Zdravím a prosím o kontrolu logu, počítač se chová občas podivně... Pořádně děkuju...
Logfile of random's system information tool 1.06 (written by random/random)
Run by Photon at 2010-04-24 13:03:56
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 53 GB (50%) free of 106 GB
Total RAM: 3326 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:56:19, on 29.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchFilterHost.exe
C:\cudo\RSIT.exe
C:\Program Files\trend micro\Photon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted IP range: http://127.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
--
End of file - 6779 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000UA.job
C:\Windows\tasks\RtlVistaStart.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601ED020-FB6C-11D3-87D8-0050DA59922B}]
WsftpBrowserHelper Class - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll [2004-06-17 118830]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"FontExpertType1Loader"=C:\Program Files\FontExpert\Type1Loader.exe [2008-12-14 294152]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-12-26 196608]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-20 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Configurator.exe"=C:\Program Files\Vodafone\Configurator.exe /run []
"AdobeBridge"= []
"QuickGammaLoader"=C:\Program Files\QuickGamma\QuickGammaLoader.exe [2009-08-14 98816]
"QuickGammaResume"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ef242bd-05f5-11df-beac-002215531446}]
shell\AutoRun\command - I:\SETUP.EXE
shell\configure\command - I:\SETUP.EXE
shell\install\command - I:\SETUP.EXE
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-04-23 14:48:53 ----A---- C:\Windows\system32\gdiplus.dll
2010-04-23 14:48:53 ----A---- C:\Windows\system32\dsetup.dll
2010-04-23 14:48:52 ----D---- C:\Users\Photon\AppData\Roaming\GeoVid
2010-04-23 14:48:50 ----D---- C:\Program Files\GeoVid
2010-04-09 14:22:14 ----D---- C:\Program Files\CCleaner
2010-04-02 17:23:57 ----D---- C:\Windows\system32\TP-LINK Wireless Adapter Driver and Utility
2010-04-02 17:23:57 ----D---- C:\Program Files\TP-LINK
2010-03-30 12:43:09 ----D---- C:\Program Files\Common Files\Freedom Scientific
2010-03-30 12:43:08 ----D---- C:\Program Files\Common Files\soft602
2010-03-30 12:43:07 ----D---- C:\Program Files\Software602
2010-03-29 23:33:24 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-03-29 23:31:17 ----D---- C:\Program Files\SQUARE ENIX - Eidos Interactive
======List of files/folders modified in the last 1 months======
2010-04-24 13:04:00 ----D---- C:\Program Files\trend micro
2010-04-24 13:03:31 ----D---- C:\Windows\Prefetch
2010-04-24 13:03:22 ----D---- C:\Windows\Temp
2010-04-24 13:01:22 ----D---- C:\Users\Photon\AppData\Roaming\Skype
2010-04-24 12:45:49 ----D---- C:\Windows\System32
2010-04-24 12:45:49 ----D---- C:\Windows\inf
2010-04-24 12:45:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-24 12:40:24 ----D---- C:\Users\Photon\AppData\Roaming\skypePM
2010-04-24 12:36:27 ----D---- C:\Users\Photon\AppData\Roaming\uTorrent
2010-04-24 11:42:04 ----D---- C:\Windows
2010-04-23 14:49:02 ----SHD---- C:\Windows\Installer
2010-04-23 14:48:50 ----RD---- C:\Program Files
2010-04-22 13:48:02 ----SHD---- C:\Boot
2010-04-15 14:45:28 ----A---- C:\vraylog.txt
2010-04-09 14:34:44 ----D---- C:\Windows\Debug
2010-04-02 18:16:30 ----SD---- C:\ProgramData\Microsoft
2010-04-02 17:25:56 ----D---- C:\Windows\Tasks
2010-04-02 17:25:56 ----D---- C:\Windows\system32\Tasks
2010-04-02 17:25:53 ----D---- C:\Windows\system32\drivers
2010-04-02 17:25:52 ----D---- C:\Windows\system32\catroot
2010-04-02 17:23:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-30 12:43:09 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2006-12-15 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-04 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-01-24 56816]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2006-12-15 13824]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-25 5143552]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2007-07-18 357376]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-02-11 27632]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-02-11 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-02-11 25512]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-25 172032]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.; C:\Program Files\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-21 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
COMODO Internet Security používáte pouze jako firewall 
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
COMODO Internet Security používáte pouze jako firewall 
Re: Prosím o kontrolu logu
Ano, comodo mám jen jako firewall. Zde jsou logy, musím rozdělit. Díky moc...
OTL logfile created on: 27.4.2010 10:37:18 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Photon\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
7,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,24 Gb Total Space | 52,71 Gb Free Space | 51,06% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 32,05 Gb Free Space | 13,76% Space Free | Partition Type: NTFS
Drive E: | 155,94 Gb Total Space | 68,48 Gb Free Space | 43,91% Space Free | Partition Type: NTFS
Drive F: | 439,45 Gb Total Space | 86,30 Gb Free Space | 19,64% Space Free | Partition Type: NTFS
Drive G: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PHOTON-PC
Current User Name: Photon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.27 10:28:30 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
PRC - [2010.04.16 21:04:31 | 000,532,976 | ---- | M] (Google Inc.) -- C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.01.29 10:59:59 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.01.21 12:37:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009.11.25 05:17:34 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.11.25 05:17:04 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.19 03:12:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.12 18:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2009.03.02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.02.22 21:15:14 | 005,668,864 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.01.19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.11.20 12:52:30 | 000,045,700 | ---- | M] () -- C:\Program Files\cebas\ip-clamp\ipclamp.exe
PRC - [2007.07.26 11:10:34 | 000,794,624 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD.) -- C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006.12.26 09:08:50 | 000,196,608 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2006.10.27 16:16:48 | 012,813,096 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
========== Modules (SafeList) ==========
MOD - [2010.04.27 10:28:30 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
MOD - [2010.02.04 16:01:04 | 000,171,552 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2006.12.19 10:38:28 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Windows\System32\Amhooker.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - [2010.01.29 10:59:59 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.01.21 12:37:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.25 05:17:04 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.03.12 18:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.08.15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.20 12:52:30 | 000,045,700 | ---- | M] () [Auto | Running] -- C:\Program Files\cebas\ip-clamp\ipclamp.exe -- (IPClampService)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV - [2010.02.11 15:59:18 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.02.11 15:59:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.02.11 15:59:18 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.02.04 16:01:03 | 000,130,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010.01.29 11:00:14 | 000,074,328 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2010.01.29 11:00:06 | 000,029,520 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.01.24 17:31:05 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.01.20 20:52:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.20 11:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.11.25 05:51:32 | 005,143,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.09.30 16:31:46 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2009.05.11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.12.13 12:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2007.07.18 05:18:46 | 000,357,376 | R--- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86)
DRV - [2007.04.23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007.04.03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2006.12.15 17:09:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2006.12.15 17:09:24 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 5D D8 48 7B E4 CA 01 [binary data]
IE - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010.01.21 17:02:35 | 000,001,286 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [FontExpertType1Loader] C:\Program Files\FontExpert\Type1Loader.exe (Proxima Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [Configurator.exe] C:\Program Files\Vodafone\Configurator.exe File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [QuickGammaLoader] C:\Program Files\QuickGamma\QuickGammaLoader.exe (Eberhard Werle)
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [QuickGammaResume] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell - "" = AutoRun
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell\AutoRun\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell\configure\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell\install\command - "" = I:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2010.01.21 10:51:09 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 30 Days ==========
[2010.04.27 10:28:30 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
[2010.04.26 14:04:51 | 005,918,776 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Photon\Desktop\mbam-setup-1.45.exe
[2010.04.26 13:53:07 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\101_PANA
[2010.04.26 11:53:58 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\DVDVideoSoft
[2010.04.26 11:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.04.26 11:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.04.26 11:26:06 | 016,152,880 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\Photon\Desktop\FreeVideoToFlashConverter.exe
[2010.04.23 14:48:53 | 001,712,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2010.04.23 14:48:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsetup.dll
[2010.04.23 14:48:52 | 000,000,000 | ---D | C] -- C:\Users\Photon\AppData\Roaming\GeoVid
[2010.04.23 14:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\GeoVid
[2010.04.22 15:41:30 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Fotky
[2010.04.09 14:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.08 08:37:21 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\www.vaspes.com_files
[2010.04.06 11:03:28 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Hudy
[2010.04.05 16:23:10 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Nová složka (2)
[2010.04.04 21:21:46 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Nová složka
[2010.04.02 17:23:57 | 000,025,896 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\RtlProt.sys
[2010.04.02 17:23:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\TP-LINK Wireless Adapter Driver and Utility
[2010.04.02 17:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2010.04.01 19:24:43 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\HQ Nature Wallpapers
[2010.04.01 14:19:26 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\O2 Techzona D-Link G684T (WiFi + 4x Ethernet)_files
[2010.04.01 13:51:43 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\O2 Techzona ZyXEL P660RU-T3 (Combo USB + 1xEthernet)_files
[2010.03.30 14:21:21 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\OSVC_2009_v1_10
[2010.03.30 12:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Freedom Scientific
[2010.03.30 12:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\soft602
[2010.03.30 12:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Software602
[2010.03.29 23:34:58 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\Square Enix
[2010.03.29 23:33:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.03.29 23:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\SQUARE ENIX - Eidos Interactive
========== Files - Modified Within 30 Days ==========
[2010.04.27 10:37:33 | 002,883,584 | -HS- | M] () -- C:\Users\Photon\NTUSER.DAT
[2010.04.27 10:31:45 | 000,052,224 | ---- | M] () -- C:\Users\Photon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.27 10:28:30 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
[2010.04.27 10:14:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000UA.job
[2010.04.27 09:58:29 | 000,601,351 | ---- | M] () -- C:\Users\Photon\Desktop\Mapa.jpg
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.27 08:46:19 | 000,307,025 | ---- | M] () -- C:\Users\Photon\Desktop\Emoxen-A6-s2-copy.jpg
[2010.04.27 07:30:59 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000Core.job
[2010.04.27 07:25:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.26 19:05:52 | 000,255,667 | ---- | M] () -- C:\Users\Photon\Desktop\Emoxen-A6-s1-copy.jpg
[2010.04.26 16:45:00 | 002,292,191 | ---- | M] () -- C:\Users\Photon\Desktop\mini Emox_trojuhelnik_420x280.pdf
[2010.04.26 16:45:00 | 000,438,997 | ---- | M] () -- C:\Users\Photon\Desktop\mini Emoxen_281x388_Medical_tr.pdf
[2010.04.26 14:05:08 | 005,918,776 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Photon\Desktop\mbam-setup-1.45.exe
[2010.04.26 12:21:40 | 000,136,421 | ---- | M] () -- C:\Users\Photon\Desktop\Vizitky AZservices Smolař.jpg
[2010.04.26 12:21:26 | 000,138,452 | ---- | M] () -- C:\Users\Photon\Desktop\Vizitky AZservices Dvořák.jpg
[2010.04.26 12:21:12 | 000,139,116 | ---- | M] () -- C:\Users\Photon\Desktop\Vizitky AZservices Mlčkovský.jpg
[2010.04.26 11:57:19 | 000,618,377 | ---- | M] () -- C:\Users\Photon\Desktop\2.swf
[2010.04.26 11:57:19 | 000,003,252 | ---- | M] () -- C:\Users\Photon\Desktop\HowToUseFlash_Example.htm
[2010.04.26 11:57:19 | 000,001,763 | ---- | M] () -- C:\Users\Photon\Desktop\style.css
[2010.04.26 11:53:58 | 000,001,038 | ---- | M] () -- C:\Users\Photon\Desktop\DVDVideoSoft Free Studio.lnk
[2010.04.26 11:26:06 | 016,152,880 | ---- | M] (DVDVideoSoft Limited. ) -- C:\Users\Photon\Desktop\FreeVideoToFlashConverter.exe
[2010.04.26 10:19:49 | 001,402,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.26 10:19:49 | 000,601,854 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.26 10:19:49 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.26 10:19:49 | 000,115,998 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.26 10:19:49 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.25 17:26:13 | 000,002,880 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.04.24 13:02:48 | 000,781,909 | ---- | M] () -- C:\Users\Photon\Desktop\RSIT.exe
[2010.04.24 12:58:06 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2010.04.24 12:39:31 | 002,594,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.24 12:38:29 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2010.04.24 12:38:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.24 12:38:11 | 3488,665,600 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.24 12:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Photon\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2010.04.24 12:36:46 | 000,065,536 | -HS- | M] () -- C:\Users\Photon\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2010.04.24 12:36:24 | 006,665,988 | -H-- | M] () -- C:\Users\Photon\AppData\Local\IconCache.db
[2010.04.24 11:42:04 | 000,126,417 | ---- | M] () -- C:\Windows\FontData.fdb
[2010.04.23 17:05:36 | 000,689,724 | ---- | M] () -- C:\Users\Photon\Desktop\2-new.swf
[2010.04.23 17:05:36 | 000,000,584 | ---- | M] () -- C:\Users\Photon\Desktop\2-new.swf.html
[2010.04.23 14:48:55 | 000,000,990 | ---- | M] () -- C:\Users\Photon\Desktop\Video to Flash Converter PRO.lnk
[2010.04.23 14:15:54 | 000,129,944 | ---- | M] () -- C:\Users\Photon\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.21 13:15:08 | 012,871,862 | ---- | M] () -- C:\Users\Photon\Desktop\video-to-flash-converter-pro-6.4.3.exe
[2010.04.19 16:10:55 | 000,021,504 | ---- | M] () -- C:\Users\Photon\Documents\Kopie - MEDIA_tisk.xls
[2010.04.14 14:02:02 | 000,066,367 | ---- | M] () -- C:\Users\Photon\Desktop\TR=3d684c1cf41e2af08ae6045b1f6a7f34&OS=A&PS=W.pdf
[2010.04.14 07:45:37 | 085,847,660 | ---- | M] () -- C:\Users\Photon\Desktop\Míša_MG_1078.psd
[2010.04.13 17:08:24 | 000,258,036 | ---- | M] () -- C:\Users\Photon\Desktop\2.avi
[2010.04.13 14:39:05 | 000,143,644 | ---- | M] () -- C:\Users\Photon\Desktop\2b.avi
[2010.04.09 14:22:16 | 000,001,676 | ---- | M] () -- C:\Users\Photon\Desktop\CCleaner.lnk
[2010.04.08 11:35:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.04.08 11:35:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.04.08 08:37:21 | 000,009,067 | ---- | M] () -- C:\Users\Photon\Documents\www.vaspes.com.htm
[2010.04.02 17:25:57 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2010.04.01 19:50:22 | 002,142,324 | ---- | M] () -- C:\Users\Photon\Documents\114278_143187_dsl_684t_rychla_instalacni_prirucka.pdf
[2010.04.01 19:49:28 | 000,022,321 | ---- | M] () -- C:\Users\Photon\Documents\O2 Techzona D-Link G684T (WiFi + 4x Ethernet).htm
[2010.04.01 19:49:14 | 001,444,204 | ---- | M] () -- C:\Users\Photon\Documents\114282_143189_o2_g684t_navod_ke_snadne_instalaci.pdf
[2010.04.01 19:29:17 | 000,023,012 | ---- | M] () -- C:\Users\Photon\Desktop\Vyplneno_VZP.zfo
[2010.04.01 13:51:43 | 000,018,392 | ---- | M] () -- C:\Users\Photon\Documents\O2 Techzona ZyXEL P660RU-T3 (Combo USB + 1xEthernet).htm
[2010.03.31 13:40:40 | 000,118,338 | ---- | M] () -- C:\Users\Photon\Documents\seminárka 2.docx
[2010.03.31 00:38:29 | 000,021,519 | ---- | M] () -- C:\Users\Photon\Desktop\VZP.zfo
[2010.03.30 14:21:36 | 000,879,713 | ---- | M] () -- C:\Users\Photon\Desktop\Vyplneno_DAP_FO.zfo
[2010.03.30 12:41:43 | 000,491,178 | ---- | M] () -- C:\Users\Photon\Desktop\DAP_FO.zfo
========== Files Created - No Company Name ==========
[2010.04.27 09:58:27 | 000,601,351 | ---- | C] () -- C:\Users\Photon\Desktop\Mapa.jpg
[2010.04.27 08:46:19 | 000,307,025 | ---- | C] () -- C:\Users\Photon\Desktop\Emoxen-A6-s2-copy.jpg
[2010.04.26 19:05:51 | 000,255,667 | ---- | C] () -- C:\Users\Photon\Desktop\Emoxen-A6-s1-copy.jpg
[2010.04.26 16:45:00 | 002,292,191 | ---- | C] () -- C:\Users\Photon\Desktop\mini Emox_trojuhelnik_420x280.pdf
[2010.04.26 16:45:00 | 000,438,997 | ---- | C] () -- C:\Users\Photon\Desktop\mini Emoxen_281x388_Medical_tr.pdf
[2010.04.26 12:21:36 | 000,136,421 | ---- | C] () -- C:\Users\Photon\Desktop\Vizitky AZservices Smolař.jpg
[2010.04.26 12:21:22 | 000,138,452 | ---- | C] () -- C:\Users\Photon\Desktop\Vizitky AZservices Dvořák.jpg
[2010.04.26 12:21:03 | 000,139,116 | ---- | C] () -- C:\Users\Photon\Desktop\Vizitky AZservices Mlčkovský.jpg
[2010.04.26 11:57:19 | 000,003,252 | ---- | C] () -- C:\Users\Photon\Desktop\HowToUseFlash_Example.htm
[2010.04.26 11:57:19 | 000,001,763 | ---- | C] () -- C:\Users\Photon\Desktop\style.css
[2010.04.26 11:57:16 | 000,618,377 | ---- | C] () -- C:\Users\Photon\Desktop\2.swf
[2010.04.26 11:53:58 | 000,001,038 | ---- | C] () -- C:\Users\Photon\Desktop\DVDVideoSoft Free Studio.lnk
[2010.04.24 13:02:48 | 000,781,909 | ---- | C] () -- C:\Users\Photon\Desktop\RSIT.exe
[2010.04.23 14:53:37 | 000,034,353 | ---- | C] () -- C:\Users\Photon\Desktop\mediaplayer.swf
[2010.04.23 14:53:37 | 000,000,584 | ---- | C] () -- C:\Users\Photon\Desktop\2-new.swf.html
[2010.04.23 14:53:29 | 000,689,724 | ---- | C] () -- C:\Users\Photon\Desktop\2-new.swf
[2010.04.23 14:48:55 | 000,000,990 | ---- | C] () -- C:\Users\Photon\Desktop\Video to Flash Converter PRO.lnk
[2010.04.21 13:13:39 | 012,871,862 | ---- | C] () -- C:\Users\Photon\Desktop\video-to-flash-converter-pro-6.4.3.exe
[2010.04.19 16:10:54 | 000,021,504 | ---- | C] () -- C:\Users\Photon\Documents\Kopie - MEDIA_tisk.xls
[2010.04.14 14:02:02 | 000,066,367 | ---- | C] () -- C:\Users\Photon\Desktop\TR=3d684c1cf41e2af08ae6045b1f6a7f34&OS=A&PS=W.pdf
[2010.04.14 07:45:31 | 085,847,660 | ---- | C] () -- C:\Users\Photon\Desktop\Míša_MG_1078.psd
[2010.04.13 14:37:33 | 000,143,644 | ---- | C] () -- C:\Users\Photon\Desktop\2b.avi
[2010.04.13 14:30:55 | 000,258,036 | ---- | C] () -- C:\Users\Photon\Desktop\2.avi
[2010.04.09 14:22:16 | 000,001,676 | ---- | C] () -- C:\Users\Photon\Desktop\CCleaner.lnk
[2010.04.08 11:35:04 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.04.08 11:35:04 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.04.08 08:37:19 | 000,009,067 | ---- | C] () -- C:\Users\Photon\Documents\www.vaspes.com.htm
[2010.04.02 17:25:57 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2010.04.02 17:25:56 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\RtlVistaStart.job
[2010.04.01 19:50:22 | 002,142,324 | ---- | C] () -- C:\Users\Photon\Documents\114278_143187_dsl_684t_rychla_instalacni_prirucka.pdf
[2010.04.01 19:49:14 | 001,444,204 | ---- | C] () -- C:\Users\Photon\Documents\114282_143189_o2_g684t_navod_ke_snadne_instalaci.pdf
[2010.04.01 19:29:16 | 000,023,012 | ---- | C] () -- C:\Users\Photon\Desktop\Vyplneno_VZP.zfo
[2010.04.01 14:19:25 | 000,022,321 | ---- | C] () -- C:\Users\Photon\Documents\O2 Techzona D-Link G684T (WiFi + 4x Ethernet).htm
[2010.04.01 13:51:42 | 000,018,392 | ---- | C] () -- C:\Users\Photon\Documents\O2 Techzona ZyXEL P660RU-T3 (Combo USB + 1xEthernet).htm
[2010.03.31 13:40:39 | 000,118,338 | ---- | C] () -- C:\Users\Photon\Documents\seminárka 2.docx
[2010.03.31 00:38:28 | 000,021,519 | ---- | C] () -- C:\Users\Photon\Desktop\VZP.zfo
[2010.03.30 13:46:06 | 000,879,713 | ---- | C] () -- C:\Users\Photon\Desktop\Vyplneno_DAP_FO.zfo
[2010.03.30 12:41:42 | 000,491,178 | ---- | C] () -- C:\Users\Photon\Desktop\DAP_FO.zfo
[2010.03.19 19:15:54 | 000,000,528 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010.03.19 17:58:53 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2010.03.19 16:27:02 | 000,000,487 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.03.08 14:29:32 | 000,000,187 | ---- | C] () -- C:\Windows\{F7BF4003-29AD-4528-8512-7EDFEC737C7A}_WiseFW.ini
[2010.03.08 14:08:43 | 000,000,208 | ---- | C] () -- C:\Windows\{6BC52438-5DE4-4102-846E-64C225A0A04E}_WiseFW.ini
[2010.01.27 02:08:26 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.01.27 02:08:26 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.01.27 02:08:25 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.01.27 02:08:25 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.01.27 02:08:25 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.01.27 02:08:24 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.01.27 02:08:24 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.01.21 11:18:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.01.20 20:52:38 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.01.20 19:25:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.03 10:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.09.30 03:44:52 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004.08.13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
========== LOP Check ==========
[2010.01.26 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Autodesk
[2010.02.09 22:04:00 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Bytemobile
[2010.01.20 21:27:21 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DAEMON Tools Lite
[2010.02.06 01:46:45 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DeepBurner
[2010.04.23 14:49:10 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\GeoVid
[2010.02.10 06:43:48 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\MOBILedit
[2010.01.21 14:37:09 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Proxima Software
[2010.04.24 12:36:27 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\uTorrent
[2010.02.09 22:11:44 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Vodafone
[2010.04.24 12:38:29 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2010.04.24 12:36:52 | 000,023,112 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.01.20 19:59:19 | 000,135,664 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)
"Configurator.exe" = C:\Program Files\Vodafone\Configurator.exe /run -- File not found
"AdobeBridge" =
"QuickGammaLoader" = C:\Program Files\QuickGamma\QuickGammaLoader.exe -- [2009.08.14 23:31:42 | 000,098,816 | ---- | M] (Eberhard Werle)
"QuickGammaResume" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.03.13 18:48:30 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Adobe
[2010.01.20 20:15:43 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\ATI
[2010.01.26 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Autodesk
[2010.02.09 22:04:00 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Bytemobile
[2010.01.22 11:54:24 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Corel
[2010.01.20 21:27:21 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DAEMON Tools Lite
[2010.02.06 01:46:45 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DeepBurner
[2010.01.21 07:18:38 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\FastStone
[2010.02.09 22:22:29 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\FLEXnet
[2010.04.23 14:49:10 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\GeoVid
[2010.01.20 19:17:25 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Identities
[2010.01.20 19:33:20 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\InstallShield
[2010.01.21 05:57:00 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Ipswitch
[2010.03.19 15:50:23 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Macromedia
[2010.01.27 02:08:39 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Media Player Classic
[2010.03.12 02:37:23 | 000,000,000 | --SD | M] -- C:\Users\Photon\AppData\Roaming\Microsoft
[2010.02.10 06:43:48 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\MOBILedit
[2010.01.21 14:37:09 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Proxima Software
[2010.04.27 10:35:55 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Skype
[2010.04.27 08:01:03 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\skypePM
[2010.04.24 12:36:27 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\uTorrent
[2010.02.09 22:11:44 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Vodafone
[2010.01.31 16:39:27 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Winamp
[2010.01.21 06:55:08 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2010.01.20 20:08:06 | 000,010,134 | R--- | M] () -- C:\Users\Photon\AppData\Roaming\Microsoft\Installer\{A2D08D5A-74E8-7509-452A-E40E63D8FFC2}\ARPPRODUCTICON.exe
[2009.09.12 23:20:28 | 000,245,248 | ---- | M] (www.half-open.com) -- C:\Users\Photon\AppData\Roaming\uTorrent\half-open-fix.exe
[2010.01.21 12:32:37 | 000,697,965 | ---- | M] () -- C:\Users\Photon\AppData\Roaming\uTorrent\unins000.exe
[2010.03.18 23:27:13 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Photon\AppData\Roaming\uTorrent\utorrent.exe
< MD5 for: AGP440.SYS >
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2010.01.20 23:16:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010.01.20 23:16:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010.01.20 23:16:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
OTL logfile created on: 27.4.2010 10:37:18 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Photon\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
7,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,24 Gb Total Space | 52,71 Gb Free Space | 51,06% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 32,05 Gb Free Space | 13,76% Space Free | Partition Type: NTFS
Drive E: | 155,94 Gb Total Space | 68,48 Gb Free Space | 43,91% Space Free | Partition Type: NTFS
Drive F: | 439,45 Gb Total Space | 86,30 Gb Free Space | 19,64% Space Free | Partition Type: NTFS
Drive G: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PHOTON-PC
Current User Name: Photon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.04.27 10:28:30 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
PRC - [2010.04.16 21:04:31 | 000,532,976 | ---- | M] (Google Inc.) -- C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010.01.29 10:59:59 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.01.21 12:37:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2009.11.25 05:17:34 | 000,368,640 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.11.25 05:17:04 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.10.19 03:12:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.12 18:36:24 | 000,086,016 | ---- | M] () -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
PRC - [2009.03.02 13:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.02.22 21:15:14 | 005,668,864 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe
PRC - [2008.06.11 23:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008.01.19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.11.20 12:52:30 | 000,045,700 | ---- | M] () -- C:\Program Files\cebas\ip-clamp\ipclamp.exe
PRC - [2007.07.26 11:10:34 | 000,794,624 | ---- | M] (TP-LINK TECHNOLOGIES CO., LTD.) -- C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006.12.26 09:08:50 | 000,196,608 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe
PRC - [2006.10.27 16:16:48 | 012,813,096 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
========== Modules (SafeList) ==========
MOD - [2010.04.27 10:28:30 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
MOD - [2010.02.04 16:01:04 | 000,171,552 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2006.12.19 10:38:28 | 000,036,864 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Windows\System32\Amhooker.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
SRV - [2010.01.29 10:59:59 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.01.21 12:37:38 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.25 05:17:04 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.21 14:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 16:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.03.12 18:36:24 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe -- (mi-raysat_3dsmax2010_32)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.08.15 06:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.11.20 12:52:30 | 000,045,700 | ---- | M] () [Auto | Running] -- C:\Program Files\cebas\ip-clamp\ipclamp.exe -- (IPClampService)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
========== Driver Services (SafeList) ==========
DRV - [2010.02.11 15:59:18 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.02.11 15:59:18 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.02.11 15:59:18 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.02.04 16:01:03 | 000,130,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010.01.29 11:00:14 | 000,074,328 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2010.01.29 11:00:06 | 000,029,520 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.01.24 17:31:05 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.01.20 20:52:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.20 11:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.11.25 05:51:32 | 005,143,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.09.30 16:31:46 | 000,103,440 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2009.05.11 10:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 10:33:07 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.12.13 12:27:50 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.08.14 08:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)
DRV - [2007.07.18 05:18:46 | 000,357,376 | R--- | M] (Realtek) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL85n86.sys -- (RTL85n86)
DRV - [2007.04.23 10:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | System | Running] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007.04.03 13:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 13:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 13:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 13:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 13:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 13:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 13:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2006.12.15 17:09:50 | 000,013,824 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2006.12.15 17:09:24 | 000,008,704 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2004.08.13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 5D D8 48 7B E4 CA 01 [binary data]
IE - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2010.01.21 17:02:35 | 000,001,286 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [FontExpertType1Loader] C:\Program Files\FontExpert\Type1Loader.exe (Proxima Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [Configurator.exe] C:\Program Files\Vodafone\Configurator.exe File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [QuickGammaLoader] C:\Program Files\QuickGamma\QuickGammaLoader.exe (Eberhard Werle)
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [QuickGammaResume] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell - "" = AutoRun
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell\AutoRun\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell\configure\command - "" = I:\SETUP.EXE -- File not found
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell\install\command - "" = I:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2010.01.21 10:51:09 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 30 Days ==========
[2010.04.27 10:28:30 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
[2010.04.26 14:04:51 | 005,918,776 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Photon\Desktop\mbam-setup-1.45.exe
[2010.04.26 13:53:07 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\101_PANA
[2010.04.26 11:53:58 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\DVDVideoSoft
[2010.04.26 11:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.04.26 11:53:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.04.26 11:26:06 | 016,152,880 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\Photon\Desktop\FreeVideoToFlashConverter.exe
[2010.04.23 14:48:53 | 001,712,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2010.04.23 14:48:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsetup.dll
[2010.04.23 14:48:52 | 000,000,000 | ---D | C] -- C:\Users\Photon\AppData\Roaming\GeoVid
[2010.04.23 14:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\GeoVid
[2010.04.22 15:41:30 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Fotky
[2010.04.09 14:22:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.08 08:37:21 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\www.vaspes.com_files
[2010.04.06 11:03:28 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Hudy
[2010.04.05 16:23:10 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Nová složka (2)
[2010.04.04 21:21:46 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\Nová složka
[2010.04.02 17:23:57 | 000,025,896 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\RtlProt.sys
[2010.04.02 17:23:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\TP-LINK Wireless Adapter Driver and Utility
[2010.04.02 17:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\TP-LINK
[2010.04.01 19:24:43 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\HQ Nature Wallpapers
[2010.04.01 14:19:26 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\O2 Techzona D-Link G684T (WiFi + 4x Ethernet)_files
[2010.04.01 13:51:43 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\O2 Techzona ZyXEL P660RU-T3 (Combo USB + 1xEthernet)_files
[2010.03.30 14:21:21 | 000,000,000 | ---D | C] -- C:\Users\Photon\Desktop\OSVC_2009_v1_10
[2010.03.30 12:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Freedom Scientific
[2010.03.30 12:43:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\soft602
[2010.03.30 12:43:07 | 000,000,000 | ---D | C] -- C:\Program Files\Software602
[2010.03.29 23:34:58 | 000,000,000 | ---D | C] -- C:\Users\Photon\Documents\Square Enix
[2010.03.29 23:33:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.03.29 23:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\SQUARE ENIX - Eidos Interactive
========== Files - Modified Within 30 Days ==========
[2010.04.27 10:37:33 | 002,883,584 | -HS- | M] () -- C:\Users\Photon\NTUSER.DAT
[2010.04.27 10:31:45 | 000,052,224 | ---- | M] () -- C:\Users\Photon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.27 10:28:30 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\Photon\Desktop\OTL.exe
[2010.04.27 10:14:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000UA.job
[2010.04.27 09:58:29 | 000,601,351 | ---- | M] () -- C:\Users\Photon\Desktop\Mapa.jpg
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.27 08:46:19 | 000,307,025 | ---- | M] () -- C:\Users\Photon\Desktop\Emoxen-A6-s2-copy.jpg
[2010.04.27 07:30:59 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000Core.job
[2010.04.27 07:25:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.26 19:05:52 | 000,255,667 | ---- | M] () -- C:\Users\Photon\Desktop\Emoxen-A6-s1-copy.jpg
[2010.04.26 16:45:00 | 002,292,191 | ---- | M] () -- C:\Users\Photon\Desktop\mini Emox_trojuhelnik_420x280.pdf
[2010.04.26 16:45:00 | 000,438,997 | ---- | M] () -- C:\Users\Photon\Desktop\mini Emoxen_281x388_Medical_tr.pdf
[2010.04.26 14:05:08 | 005,918,776 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Photon\Desktop\mbam-setup-1.45.exe
[2010.04.26 12:21:40 | 000,136,421 | ---- | M] () -- C:\Users\Photon\Desktop\Vizitky AZservices Smolař.jpg
[2010.04.26 12:21:26 | 000,138,452 | ---- | M] () -- C:\Users\Photon\Desktop\Vizitky AZservices Dvořák.jpg
[2010.04.26 12:21:12 | 000,139,116 | ---- | M] () -- C:\Users\Photon\Desktop\Vizitky AZservices Mlčkovský.jpg
[2010.04.26 11:57:19 | 000,618,377 | ---- | M] () -- C:\Users\Photon\Desktop\2.swf
[2010.04.26 11:57:19 | 000,003,252 | ---- | M] () -- C:\Users\Photon\Desktop\HowToUseFlash_Example.htm
[2010.04.26 11:57:19 | 000,001,763 | ---- | M] () -- C:\Users\Photon\Desktop\style.css
[2010.04.26 11:53:58 | 000,001,038 | ---- | M] () -- C:\Users\Photon\Desktop\DVDVideoSoft Free Studio.lnk
[2010.04.26 11:26:06 | 016,152,880 | ---- | M] (DVDVideoSoft Limited. ) -- C:\Users\Photon\Desktop\FreeVideoToFlashConverter.exe
[2010.04.26 10:19:49 | 001,402,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.26 10:19:49 | 000,601,854 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.26 10:19:49 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.26 10:19:49 | 000,115,998 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.26 10:19:49 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.25 17:26:13 | 000,002,880 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.04.24 13:02:48 | 000,781,909 | ---- | M] () -- C:\Users\Photon\Desktop\RSIT.exe
[2010.04.24 12:58:06 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2010.04.24 12:39:31 | 002,594,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.24 12:38:29 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlVistaStart.job
[2010.04.24 12:38:28 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.24 12:38:11 | 3488,665,600 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.24 12:36:46 | 000,524,288 | -HS- | M] () -- C:\Users\Photon\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TMContainer00000000000000000001.regtrans-ms
[2010.04.24 12:36:46 | 000,065,536 | -HS- | M] () -- C:\Users\Photon\NTUSER.DAT{3d4e88f1-6a70-11db-b1ba-d64300c9c793}.TM.blf
[2010.04.24 12:36:24 | 006,665,988 | -H-- | M] () -- C:\Users\Photon\AppData\Local\IconCache.db
[2010.04.24 11:42:04 | 000,126,417 | ---- | M] () -- C:\Windows\FontData.fdb
[2010.04.23 17:05:36 | 000,689,724 | ---- | M] () -- C:\Users\Photon\Desktop\2-new.swf
[2010.04.23 17:05:36 | 000,000,584 | ---- | M] () -- C:\Users\Photon\Desktop\2-new.swf.html
[2010.04.23 14:48:55 | 000,000,990 | ---- | M] () -- C:\Users\Photon\Desktop\Video to Flash Converter PRO.lnk
[2010.04.23 14:15:54 | 000,129,944 | ---- | M] () -- C:\Users\Photon\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.21 13:15:08 | 012,871,862 | ---- | M] () -- C:\Users\Photon\Desktop\video-to-flash-converter-pro-6.4.3.exe
[2010.04.19 16:10:55 | 000,021,504 | ---- | M] () -- C:\Users\Photon\Documents\Kopie - MEDIA_tisk.xls
[2010.04.14 14:02:02 | 000,066,367 | ---- | M] () -- C:\Users\Photon\Desktop\TR=3d684c1cf41e2af08ae6045b1f6a7f34&OS=A&PS=W.pdf
[2010.04.14 07:45:37 | 085,847,660 | ---- | M] () -- C:\Users\Photon\Desktop\Míša_MG_1078.psd
[2010.04.13 17:08:24 | 000,258,036 | ---- | M] () -- C:\Users\Photon\Desktop\2.avi
[2010.04.13 14:39:05 | 000,143,644 | ---- | M] () -- C:\Users\Photon\Desktop\2b.avi
[2010.04.09 14:22:16 | 000,001,676 | ---- | M] () -- C:\Users\Photon\Desktop\CCleaner.lnk
[2010.04.08 11:35:04 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.04.08 11:35:04 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.04.08 08:37:21 | 000,009,067 | ---- | M] () -- C:\Users\Photon\Documents\www.vaspes.com.htm
[2010.04.02 17:25:57 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2010.04.01 19:50:22 | 002,142,324 | ---- | M] () -- C:\Users\Photon\Documents\114278_143187_dsl_684t_rychla_instalacni_prirucka.pdf
[2010.04.01 19:49:28 | 000,022,321 | ---- | M] () -- C:\Users\Photon\Documents\O2 Techzona D-Link G684T (WiFi + 4x Ethernet).htm
[2010.04.01 19:49:14 | 001,444,204 | ---- | M] () -- C:\Users\Photon\Documents\114282_143189_o2_g684t_navod_ke_snadne_instalaci.pdf
[2010.04.01 19:29:17 | 000,023,012 | ---- | M] () -- C:\Users\Photon\Desktop\Vyplneno_VZP.zfo
[2010.04.01 13:51:43 | 000,018,392 | ---- | M] () -- C:\Users\Photon\Documents\O2 Techzona ZyXEL P660RU-T3 (Combo USB + 1xEthernet).htm
[2010.03.31 13:40:40 | 000,118,338 | ---- | M] () -- C:\Users\Photon\Documents\seminárka 2.docx
[2010.03.31 00:38:29 | 000,021,519 | ---- | M] () -- C:\Users\Photon\Desktop\VZP.zfo
[2010.03.30 14:21:36 | 000,879,713 | ---- | M] () -- C:\Users\Photon\Desktop\Vyplneno_DAP_FO.zfo
[2010.03.30 12:41:43 | 000,491,178 | ---- | M] () -- C:\Users\Photon\Desktop\DAP_FO.zfo
========== Files Created - No Company Name ==========
[2010.04.27 09:58:27 | 000,601,351 | ---- | C] () -- C:\Users\Photon\Desktop\Mapa.jpg
[2010.04.27 08:46:19 | 000,307,025 | ---- | C] () -- C:\Users\Photon\Desktop\Emoxen-A6-s2-copy.jpg
[2010.04.26 19:05:51 | 000,255,667 | ---- | C] () -- C:\Users\Photon\Desktop\Emoxen-A6-s1-copy.jpg
[2010.04.26 16:45:00 | 002,292,191 | ---- | C] () -- C:\Users\Photon\Desktop\mini Emox_trojuhelnik_420x280.pdf
[2010.04.26 16:45:00 | 000,438,997 | ---- | C] () -- C:\Users\Photon\Desktop\mini Emoxen_281x388_Medical_tr.pdf
[2010.04.26 12:21:36 | 000,136,421 | ---- | C] () -- C:\Users\Photon\Desktop\Vizitky AZservices Smolař.jpg
[2010.04.26 12:21:22 | 000,138,452 | ---- | C] () -- C:\Users\Photon\Desktop\Vizitky AZservices Dvořák.jpg
[2010.04.26 12:21:03 | 000,139,116 | ---- | C] () -- C:\Users\Photon\Desktop\Vizitky AZservices Mlčkovský.jpg
[2010.04.26 11:57:19 | 000,003,252 | ---- | C] () -- C:\Users\Photon\Desktop\HowToUseFlash_Example.htm
[2010.04.26 11:57:19 | 000,001,763 | ---- | C] () -- C:\Users\Photon\Desktop\style.css
[2010.04.26 11:57:16 | 000,618,377 | ---- | C] () -- C:\Users\Photon\Desktop\2.swf
[2010.04.26 11:53:58 | 000,001,038 | ---- | C] () -- C:\Users\Photon\Desktop\DVDVideoSoft Free Studio.lnk
[2010.04.24 13:02:48 | 000,781,909 | ---- | C] () -- C:\Users\Photon\Desktop\RSIT.exe
[2010.04.23 14:53:37 | 000,034,353 | ---- | C] () -- C:\Users\Photon\Desktop\mediaplayer.swf
[2010.04.23 14:53:37 | 000,000,584 | ---- | C] () -- C:\Users\Photon\Desktop\2-new.swf.html
[2010.04.23 14:53:29 | 000,689,724 | ---- | C] () -- C:\Users\Photon\Desktop\2-new.swf
[2010.04.23 14:48:55 | 000,000,990 | ---- | C] () -- C:\Users\Photon\Desktop\Video to Flash Converter PRO.lnk
[2010.04.21 13:13:39 | 012,871,862 | ---- | C] () -- C:\Users\Photon\Desktop\video-to-flash-converter-pro-6.4.3.exe
[2010.04.19 16:10:54 | 000,021,504 | ---- | C] () -- C:\Users\Photon\Documents\Kopie - MEDIA_tisk.xls
[2010.04.14 14:02:02 | 000,066,367 | ---- | C] () -- C:\Users\Photon\Desktop\TR=3d684c1cf41e2af08ae6045b1f6a7f34&OS=A&PS=W.pdf
[2010.04.14 07:45:31 | 085,847,660 | ---- | C] () -- C:\Users\Photon\Desktop\Míša_MG_1078.psd
[2010.04.13 14:37:33 | 000,143,644 | ---- | C] () -- C:\Users\Photon\Desktop\2b.avi
[2010.04.13 14:30:55 | 000,258,036 | ---- | C] () -- C:\Users\Photon\Desktop\2.avi
[2010.04.09 14:22:16 | 000,001,676 | ---- | C] () -- C:\Users\Photon\Desktop\CCleaner.lnk
[2010.04.08 11:35:04 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.04.08 11:35:04 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.04.08 08:37:19 | 000,009,067 | ---- | C] () -- C:\Users\Photon\Documents\www.vaspes.com.htm
[2010.04.02 17:25:57 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\TP-LINK Wireless Utility.lnk
[2010.04.02 17:25:56 | 000,000,276 | ---- | C] () -- C:\Windows\tasks\RtlVistaStart.job
[2010.04.01 19:50:22 | 002,142,324 | ---- | C] () -- C:\Users\Photon\Documents\114278_143187_dsl_684t_rychla_instalacni_prirucka.pdf
[2010.04.01 19:49:14 | 001,444,204 | ---- | C] () -- C:\Users\Photon\Documents\114282_143189_o2_g684t_navod_ke_snadne_instalaci.pdf
[2010.04.01 19:29:16 | 000,023,012 | ---- | C] () -- C:\Users\Photon\Desktop\Vyplneno_VZP.zfo
[2010.04.01 14:19:25 | 000,022,321 | ---- | C] () -- C:\Users\Photon\Documents\O2 Techzona D-Link G684T (WiFi + 4x Ethernet).htm
[2010.04.01 13:51:42 | 000,018,392 | ---- | C] () -- C:\Users\Photon\Documents\O2 Techzona ZyXEL P660RU-T3 (Combo USB + 1xEthernet).htm
[2010.03.31 13:40:39 | 000,118,338 | ---- | C] () -- C:\Users\Photon\Documents\seminárka 2.docx
[2010.03.31 00:38:28 | 000,021,519 | ---- | C] () -- C:\Users\Photon\Desktop\VZP.zfo
[2010.03.30 13:46:06 | 000,879,713 | ---- | C] () -- C:\Users\Photon\Desktop\Vyplneno_DAP_FO.zfo
[2010.03.30 12:41:42 | 000,491,178 | ---- | C] () -- C:\Users\Photon\Desktop\DAP_FO.zfo
[2010.03.19 19:15:54 | 000,000,528 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010.03.19 17:58:53 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2010.03.19 16:27:02 | 000,000,487 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.03.08 14:29:32 | 000,000,187 | ---- | C] () -- C:\Windows\{F7BF4003-29AD-4528-8512-7EDFEC737C7A}_WiseFW.ini
[2010.03.08 14:08:43 | 000,000,208 | ---- | C] () -- C:\Windows\{6BC52438-5DE4-4102-846E-64C225A0A04E}_WiseFW.ini
[2010.01.27 02:08:26 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.01.27 02:08:26 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.01.27 02:08:25 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.01.27 02:08:25 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.01.27 02:08:25 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.01.27 02:08:24 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.01.27 02:08:24 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.01.21 11:18:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.01.20 20:52:38 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.01.20 19:25:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.03 10:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.09.30 03:44:52 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004.08.13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
========== LOP Check ==========
[2010.01.26 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Autodesk
[2010.02.09 22:04:00 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Bytemobile
[2010.01.20 21:27:21 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DAEMON Tools Lite
[2010.02.06 01:46:45 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DeepBurner
[2010.04.23 14:49:10 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\GeoVid
[2010.02.10 06:43:48 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\MOBILedit
[2010.01.21 14:37:09 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Proxima Software
[2010.04.24 12:36:27 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\uTorrent
[2010.02.09 22:11:44 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Vodafone
[2010.04.24 12:38:29 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2010.04.24 12:36:52 | 000,023,112 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.01.20 19:59:19 | 000,135,664 | ---- | M] (Google Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2009.10.09 14:11:12 | 025,623,336 | R--- | M] (Skype Technologies S.A.)
"Configurator.exe" = C:\Program Files\Vodafone\Configurator.exe /run -- File not found
"AdobeBridge" =
"QuickGammaLoader" = C:\Program Files\QuickGamma\QuickGammaLoader.exe -- [2009.08.14 23:31:42 | 000,098,816 | ---- | M] (Eberhard Werle)
"QuickGammaResume" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.03.13 18:48:30 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Adobe
[2010.01.20 20:15:43 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\ATI
[2010.01.26 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Autodesk
[2010.02.09 22:04:00 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Bytemobile
[2010.01.22 11:54:24 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Corel
[2010.01.20 21:27:21 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DAEMON Tools Lite
[2010.02.06 01:46:45 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\DeepBurner
[2010.01.21 07:18:38 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\FastStone
[2010.02.09 22:22:29 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\FLEXnet
[2010.04.23 14:49:10 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\GeoVid
[2010.01.20 19:17:25 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Identities
[2010.01.20 19:33:20 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\InstallShield
[2010.01.21 05:57:00 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Ipswitch
[2010.03.19 15:50:23 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Macromedia
[2010.01.27 02:08:39 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Media Player Classic
[2010.03.12 02:37:23 | 000,000,000 | --SD | M] -- C:\Users\Photon\AppData\Roaming\Microsoft
[2010.02.10 06:43:48 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\MOBILedit
[2010.01.21 14:37:09 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Proxima Software
[2010.04.27 10:35:55 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Skype
[2010.04.27 08:01:03 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\skypePM
[2010.04.24 12:36:27 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\uTorrent
[2010.02.09 22:11:44 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Vodafone
[2010.01.31 16:39:27 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\Winamp
[2010.01.21 06:55:08 | 000,000,000 | ---D | M] -- C:\Users\Photon\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2010.01.20 20:08:06 | 000,010,134 | R--- | M] () -- C:\Users\Photon\AppData\Roaming\Microsoft\Installer\{A2D08D5A-74E8-7509-452A-E40E63D8FFC2}\ARPPRODUCTICON.exe
[2009.09.12 23:20:28 | 000,245,248 | ---- | M] (www.half-open.com) -- C:\Users\Photon\AppData\Roaming\uTorrent\half-open-fix.exe
[2010.01.21 12:32:37 | 000,697,965 | ---- | M] () -- C:\Users\Photon\AppData\Roaming\uTorrent\unins000.exe
[2010.03.18 23:27:13 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Photon\AppData\Roaming\uTorrent\utorrent.exe
< MD5 for: AGP440.SYS >
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2010.01.20 23:16:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010.01.20 23:16:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010.01.20 23:16:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
Re: Prosím o kontrolu logu
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 00:34:02 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2010.01.20 23:15:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010.01.20 23:15:15 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010.01.20 23:15:15 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2010.01.20 23:54:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2010.01.20 23:54:15 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2010.01.20 23:15:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2010.01.21 02:03:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2010.01.20 23:50:16 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2010.01.20 23:50:17 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2010.01.20 23:50:17 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2010.01.20 22:58:07 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2010.01.21 02:03:27 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2010.01.20 23:50:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2010.01.20 22:58:06 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2010.01.21 02:03:31 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2010.01.20 23:50:20 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2010.01.20 23:50:13 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2010.01.20 23:50:19 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: MV61XX.SYS >
[2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) MD5=A1AE994C0F4C5F48E5FBF3A2A6453C81 -- C:\Program Files\Marvell\61xx\driver\mv61xx.sys
[2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) MD5=A1AE994C0F4C5F48E5FBF3A2A6453C81 -- C:\Windows\System32\drivers\mv61xx.sys
[2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) MD5=A1AE994C0F4C5F48E5FBF3A2A6453C81 -- C:\Windows\System32\DriverStore\FileRepository\mv61xx.inf_8f234f6d\mv61xx.sys
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 00:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 00:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 00:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 00:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.19 00:33:32 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2010.01.21 02:05:17 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2010.01.21 02:05:14 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.01.21 02:05:17 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.01.20 23:13:41 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.01.20 23:13:42 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.01.21 02:05:16 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2010.01.21 02:05:14 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\System32\drivers\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2010.01.21 02:05:16 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.11.25 05:18:02 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.20 20:52:38 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2009.11.25 05:18:02 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.24 12:39:31 | 002,594,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.26 10:19:49 | 000,115,998 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.26 10:19:49 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.26 10:19:49 | 000,601,854 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.26 10:19:49 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.26 10:19:49 | 001,402,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
< End of report >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 00:34:02 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2010.01.20 23:15:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010.01.20 23:15:15 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010.01.20 23:15:15 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2010.01.20 23:54:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2010.01.20 23:54:15 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2010.01.20 23:15:16 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys
< MD5 for: LSASS.EXE >
[2010.01.21 02:03:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2010.01.20 23:50:16 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2010.01.20 23:50:17 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2010.01.20 23:50:17 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2010.01.20 22:58:07 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2010.01.21 02:03:27 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2010.01.20 23:50:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2010.01.20 22:58:06 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2010.01.21 02:03:31 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2010.01.20 23:50:20 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2010.01.20 23:50:13 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2010.01.20 23:50:19 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2010.01.20 22:58:03 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
< MD5 for: MV61XX.SYS >
[2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) MD5=A1AE994C0F4C5F48E5FBF3A2A6453C81 -- C:\Program Files\Marvell\61xx\driver\mv61xx.sys
[2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) MD5=A1AE994C0F4C5F48E5FBF3A2A6453C81 -- C:\Windows\System32\drivers\mv61xx.sys
[2009.08.06 08:28:16 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) MD5=A1AE994C0F4C5F48E5FBF3A2A6453C81 -- C:\Windows\System32\DriverStore\FileRepository\mv61xx.inf_8f234f6d\mv61xx.sys
< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 00:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 00:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 00:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 00:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SMSS.EXE >
[2008.01.19 00:33:32 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2010.01.21 02:05:17 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2010.01.21 02:05:14 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.01.21 02:05:17 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.01.20 23:13:41 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2010.01.20 23:13:42 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.01.21 02:05:16 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2010.01.21 02:05:14 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\System32\drivers\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2010.01.21 02:05:16 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.11.25 05:18:02 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.20 20:52:38 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
[2009.11.25 05:18:02 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.27 09:25:17 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.24 12:39:31 | 002,594,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.26 10:19:49 | 000,115,998 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.26 10:19:49 | 000,101,896 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.26 10:19:49 | 000,601,854 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.26 10:19:49 | 000,589,884 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.26 10:19:49 | 001,402,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
< End of report >
Re: Prosím o kontrolu logu
Extras.txt:
OTL Extras logfile created on: 27.4.2010 10:37:18 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Photon\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
7,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,24 Gb Total Space | 52,71 Gb Free Space | 51,06% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 32,05 Gb Free Space | 13,76% Space Free | Partition Type: NTFS
Drive E: | 155,94 Gb Total Space | 68,48 Gb Free Space | 43,91% Space Free | Partition Type: NTFS
Drive F: | 439,45 Gb Total Space | 86,30 Gb Free Space | 19,64% Space Free | Partition Type: NTFS
Drive G: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PHOTON-PC
Current User Name: Photon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-598142766-3513004657-3538863896-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F7BEF9B-5D01-48A9-BA5A-5DADAF3E4881}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{1A38E2E0-A301-4014-8A69-21B6259670F4}" = rport=139 | protocol=6 | dir=out | app=system |
"{412B26B5-0B8B-4E86-B02E-FD18517CEB93}" = lport=445 | protocol=6 | dir=in | app=system |
"{49B21614-2F99-432D-BFCA-291497FAD88E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4E05A450-8088-4AAB-B079-D608B5237D25}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F6CB298-3F7D-4118-B9C1-86BE669E6A74}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{75262BC8-59C8-48DC-BCC8-6583157BC27C}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{B0C6E7BB-96D5-465D-BD3D-7439DEFF16B5}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{BBC1EB69-C9B7-4456-851F-E422D65905E4}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD9FF838-F699-4DFB-8B80-FE71D8B502E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{C8938B71-BED7-4470-A2AF-83BC50D14EAD}" = rport=445 | protocol=6 | dir=out | app=system |
"{CE31B7CE-B16A-4D5C-AF3C-D7C76A4045F3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D1BB071D-8AB8-4E9F-8D62-08CBB6F3ECE0}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9E6E25D-6DDE-4E79-94BD-EFF36E0695BA}" = lport=3140 | protocol=6 | dir=in | name=ip-clamp licensing service |
"{EDA848A2-BAC6-4A0A-99AE-745D213C3522}" = lport=139 | protocol=6 | dir=in | app=system |
"{EFDB412B-D98A-4862-A67C-B7E4EA59255F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{FC4C569F-573A-4759-AA23-B4F93E05030A}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{029CF645-21D7-47BC-90CB-CDF45B5C1CCB}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{090970D5-916A-4B56-98A2-4E11EC0DC340}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{0DD5F6F0-59CD-4F12-89C5-AF6F224D2A28}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{10EC56D8-A88D-4946-9520-F46BF1C634C0}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{1556DC2B-0AD5-4C0C-B4C1-DA9844B83B91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21545F74-52D3-45B9-9F39-D6F7D30B5F8F}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{2A2546D4-176E-40AC-9AAA-9445A0D1E443}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{3339235D-3AD3-4E37-AEA9-3811DA67334D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{34FE108B-05D3-4425-94FD-C0D069BC8333}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{39E01DDF-8BDA-4A39-815D-904497762E5E}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{3CEDE177-B63E-4FA5-A31B-2F751F4293C4}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{43D47609-FF7F-4F91-9D54-5BE405E2E607}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{4BA1118E-2DEB-4CC3-A7E0-A887EA30C925}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{4D1BC092-48FF-4E93-9E04-2E7062EE5AD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DA8A589-D27C-495E-8A2D-66AF640FCE62}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{51C72157-443C-4A79-B282-7397B89AF3E2}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{5376DDF3-DC66-4075-A269-18A5F2D794ED}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{54133ECD-A711-40C4-97EF-C2DEB171791D}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{5CFA92FA-7801-4931-B8B6-E220572DA331}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{5E28C442-3902-4073-BBCB-9996D0BDABC1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{609EB5E3-C591-4BC3-B1A4-6B5BFAC509A1}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{6D80B88D-6E95-490C-A4F0-54CA63B8931A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{82CEC8E3-181A-40A0-99A4-4BE400218DE3}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{87A67851-D8B9-4D28-99CA-CD2A5164DC3A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{9159B8BB-A97F-4D68-9822-C8024D197A05}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{9231EA29-970E-4B4E-89CA-C949613C68C4}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{9316B470-F592-4B05-90AC-B4A0A77A7088}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{95DF6C9F-7187-4A6E-BD41-6AEC55406B0A}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{9FF717DD-A46F-4CEB-AAC6-EEDA8BB1901F}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{A200CC97-9C2C-4B51-B6EE-DBC02E2E6F86}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A7353F9B-FE14-481C-BAA4-B9B2185B4171}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B03BB2C6-555A-4931-966D-A99682874EE2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6A9042C-7477-4669-8875-4F682960285C}" = protocol=6 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"{D7A0F0ED-2455-4667-92E7-00CAB357277D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{E238FECB-3CD2-4D50-9142-71345DA4C3E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E4A9EDAC-3C69-474C-950A-29D4CA090507}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{EC304C5A-3FD7-41C4-B21C-FA133525E5D8}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{F8CD7332-98FD-4550-98ED-67CEAAD62CC9}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{F8E7AABB-7663-4E06-AC99-739076E0E9BF}" = protocol=17 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{36E1FC11-D3F9-4D43-AE9D-C1461624BA18}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{5D610D89-DDA7-402A-8113-6BBF913962FB}C:\users\photon\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{7970C73A-46FC-40FD-A3E6-28753B06AC54}C:\users\photon\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\photon\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{97143C43-3B78-487F-888C-BA5D2AAB8184}C:\program files\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"TCP Query User{9A5ECEE8-ACC5-4AF9-B6D5-DE3F158B0140}C:\program files\marvell\raid\apache2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\program files\marvell\raid\apache2\bin\httpd.exe |
"TCP Query User{E25C3A68-DCAE-4D18-A41B-E32D8417B582}C:\program files\sdc230\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\sdc230\strongdc.exe |
"UDP Query User{0296F8C4-5818-43D3-8123-3F58CBE647FB}C:\program files\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"UDP Query User{0350799F-2A2C-4994-BEC7-B2E9D72CB028}C:\users\photon\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{9970B5DE-D267-4EAA-A561-F606C13C4704}C:\users\photon\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\photon\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9E14A147-7FD7-4B24-918A-D6502B98F685}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{AB12F65A-4F0C-47EF-92D9-4AF60A0DB48A}C:\program files\marvell\raid\apache2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\program files\marvell\raid\apache2\bin\httpd.exe |
"UDP Query User{C5BCC461-A8C2-41F6-BE76-6F12425510C6}C:\program files\sdc230\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\sdc230\strongdc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{0096A731-71DB-4969-AF1A-651698B246A5}" = Sony Ericsson Media Manager 1.1
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.205.00
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3C3AB164-964F-419D-A688-810E728B9D7D}" = GalleryImages
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41DF6AB7-4F89-478D-8501-D81A7A975D35}" = SP2GalleryImages
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CAC0A4E-F179-4229-92DB-FCA9F5BEAB7A}" = TP-LINK Wireless Adapter Driver and Utility
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BC52438-5DE4-4102-846E-64C225A0A04E}" = IP-Clamp Service
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{934528B2-09B3-C6E5-288A-4E554E6DF2B9}" = ATI Catalyst Install Manager
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A128921B-D03F-4BFB-8141-C365AA48D660}" = Adobe Setup
"{A2881E09-38DB-4F79-9135-00FDA01768A7}" = Adobe Creative Suite 4 Design Premium
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2D08D5A-74E8-7509-452A-E40E63D8FFC2}" = Catalyst Control Center InstallProxy
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5C8C4ED-A76A-49F3-BDB8-56DEEE92F19B}" = 602XML Filler
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F7BF4003-29AD-4528-8512-7EDFEC737C7A}" = finalRender R3 for 3ds Max 2010
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_55230b0b70661df0f212e88f0b655f7" = Adobe Creative Suite 4 Design Premium
"Advanced Disk Catalog" = Advanced Disk Catalog
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COMODO Internet Security" = COMODO Internet Security
"DFX for Winamp" = DFX for Winamp
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"FontExpert 2009" = FontExpert 2009
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.4
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HijackThis" = HijackThis 2.0.2
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC16 (remove only)
"Just Cause 2_is1" = Just Cause 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.6 (Full)
"KPT Collection" = KPT(R) Collection
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mv61xxDriver" = marvell 61xx
"PFPortChecker" = PFPortChecker 1.0.32
"QuickGamma_is1" = QuickGamma 3.0.0.1
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"Video to Flash Converter PRO_is1" = Video to Flash Converter PRO
"V-Ray for 3dsmax 2010 for x86" = V-Ray for 3dsmax 2010 for x86
"WheelMouse" = Smart-X7 7.80
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.4.2010 6:16:27 | Computer Name = Photon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.4.2010 6:16:27 | Computer Name = Photon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.4.2010 6:19:43 | Computer Name = Photon-PC | Source = Outlook | ID = 34
Description = Nepodařilo se získat správce oboru procházení. Chyba=0x800705aa.
Error - 25.4.2010 14:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 25.4.2010 15:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 25.4.2010 16:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 25.4.2010 17:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 26.4.2010 4:07:42 | Computer Name = Photon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 26.4.2010 7:16:14 | Computer Name = Photon-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Photoshop.exe, verze 11.0.0.0, časové razítko 0x48d3882e,
chybující modul Photoshop.exe, verze 11.0.0.0, časové razítko 0x48d3882e, kód výjimky
0xc0000005, posun chyby 0x00c9a1d3, ID procesu 0x1768, čas spuštění aplikace 0x01cae52700e28190.
Error - 26.4.2010 19:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
[ OSession Events ]
Error - 22.2.2010 5:15:18 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 172052
seconds with 180 seconds of active time. This session ended with a crash.
Error - 12.3.2010 5:24:00 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36918
seconds with 2760 seconds of active time. This session ended with a crash.
Error - 4.4.2010 13:35:17 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4168
seconds with 120 seconds of active time. This session ended with a crash.
Error - 20.4.2010 7:28:53 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 63693
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
< End of report >
OTL Extras logfile created on: 27.4.2010 10:37:18 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Photon\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
7,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103,24 Gb Total Space | 52,71 Gb Free Space | 51,06% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 32,05 Gb Free Space | 13,76% Space Free | Partition Type: NTFS
Drive E: | 155,94 Gb Total Space | 68,48 Gb Free Space | 43,91% Space Free | Partition Type: NTFS
Drive F: | 439,45 Gb Total Space | 86,30 Gb Free Space | 19,64% Space Free | Partition Type: NTFS
Drive G: | 4,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PHOTON-PC
Current User Name: Photon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-598142766-3513004657-3538863896-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F7BEF9B-5D01-48A9-BA5A-5DADAF3E4881}" = lport=3704 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{1A38E2E0-A301-4014-8A69-21B6259670F4}" = rport=139 | protocol=6 | dir=out | app=system |
"{412B26B5-0B8B-4E86-B02E-FD18517CEB93}" = lport=445 | protocol=6 | dir=in | app=system |
"{49B21614-2F99-432D-BFCA-291497FAD88E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4E05A450-8088-4AAB-B079-D608B5237D25}" = rport=138 | protocol=17 | dir=out | app=system |
"{6F6CB298-3F7D-4118-B9C1-86BE669E6A74}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{75262BC8-59C8-48DC-BCC8-6583157BC27C}" = lport=51001 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{B0C6E7BB-96D5-465D-BD3D-7439DEFF16B5}" = lport=51000 | protocol=6 | dir=in | name=adobe version cue cs4 server |
"{BBC1EB69-C9B7-4456-851F-E422D65905E4}" = lport=138 | protocol=17 | dir=in | app=system |
"{BD9FF838-F699-4DFB-8B80-FE71D8B502E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{C8938B71-BED7-4470-A2AF-83BC50D14EAD}" = rport=445 | protocol=6 | dir=out | app=system |
"{CE31B7CE-B16A-4D5C-AF3C-D7C76A4045F3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D1BB071D-8AB8-4E9F-8D62-08CBB6F3ECE0}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9E6E25D-6DDE-4E79-94BD-EFF36E0695BA}" = lport=3140 | protocol=6 | dir=in | name=ip-clamp licensing service |
"{EDA848A2-BAC6-4A0A-99AE-745D213C3522}" = lport=139 | protocol=6 | dir=in | app=system |
"{EFDB412B-D98A-4862-A67C-B7E4EA59255F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{FC4C569F-573A-4759-AA23-B4F93E05030A}" = lport=3703 | protocol=6 | dir=in | name=adobe version cue cs4 server |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{029CF645-21D7-47BC-90CB-CDF45B5C1CCB}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{090970D5-916A-4B56-98A2-4E11EC0DC340}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{0DD5F6F0-59CD-4F12-89C5-AF6F224D2A28}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{10EC56D8-A88D-4946-9520-F46BF1C634C0}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{1556DC2B-0AD5-4C0C-B4C1-DA9844B83B91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21545F74-52D3-45B9-9F39-D6F7D30B5F8F}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{2A2546D4-176E-40AC-9AAA-9445A0D1E443}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{3339235D-3AD3-4E37-AEA9-3811DA67334D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{34FE108B-05D3-4425-94FD-C0D069BC8333}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\server.exe |
"{39E01DDF-8BDA-4A39-815D-904497762E5E}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{3CEDE177-B63E-4FA5-A31B-2F751F4293C4}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{43D47609-FF7F-4F91-9D54-5BE405E2E607}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{4BA1118E-2DEB-4CC3-A7E0-A887EA30C925}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\3dsmax.exe |
"{4D1BC092-48FF-4E93-9E04-2E7062EE5AD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DA8A589-D27C-495E-8A2D-66AF640FCE62}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\manager.exe |
"{51C72157-443C-4A79-B282-7397B89AF3E2}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\adobe version cue cs4\server\bin\versioncuecs4.exe |
"{5376DDF3-DC66-4075-A269-18A5F2D794ED}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{54133ECD-A711-40C4-97EF-C2DEB171791D}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutparadise.exe |
"{5CFA92FA-7801-4931-B8B6-E220572DA331}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{5E28C442-3902-4073-BBCB-9996D0BDABC1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{609EB5E3-C591-4BC3-B1A4-6B5BFAC509A1}" = protocol=6 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{6D80B88D-6E95-490C-A4F0-54CA63B8931A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{82CEC8E3-181A-40A0-99A4-4BE400218DE3}" = protocol=17 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{87A67851-D8B9-4D28-99CA-CD2A5164DC3A}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{9159B8BB-A97F-4D68-9822-C8024D197A05}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutlauncher.exe |
"{9231EA29-970E-4B4E-89CA-C949613C68C4}" = protocol=6 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe |
"{9316B470-F592-4B05-90AC-B4A0A77A7088}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{95DF6C9F-7187-4A6E-BD41-6AEC55406B0A}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{9FF717DD-A46F-4CEB-AAC6-EEDA8BB1901F}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{A200CC97-9C2C-4B51-B6EE-DBC02E2E6F86}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{A7353F9B-FE14-481C-BAA4-B9B2185B4171}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B03BB2C6-555A-4931-966D-A99682874EE2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6A9042C-7477-4669-8875-4F682960285C}" = protocol=6 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"{D7A0F0ED-2455-4667-92E7-00CAB357277D}" = protocol=17 | dir=in | app=c:\program files\autodesk\3ds max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe |
"{E238FECB-3CD2-4D50-9142-71345DA4C3E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E4A9EDAC-3C69-474C-950A-29D4CA090507}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{EC304C5A-3FD7-41C4-B21C-FA133525E5D8}" = protocol=6 | dir=in | app=c:\program files\autodesk\backburner\monitor.exe |
"{F8CD7332-98FD-4550-98ED-67CEAAD62CC9}" = protocol=17 | dir=in | app=c:\program files\electronic arts\burnout(tm) paradise the ultimate box\burnoutconfigtool.exe |
"{F8E7AABB-7663-4E06-AC99-739076E0E9BF}" = protocol=17 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{36E1FC11-D3F9-4D43-AE9D-C1461624BA18}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{5D610D89-DDA7-402A-8113-6BBF913962FB}C:\users\photon\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{7970C73A-46FC-40FD-A3E6-28753B06AC54}C:\users\photon\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\photon\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{97143C43-3B78-487F-888C-BA5D2AAB8184}C:\program files\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"TCP Query User{9A5ECEE8-ACC5-4AF9-B6D5-DE3F158B0140}C:\program files\marvell\raid\apache2\bin\httpd.exe" = protocol=6 | dir=in | app=c:\program files\marvell\raid\apache2\bin\httpd.exe |
"TCP Query User{E25C3A68-DCAE-4D18-A41B-E32D8417B582}C:\program files\sdc230\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\sdc230\strongdc.exe |
"UDP Query User{0296F8C4-5818-43D3-8123-3F58CBE647FB}C:\program files\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe |
"UDP Query User{0350799F-2A2C-4994-BEC7-B2E9D72CB028}C:\users\photon\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\photon\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{9970B5DE-D267-4EAA-A561-F606C13C4704}C:\users\photon\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\photon\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{9E14A147-7FD7-4B24-918A-D6502B98F685}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{AB12F65A-4F0C-47EF-92D9-4AF60A0DB48A}C:\program files\marvell\raid\apache2\bin\httpd.exe" = protocol=17 | dir=in | app=c:\program files\marvell\raid\apache2\bin\httpd.exe |
"UDP Query User{C5BCC461-A8C2-41F6-BE76-6F12425510C6}C:\program files\sdc230\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\sdc230\strongdc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{0096A731-71DB-4969-AF1A-651698B246A5}" = Sony Ericsson Media Manager 1.1
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BB72566-0D4C-7200-2CE7-02F298B49C88}" = CCC Help English
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{110AD51E-D0E0-49B1-52FD-291373BA62EA}" = Catalyst Control Center Graphics Full New
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.205.00
"{31557F4F-7D10-D32E-4B70-237A09FCC31B}" = Catalyst Control Center Graphics Previews Common
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C175604-F026-5D79-BBD8-F626AE10B3EF}" = Catalyst Control Center Graphics Full Existing
"{3C3AB164-964F-419D-A688-810E728B9D7D}" = GalleryImages
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41DF6AB7-4F89-478D-8501-D81A7A975D35}" = SP2GalleryImages
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CAC0A4E-F179-4229-92DB-FCA9F5BEAB7A}" = TP-LINK Wireless Adapter Driver and Utility
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{62C2067E-5851-BD4C-98E0-5C4D5E155A5B}" = Catalyst Control Center Core Implementation
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BC52438-5DE4-4102-846E-64C225A0A04E}" = IP-Clamp Service
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F05E704-30A6-421A-97A7-8EEB1C7FF100}" = CorelDRAW Graphics Suite X4 - Lang EN
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{934528B2-09B3-C6E5-288A-4E554E6DF2B9}" = ATI Catalyst Install Manager
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A128921B-D03F-4BFB-8141-C365AA48D660}" = Adobe Setup
"{A2881E09-38DB-4F79-9135-00FDA01768A7}" = Adobe Creative Suite 4 Design Premium
"{A292C05C-840A-9D47-5350-EF39ECC7629E}" = Catalyst Control Center HydraVision Full
"{A2D08D5A-74E8-7509-452A-E40E63D8FFC2}" = Catalyst Control Center InstallProxy
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AD17676C-5065-E427-130B-21CE713F93E7}" = Catalyst Control Center Graphics Light
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B970700B-E49F-ECEF-4ADB-0F3E1AFEDE91}" = ccc-core-static
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE86A0E7-818D-43EC-A181-59BA9BD3EF2E}" = LightScribe 1.8.13.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{E5C8C4ED-A76A-49F3-BDB8-56DEEE92F19B}" = 602XML Filler
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F7BF4003-29AD-4528-8512-7EDFEC737C7A}" = finalRender R3 for 3ds Max 2010
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F9726DDC-D7B5-BF1F-5626-EA467FEEBC52}" = ccc-utility
"{F9F13FEA-D51E-A1C3-4EDC-D04A91B62C93}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_55230b0b70661df0f212e88f0b655f7" = Adobe Creative Suite 4 Design Premium
"Advanced Disk Catalog" = Advanced Disk Catalog
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"COMODO Internet Security" = COMODO Internet Security
"DFX for Winamp" = DFX for Winamp
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"FontExpert 2009" = FontExpert 2009
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.4
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HijackThis" = HijackThis 2.0.2
"Intelore - RAR Password Recovery" = RAR Password Recovery v1.1 RC16 (remove only)
"Just Cause 2_is1" = Just Cause 2
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.6 (Full)
"KPT Collection" = KPT(R) Collection
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mv61xxDriver" = marvell 61xx
"PFPortChecker" = PFPortChecker 1.0.32
"QuickGamma_is1" = QuickGamma 3.0.0.1
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"Video to Flash Converter PRO_is1" = Video to Flash Converter PRO
"V-Ray for 3dsmax 2010 for x86" = V-Ray for 3dsmax 2010 for x86
"WheelMouse" = Smart-X7 7.80
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.4.2010 6:16:27 | Computer Name = Photon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.4.2010 6:16:27 | Computer Name = Photon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.4.2010 6:19:43 | Computer Name = Photon-PC | Source = Outlook | ID = 34
Description = Nepodařilo se získat správce oboru procházení. Chyba=0x800705aa.
Error - 25.4.2010 14:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 25.4.2010 15:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 25.4.2010 16:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 25.4.2010 17:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
Error - 26.4.2010 4:07:42 | Computer Name = Photon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 26.4.2010 7:16:14 | Computer Name = Photon-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Photoshop.exe, verze 11.0.0.0, časové razítko 0x48d3882e,
chybující modul Photoshop.exe, verze 11.0.0.0, časové razítko 0x48d3882e, kód výjimky
0xc0000005, posun chyby 0x00c9a1d3, ID procesu 0x1768, čas spuštění aplikace 0x01cae52700e28190.
Error - 26.4.2010 19:14:05 | Computer Name = Photon-PC | Source = Google Update | ID = 20
Description =
[ OSession Events ]
Error - 22.2.2010 5:15:18 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 172052
seconds with 180 seconds of active time. This session ended with a crash.
Error - 12.3.2010 5:24:00 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 36918
seconds with 2760 seconds of active time. This session ended with a crash.
Error - 4.4.2010 13:35:17 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4168
seconds with 120 seconds of active time. This session ended with a crash.
Error - 20.4.2010 7:28:53 | Computer Name = Photon-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 63693
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
Error - 20.1.2010 21:00:18 | Computer Name = Photon-PC | Source = Microsoft-Windows-Servicing | ID = 4385
Description =
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
SRV - File not found [Disabled | Stopped] -- -- (NMIndexingService)
O3 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [Configurator.exe] C:\Program Files\Vodafone\Configurator.exe File not found
O4 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000..\Run: [QuickGammaResume] File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKU\S-1-5-21-598142766-3513004657-3538863896-1000\..Trusted Ranges: Range1 ([https] in Trusted sites)
O33 - MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\Shell - "" = AutoRun
[2010.04.24 12:38:29 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\RtlVistaStart.job
[2010.04.24 12:36:52 | 000,023,112 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]eMule
µTorrent
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Tohle otestujte na http://www.virustotal.com/cs/ C:\ProgramData\KGyGaAvL.sys
(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Re: Prosím o kontrolu logu
Virustotal nenašel v KGyGaAvL.sys nic...
Emula a uTorrent samy o sobě snad nebezpečné nejsou? Jen je třeba hlídat, co stáhnu ne?
All processes killed
========== OTL ==========
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Configurator.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Run\\QuickGammaResume deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\https deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ef242bd-05f5-11df-beac-002215531446}\ not found.
C:\Windows\Tasks\RtlVistaStart.job moved successfully.
File move failed. C:\Windows\Tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
User: Photon
->Temp folder emptied: 32371989 bytes
->Temporary Internet Files folder emptied: 39574384 bytes
->Java cache emptied: 3962941 bytes
->Google Chrome cache emptied: 410785674 bytes
->Flash cache emptied: 3747 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 571164 bytes
RecycleBin emptied: 3716282411 bytes
Total Files Cleaned = 4 009,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: Guest
User: Photon
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.3.0 log created on 04272010_154609
Files\Folders moved on Reboot...
File move failed. C:\Windows\Tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Emula a uTorrent samy o sobě snad nebezpečné nejsou? Jen je třeba hlídat, co stáhnu ne?
All processes killed
========== OTL ==========
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Configurator.exe deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\Software\Microsoft\Windows\CurrentVersion\Run\\QuickGammaResume deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully.
Registry value HKEY_USERS\S-1-5-21-598142766-3513004657-3538863896-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\https deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ef242bd-05f5-11df-beac-002215531446}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ef242bd-05f5-11df-beac-002215531446}\ not found.
C:\Windows\Tasks\RtlVistaStart.job moved successfully.
File move failed. C:\Windows\Tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
User: Photon
->Temp folder emptied: 32371989 bytes
->Temporary Internet Files folder emptied: 39574384 bytes
->Java cache emptied: 3962941 bytes
->Google Chrome cache emptied: 410785674 bytes
->Flash cache emptied: 3747 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 571164 bytes
RecycleBin emptied: 3716282411 bytes
Total Files Cleaned = 4 009,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default
User: Default User
User: Guest
User: Photon
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.3.0 log created on 04272010_154609
Files\Folders moved on Reboot...
File move failed. C:\Windows\Tasks\SCHEDLGU.TXT scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdá se, že je vše OK. Ono ještě nedošlo k ničemu vážnému, ale dost se to zpomalovalo a taky jsem našel pár červů Avirou. Bylo tam něco špatnýho? Jinak díky moc za pomoc...
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.06 (written by random/random)
Run by Photon at 2010-04-27 21:20:10
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 58 GB (55%) free of 106 GB
Total RAM: 3326 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:20:23, on 27.4.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Programs\CorelDRW.exe
C:\Users\Photon\Desktop\RSIT.exe
C:\Program Files\trend micro\Photon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [Google Update] "C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [QuickGammaLoader] C:\Program Files\QuickGamma\QuickGammaLoader.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE150954-DA0F-4C45-A696-9E872669FD4C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3E6AE75-15F9-4190-AAB3-E5A09C94E44C}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc. (IPClampService) - Unknown owner - C:\Program Files\cebas\ip-clamp\ipclamp.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
--
End of file - 8397 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601ED020-FB6C-11D3-87D8-0050DA59922B}]
WsftpBrowserHelper Class - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll [2004-06-17 118830]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"FontExpertType1Loader"=C:\Program Files\FontExpert\Type1Loader.exe [2008-12-14 294152]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-12-26 196608]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-20 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"QuickGammaLoader"=C:\Program Files\QuickGamma\QuickGammaLoader.exe [2009-08-14 98816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-04-27 15:46:09 ----D---- C:\_OTL
2010-04-26 11:53:48 ----D---- C:\Program Files\DVDVideoSoft
2010-04-26 11:53:48 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-04-23 14:48:53 ----A---- C:\Windows\system32\gdiplus.dll
2010-04-23 14:48:53 ----A---- C:\Windows\system32\dsetup.dll
2010-04-23 14:48:52 ----D---- C:\Users\Photon\AppData\Roaming\GeoVid
2010-04-23 14:48:50 ----D---- C:\Program Files\GeoVid
2010-04-09 14:22:14 ----D---- C:\Program Files\CCleaner
2010-04-02 17:23:57 ----D---- C:\Windows\system32\TP-LINK Wireless Adapter Driver and Utility
2010-04-02 17:23:57 ----D---- C:\Program Files\TP-LINK
2010-03-30 12:43:09 ----D---- C:\Program Files\Common Files\Freedom Scientific
2010-03-30 12:43:08 ----D---- C:\Program Files\Common Files\soft602
2010-03-30 12:43:07 ----D---- C:\Program Files\Software602
2010-03-29 23:33:24 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-03-29 23:31:17 ----D---- C:\Program Files\SQUARE ENIX - Eidos Interactive
======List of files/folders modified in the last 1 months======
2010-04-27 21:20:23 ----D---- C:\Windows\Temp
2010-04-27 21:20:23 ----D---- C:\Windows\Prefetch
2010-04-27 21:20:19 ----D---- C:\Program Files\trend micro
2010-04-27 21:13:53 ----D---- C:\Users\Photon\AppData\Roaming\Skype
2010-04-27 20:08:31 ----A---- C:\Windows\ULEAD32.INI
2010-04-27 16:25:38 ----D---- C:\Windows\System32
2010-04-27 16:25:38 ----D---- C:\Windows\inf
2010-04-27 16:25:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-27 16:00:30 ----D---- C:\Users\Photon\AppData\Roaming\skypePM
2010-04-27 15:46:19 ----D---- C:\Windows\Tasks
2010-04-27 11:10:13 ----D---- C:\Windows
2010-04-26 17:07:33 ----A---- C:\vraylog.txt
2010-04-26 11:53:48 ----RD---- C:\Program Files
2010-04-26 11:53:48 ----D---- C:\Program Files\Common Files
2010-04-24 12:36:27 ----D---- C:\Users\Photon\AppData\Roaming\uTorrent
2010-04-23 14:49:02 ----SHD---- C:\Windows\Installer
2010-04-22 13:48:02 ----SHD---- C:\Boot
2010-04-09 14:34:44 ----D---- C:\Windows\Debug
2010-04-02 18:16:30 ----SD---- C:\ProgramData\Microsoft
2010-04-02 17:25:56 ----D---- C:\Windows\system32\Tasks
2010-04-02 17:25:53 ----D---- C:\Windows\system32\drivers
2010-04-02 17:25:52 ----D---- C:\Windows\system32\catroot
2010-04-02 17:23:57 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2006-12-15 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-04 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-01-24 56816]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2006-12-15 13824]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-25 5143552]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2007-07-18 357376]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-02-11 27632]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-02-11 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-02-11 25512]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-25 172032]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.; C:\Program Files\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-21 655624]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
-----------------EOF-----------------
Run by Photon at 2010-04-27 21:20:10
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 58 GB (55%) free of 106 GB
Total RAM: 3326 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:20:23, on 27.4.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Users\Photon\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Programs\CorelDRW.exe
C:\Users\Photon\Desktop\RSIT.exe
C:\Program Files\trend micro\Photon.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKCU\..\Run: [Google Update] "C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [QuickGammaLoader] C:\Program Files\QuickGamma\QuickGammaLoader.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE150954-DA0F-4C45-A696-9E872669FD4C}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3E6AE75-15F9-4190-AAB3-E5A09C94E44C}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc. (IPClampService) - Unknown owner - C:\Program Files\cebas\ip-clamp\ipclamp.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit (mi-raysat_3dsmax2010_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
--
End of file - 8397 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-598142766-3513004657-3538863896-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{601ED020-FB6C-11D3-87D8-0050DA59922B}]
WsftpBrowserHelper Class - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll [2004-06-17 118830]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-21 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"FontExpertType1Loader"=C:\Program Files\FontExpert\Type1Loader.exe [2008-12-14 294152]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-12-26 196608]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-11 417792]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 1983816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Photon\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-20 135664]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"QuickGammaLoader"=C:\Program Files\QuickGamma\QuickGammaLoader.exe [2009-08-14 98816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-04-27 15:46:09 ----D---- C:\_OTL
2010-04-26 11:53:48 ----D---- C:\Program Files\DVDVideoSoft
2010-04-26 11:53:48 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-04-23 14:48:53 ----A---- C:\Windows\system32\gdiplus.dll
2010-04-23 14:48:53 ----A---- C:\Windows\system32\dsetup.dll
2010-04-23 14:48:52 ----D---- C:\Users\Photon\AppData\Roaming\GeoVid
2010-04-23 14:48:50 ----D---- C:\Program Files\GeoVid
2010-04-09 14:22:14 ----D---- C:\Program Files\CCleaner
2010-04-02 17:23:57 ----D---- C:\Windows\system32\TP-LINK Wireless Adapter Driver and Utility
2010-04-02 17:23:57 ----D---- C:\Program Files\TP-LINK
2010-03-30 12:43:09 ----D---- C:\Program Files\Common Files\Freedom Scientific
2010-03-30 12:43:08 ----D---- C:\Program Files\Common Files\soft602
2010-03-30 12:43:07 ----D---- C:\Program Files\Software602
2010-03-29 23:33:24 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-03-29 23:31:17 ----D---- C:\Program Files\SQUARE ENIX - Eidos Interactive
======List of files/folders modified in the last 1 months======
2010-04-27 21:20:23 ----D---- C:\Windows\Temp
2010-04-27 21:20:23 ----D---- C:\Windows\Prefetch
2010-04-27 21:20:19 ----D---- C:\Program Files\trend micro
2010-04-27 21:13:53 ----D---- C:\Users\Photon\AppData\Roaming\Skype
2010-04-27 20:08:31 ----A---- C:\Windows\ULEAD32.INI
2010-04-27 16:25:38 ----D---- C:\Windows\System32
2010-04-27 16:25:38 ----D---- C:\Windows\inf
2010-04-27 16:25:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-27 16:00:30 ----D---- C:\Users\Photon\AppData\Roaming\skypePM
2010-04-27 15:46:19 ----D---- C:\Windows\Tasks
2010-04-27 11:10:13 ----D---- C:\Windows
2010-04-26 17:07:33 ----A---- C:\vraylog.txt
2010-04-26 11:53:48 ----RD---- C:\Program Files
2010-04-26 11:53:48 ----D---- C:\Program Files\Common Files
2010-04-24 12:36:27 ----D---- C:\Users\Photon\AppData\Roaming\uTorrent
2010-04-23 14:49:02 ----SHD---- C:\Windows\Installer
2010-04-22 13:48:02 ----SHD---- C:\Boot
2010-04-09 14:34:44 ----D---- C:\Windows\Debug
2010-04-02 18:16:30 ----SD---- C:\ProgramData\Microsoft
2010-04-02 17:25:56 ----D---- C:\Windows\system32\Tasks
2010-04-02 17:25:53 ----D---- C:\Windows\system32\drivers
2010-04-02 17:25:52 ----D---- C:\Windows\system32\catroot
2010-04-02 17:23:57 ----HD---- C:\Program Files\InstallShield Installation Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2006-12-15 8704]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-04 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-01-29 29520]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-01-29 74328]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-01-24 56816]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2006-12-15 13824]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-09-30 103440]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-11-25 5143552]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2007-07-18 357376]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-02-11 27632]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-02-11 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-02-11 25512]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 102784]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-11-25 172032]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 IPClampService;IP-Clamp Licensing by cebas VISUAL TECHNOLOGY Inc.; C:\Program Files\cebas\ip-clamp\ipclamp.exe [2007-11-20 45700]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [2009-03-12 86016]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-21 655624]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe
- Spusťte.
- Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Re: Prosím o kontrolu logu
Hotovo, to je vše? Sem čistej?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
V tom případě pořádně děkuju a přeju krásný den!
Přispějete na provoz fóra?