-456D-9F2A-64411CF82DE0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9B51A174-C851-46AA-8B46-8B9387178D1F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9EB05691-26F8-485E-A39C-972CB19DDC3E}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-enus-downloader.exe |
"{B0F15719-5322-4D19-B9BE-849F66E09181}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{BAB2E557-6DD2-4F37-9935-56F0E8925A5F}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C209C801-6D98-4161-9045-677C2DF07395}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.8.9464-to-3.0.8.9506-enus-downloader.exe |
"{CE71DAAC-666D-4F77-BF7C-F4FB442DFB32}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D01CF29A-46A4-405E-BB65-855EAA2B7F6D}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{DEC5A89D-5CA8-430F-AA1D-ADADC9225B27}" = protocol=6 | dir=in | app=c:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{E84F5709-F637-4601-A83D-063543E43EAC}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{EB25806B-FBB7-4821-AED8-E8365C899B66}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{F0C74A65-CC2A-41B2-ABAE-55EA93B4C4BC}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-2.3.3.7799-to-2.4.0.8089-enus-downloader.exe |
"{F16DAB79-7238-469E-8C15-E2853067B18C}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{FA7EDCEB-D5BC-458C-BB9A-F4B6C6D4F38D}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FB22513B-FF60-499B-8A39-57224ACF631F}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{FB79238C-A73E-4DFD-8380-17208E4523D3}" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{03CD16C6-E526-4C62-BD1A-67E6ED4495AF}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0A863D0D-506F-4407-98B3-26A716660EB6}C:\games\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\hl.exe |
"TCP Query User{2B2CA86F-8D1E-4CF0-8D66-8CD223A9B48A}C:\games\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=6 | dir=in | app=c:\games\codemasters\cmr dirt demo\dirtdemo.exe |
"TCP Query User{2CFFAF9B-5EF1-459F-AB2D-2BA799FD2AB3}C:\program files\asus\gamerosd\sbs.exe" = protocol=6 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"TCP Query User{30A9863A-34F6-492D-9637-8F438D3A8010}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{35552BBA-E708-4C72-A0E5-8174655F92B7}C:\games\counter-strike\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\cstrike.exe |
"TCP Query User{362B165F-ACC1-4A6F-9805-1A885688E0B2}C:\games\counter-strike 1.6 - kopie\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6 - kopie\hl.exe |
"TCP Query User{3E6EB44D-E3A6-4640-A0AC-9CAB75E56EC8}C:\games\sierra\counter-strike 1.5\half-life\hl.exe" = protocol=6 | dir=in | app=c:\games\sierra\counter-strike 1.5\half-life\hl.exe |
"TCP Query User{47A73CB4-DC35-46FF-8F57-A115D6C9FD68}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{49D205A6-D889-41EE-B428-2B291D3AFA57}C:\games\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\games\warcraft iii\war3.exe |
"TCP Query User{567E4F69-7931-41C8-8A6E-46DE7705B718}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{56C3AE7C-A0B0-40F8-85A2-92B133645D36}C:\games\valve\cs 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\games\valve\cs 1.6\cstrike.exe |
"TCP Query User{593C291B-93AD-415B-A64B-08B713E25C3A}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{799A7374-C9EE-4D6D-B681-8247D59A657E}C:\users\hanulka\sdc204\sdc204\strongdc.exe" = protocol=6 | dir=in | app=c:\users\hanulka\sdc204\sdc204\strongdc.exe |
"TCP Query User{82D67CD1-409C-4628-ADED-DEAC2BA65E2F}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{8DBA088A-F158-4EFD-ACC0-3CFD6F3D1340}C:\games\valve\cs 1.6\hl.exe" = protocol=6 | dir=in | app=c:\games\valve\cs 1.6\hl.exe |
"TCP Query User{9ADF870D-554B-4D4C-BD8A-FC3D2FCEAE2B}C:\games\railroad tycoon ii - platinum\rt2_plat.exe" = protocol=6 | dir=in | app=c:\games\railroad tycoon ii - platinum\rt2_plat.exe |
"TCP Query User{9C3F7BC9-D81F-4CC5-873E-7B806BA92B37}C:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe" = protocol=6 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe |
"TCP Query User{A1DBFBFA-2909-413D-A486-0063C842E9AB}C:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe" = protocol=6 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe |
"TCP Query User{A2A59272-A50C-4417-9507-9651A0AF8AE4}C:\games\counter-strike\hl.exe" = protocol=6 | dir=in | app=c:\games\counter-strike\hl.exe |
"TCP Query User{A5869810-5343-4078-BEA2-D60FADC4F026}C:\games\world of warcraft sss\launcher.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft sss\launcher.exe |
"TCP Query User{A6647A7C-7D1B-45D5-A739-7DBDD418A4D0}C:\games\counter-strike 1.6\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\cstrike.exe |
"TCP Query User{B3BEB6E1-4460-4497-849A-B3C74828ADE5}C:\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{C48C2822-1175-4D51-8541-FC0496A7D321}C:\users\boris\desktop\cabaltemp\estsetuploader.exe" = protocol=6 | dir=in | app=c:\users\boris\desktop\cabaltemp\estsetuploader.exe |
"TCP Query User{CA369C3E-1252-4326-95A2-49775413A431}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CFDF8F80-CB5D-430A-8511-2BBE270533CA}C:\games\world of warcraft\repair.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\repair.exe |
"TCP Query User{DEF8A4CC-FDC5-4699-A56D-CC1ACF78DDCC}C:\game\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=6 | dir=in | app=c:\game\codemasters\cmr dirt demo\dirtdemo.exe |
"TCP Query User{DFEA15CF-35A7-43A4-BAD9-F7A75DBB3012}C:\games\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\games\counter-strike source\hl2.exe |
"TCP Query User{E25CCFD5-2689-4063-BE07-38AE6A807B5D}C:\games\counter-strike 1.6\hltv.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6\hltv.exe |
"TCP Query User{E7F67F26-A86E-4ED3-85AE-86F125CCB740}C:\games\counter-strike 1.6 - kopie\cstrike.exe" = protocol=6 | dir=in | app=c:\games\counter-strike 1.6 - kopie\cstrike.exe |
"TCP Query User{ED9DC388-1E8B-491A-9409-0B5B94572306}C:\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\games\world of warcraft\launcher.exe |
"TCP Query User{F3165052-3DFC-4C97-AE00-A14780FB2347}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{082981BE-5CB1-4AE1-B441-E930BEA3CB8B}C:\games\counter-strike\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\hl.exe |
"UDP Query User{0B4B3712-4616-4C1B-8109-57E02EAF2C40}C:\users\boris\desktop\cabaltemp\estsetuploader.exe" = protocol=17 | dir=in | app=c:\users\boris\desktop\cabaltemp\estsetuploader.exe |
"UDP Query User{177FBD98-2C2C-4DBF-BFDF-1BC841D3B681}C:\games\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\hl.exe |
"UDP Query User{47626C29-B9AE-4C5A-9420-983A0C96554C}C:\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{4A35C30F-48F2-4E89-B452-CB1F91C22E9B}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{4F530B68-C361-43EA-BBC5-2509CC737DCD}C:\games\counter-strike 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\cstrike.exe |
"UDP Query User{52574D6E-E774-497F-AA0D-30BB80C9AB4F}C:\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\launcher.exe |
"UDP Query User{6239525D-5100-429F-8554-107C38C1E976}C:\games\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=17 | dir=in | app=c:\games\codemasters\cmr dirt demo\dirtdemo.exe |
"UDP Query User{67AE03D8-A102-4AA7-903D-746255172F00}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{6D016738-5168-4C0F-8D03-2943DBC3A6CC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{6E9C4A3D-D35E-4F61-AFCD-87E2ABDAC482}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{70052713-0931-4916-8943-47004E44D0A6}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{829857D9-EAAC-4FF0-90C6-0D6CE373F77D}C:\program files\asus\gamerosd\sbs.exe" = protocol=17 | dir=in | app=c:\program files\asus\gamerosd\sbs.exe |
"UDP Query User{8D301480-F094-492C-89DC-8D76FC724041}C:\games\counter-strike 1.6 - kopie\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6 - kopie\cstrike.exe |
"UDP Query User{96797B0E-79DD-44D7-AE18-8211171EAE4E}C:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe" = protocol=17 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - 493f1818\launcher.exe |
"UDP Query User{9A77C595-7482-4916-AF5A-B0146006C8FB}C:\game\codemasters\cmr dirt demo\dirtdemo.exe" = protocol=17 | dir=in | app=c:\game\codemasters\cmr dirt demo\dirtdemo.exe |
"UDP Query User{9D6BB21D-5368-4FEE-8B44-ECCE84F0FC68}C:\games\sierra\counter-strike 1.5\half-life\hl.exe" = protocol=17 | dir=in | app=c:\games\sierra\counter-strike 1.5\half-life\hl.exe |
"UDP Query User{A4FBF1C3-C922-4C82-95C2-606D015B4F9C}C:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe" = protocol=17 | dir=in | app=c:\users\boris\appdata\local\temp\blizzard launcher temporary - eae86f18\launcher.exe |
"UDP Query User{AA8372B0-671D-49B9-ADC3-E19B4221130B}C:\games\counter-strike 1.6\hltv.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6\hltv.exe |
"UDP Query User{AD94166C-B816-4F6D-A323-9990FE541BFF}C:\games\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\games\counter-strike source\hl2.exe |
"UDP Query User{BF5BF17C-B442-44BE-81F6-7F8E59DBF2AC}C:\games\counter-strike\cstrike.exe" = protocol=17 | dir=in | app=c:\games\counter-strike\cstrike.exe |
"UDP Query User{C0646F38-0B64-4029-8DB3-07A1CEB445AB}C:\games\railroad tycoon ii - platinum\rt2_plat.exe" = protocol=17 | dir=in | app=c:\games\railroad tycoon ii - platinum\rt2_plat.exe |
"UDP Query User{C395AB8A-DAD9-47DE-AD0E-37794A35564D}C:\games\world of warcraft\repair.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft\repair.exe |
"UDP Query User{C611D3DC-F5F4-43A3-8FC2-859D129542C2}C:\users\hanulka\sdc204\sdc204\strongdc.exe" = protocol=17 | dir=in | app=c:\users\hanulka\sdc204\sdc204\strongdc.exe |
"UDP Query User{C860697B-0F1A-42C4-8DA7-AD1A5910F181}C:\games\counter-strike 1.6 - kopie\hl.exe" = protocol=17 | dir=in | app=c:\games\counter-strike 1.6 - kopie\hl.exe |
"UDP Query User{CB11AACD-3201-4091-84F9-B5B2A6CD4E52}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{D752603C-B131-4B7A-B37F-6FB28DA4410B}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{D9035A9B-8D28-45A5-A966-024EBAD93FDD}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{E78BFBD3-F6F6-4A67-AC82-309C34F5773F}C:\games\valve\cs 1.6\hl.exe" = protocol=17 | dir=in | app=c:\games\valve\cs 1.6\hl.exe |
"UDP Query User{E847F26A-37DF-44D5-AAF9-E9E784F6B0EE}C:\games\world of warcraft sss\launcher.exe" = protocol=17 | dir=in | app=c:\games\world of warcraft sss\launcher.exe |
"UDP Query User{F1975ED5-9539-4939-914D-E73D31FDE9FE}C:\games\valve\cs 1.6\cstrike.exe" = protocol=17 | dir=in | app=c:\games\valve\cs 1.6\cstrike.exe |
"UDP Query User{F6A277D7-BF7E-4C89-B69B-5AC72C852E2B}C:\games\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\games\warcraft iii\war3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1204162A-1E08-4BB4-8F9C-D963D6375834}" = Scan To
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}" = Gothic III Release Update
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{364EC092-93CF-4DDC-9D7A-7278452028E0}" = Logitech QuickCam
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3DACACEC-5F90-4CEF-AB6B-77E0AF71BF5C}" = hppusgM1120
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{465BB659-D126-44A9-A857-6708D0F48DB1}" = OpenOffice.org 2.2
"{49F864F5-1A85-4E69-8764-C7E4EABD8BA0}" = KWorld TV Tuner Card Utilities
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{690BE098-6D0D-493D-B079-BD7E8F81A141}" = Opera 10.10
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F88C9E5-12BD-404F-AC6A-108BAAC9B708}" = ASUS Gamer OSD
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83B0CE83-BE3C-464B-851B-19555F6A8633}" = Vista Manager
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C85AA4E-D246-4900-B6CF-D8EAF2C142F1}" = Testy Autoškola
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFAF626C-D2E6-455C-9A5A-ACDF049A6168}" = ASUS nVidia Driver
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BB1DE0B0-3AEB-4890-A4F0-3388D51BC331}" = MrvlUsgTracking
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D64FCFC0-A9A2-4F1F-AB20-7C7219735632}" = Quake Live Internet Explorer Plugin
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E110480C-5C8D-46F5-A9FE-D680E51E0D0A}" = Rhabot
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG9Uninstall" = AVG Free 9.0
"Azureus" = Azureus
"BSPlayer1" = BSPlayer
"CCleaner" = CCleaner (remove only)
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"eMusic Promotion" = eMusic - 50 Free MP3 offer
"Fraps" = Fraps
"Game Maker 6.0" = Game Maker 6.0
"Game Maker 6.1" = Game Maker 6.1
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.3.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HP LaserJet M1120 MFP" = HP LaserJet M1120 MFP Series
"ICQToolbar" = ICQ Toolbar
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.0.0
"LastFM_is1" = Last.fm 1.5.2.38918
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegauploadToolbar" = Megaupload Toolbar
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MobMap_is1" = MobMap 1.30
"NVIDIA Drivers" = NVIDIA Drivers
"Opera" = Opera
"PhotoFiltre Studio" = PhotoFiltre Studio
"PROHYBRIDR" = 2007 Microsoft Office system
"PROR" = Microsoft Office Professional 2007
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera Driver
"Scorpions WinCheater 2.07 (s databází 92)_is1" = Scorpions WinCheater
"SpeedFan" = SpeedFan (remove only)
"sporic_new_is1" = sporic_new
"Star Downloader Free" = Star Downloader Free
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Totalcmd" = Total Commander (Remove or Repair)
"TVP3XDrv" = KWorld TV713X BDA Driver
"Warcraft III" = Warcraft III
"Winamp" = Winamp (remove only)
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3038224116-2228616904-308158760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"538e2a4af313161a" = FasterPing
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 2.0.9030 RC4
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.3.2008 12:17:53 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7e4, čas
spuštění aplikace 0x01c8928197f12005.
Error - 31.3.2008 9:00:49 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7d4, čas
spuštění aplikace 0x01c8932f3af92596.
Error - 1.4.2008 9:39:35 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x998, čas
spuštění aplikace 0x01c893fdcfbd2545.
Error - 1.4.2008 11:38:20 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x1670, čas
spuštění aplikace 0x01c8940e660b7785.
Error - 2.4.2008 7:27:50 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x8c8, čas
spuštění aplikace 0x01c894b491a5fc32.
Error - 2.4.2008 12:50:52 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ICQ.exe, verze 6.0.0.6043, časové razítko 0x47691dee,
chybující modul kernel32.dll, verze 6.0.6000.16386, časové razítko 0x4549bd80,
kód výjimky 0xe06d7363, posun chyby 0x0001b09e, ID procesu 0x166c, čas spuštění aplikace
0x01c894b667413932.
Error - 3.4.2008 11:20:02 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x118, čas
spuštění aplikace 0x01c8959e29add0fa.
Error - 3.4.2008 11:22:53 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Ventrilo.exe, verze 2.1.4.0, časové razítko 0x3fe763cd,
chybující modul USER32.dll, verze 6.0.6000.16438, časové razítko 0x45d3dc0e, kód
výjimky 0xc0000005, posun chyby 0x0002f133, ID procesu 0x16dc, čas spuštění aplikace
0x01c8959e7b0cd72a.
Error - 4.4.2008 7:20:35 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x5c8, čas
spuštění aplikace 0x01c89645e24adb23.
Error - 4.4.2008 7:50:12 | Computer Name = Pazderovi-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ATKFastUserSwitching.exe, verze 7.14.10.303, časové
razítko 0x46a42587, chybující modul onetouchvga.dll, verze 1.1.3.0, časové razítko
0x46835e0e, kód výjimky 0xc0000005, posun chyby 0x0000a33f, ID procesu 0x7bc, čas
spuštění aplikace 0x01c8964a0701b3cc.
[ Media Center Events ]
Error - 16.4.2008 12:06:36 | Computer Name = Pazderovi-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku MCESpotlight
se nezdařilo.
[ System Events ]
Error - 23.4.2010 11:26:41 | Computer Name = Pazderovi-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (17:24:29, 23.4.2010) bylo neočekávané.
Error - 23.4.2010 11:27:41 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.4.2010 11:27:41 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.4.2010 1:01:54 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.4.2010 1:01:54 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.4.2010 13:56:26 | Computer Name = Pazderovi-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (19:54:29, 24.4.2010) bylo neočekávané.
Error - 24.4.2010 13:58:00 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.4.2010 13:58:00 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.4.2010 1:37:35 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.4.2010 1:37:35 | Computer Name = Pazderovi-PC | Source = Service Control Manager | ID = 7034
Description =
< End of report >
Přispějete na provoz fóra?