Trojan.ExOptions.Gen

Zpráva

15a · #1 Příspěvek od **15a** » 27 dub 2010 18:55

zdravim ,
trojan.exoptions.gen - nevim cim je nebezpecnej ,ale detekujeho Spyware Terminator
zkouseno Malwarebytes,CCcleaner,Nod , nic nepomaha . Z jineho vlakna vyzkousen i doporuceny postup. Zadna zmena . Zatim se vyhybam comboFixu . Jak bych mel postupovat ? dekuji za rada , log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Internet at 2010-04-27 19:50:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 117 GB (49%) free of 238 GB
Total RAM: 1012 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:51:17, on 27.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Internet\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Internet.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7198 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2008-06-15 1817600]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-09 2140880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-03-30 437584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-11-03 205312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\Windows Defender\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-27 19:50:49 ----D---- C:\Program Files\trend micro
2010-04-27 19:50:45 ----DC---- C:\rsit
2010-04-27 19:23:20 ----DC---- C:\Documents and Settings\Internet\Data aplikací\Malwarebytes
2010-04-27 19:23:06 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-27 19:23:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-27 19:11:47 ----D---- C:\Program Files\CCleaner
2010-04-27 18:33:58 ----DC---- C:\Documents and Settings\Internet\Data aplikací\TeamViewer
2010-04-27 18:33:37 ----D---- C:\Program Files\TeamViewer
2010-04-16 07:58:59 ----D---- C:\Program Files\Crawler
2010-04-14 22:57:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 22:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 22:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 22:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 11:26:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 11:26:45 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 12:10:11 ----D---- C:\Program Files\ICQ6(2).5
2010-04-09 12:08:27 ----D---- C:\Program Files\ICQ6(3).5
2010-04-09 12:01:58 ----D---- C:\Program Files\ICQ6(4).5
2010-04-09 12:00:15 ----D---- C:\Program Files\ICQ6(5).5
2010-04-09 11:57:39 ----D---- C:\Program Files\ICQ6(6).5
2010-04-09 11:54:43 ----D---- C:\Program Files\ICQ6(7).5
2010-04-06 19:35:39 ----DC---- C:\ICQ
2010-04-06 19:21:51 ----D---- C:\Program Files\ICQ6.5

======List of files/folders modified in the last 1 months======

2010-04-27 19:51:12 ----D---- C:\WINDOWS\Temp
2010-04-27 19:50:51 ----D---- C:\WINDOWS\Prefetch
2010-04-27 19:50:49 ----D---- C:\Program Files
2010-04-27 19:47:30 ----D---- C:\Program Files\Mozilla Firefox
2010-04-27 19:23:08 ----D---- C:\WINDOWS\system32\drivers
2010-04-27 19:19:12 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-04-27 19:19:12 ----D---- C:\Program Files\Spyware Terminator
2010-04-27 19:17:45 ----DC---- C:\Documents and Settings\Internet\Data aplikací\Spyware Terminator
2010-04-27 19:13:41 ----D---- C:\WINDOWS\Debug
2010-04-27 19:13:41 ----D---- C:\WINDOWS
2010-04-27 19:09:04 ----SD---- C:\WINDOWS\Tasks
2010-04-27 19:05:18 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-27 19:01:53 ----SHD---- C:\System Volume Information
2010-04-27 19:01:53 ----D---- C:\WINDOWS\system32\Restore
2010-04-27 18:57:57 ----D---- C:\WINDOWS\system32
2010-04-27 17:52:24 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-04-24 18:14:59 ----SHD---- C:\WINDOWS\Installer
2010-04-22 22:22:28 ----DC---- C:\Documents and Settings\Internet\Data aplikací\Skype
2010-04-22 21:36:01 ----DC---- C:\Documents and Settings\Internet\Data aplikací\skypePM
2010-04-15 14:10:04 ----D---- C:\WINDOWS\network diagnostic
2010-04-15 14:07:13 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-15 11:25:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-14 22:57:59 ----HD---- C:\WINDOWS\inf
2010-04-14 22:57:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 22:57:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 19:03:30 ----D---- C:\Program Files\ESET
2010-04-14 08:40:25 ----D---- C:\Program Files\Google
2010-04-12 08:56:00 ----DC---- C:\Documents and Settings
2010-04-09 12:35:57 ----D---- C:\WINDOWS\system32\config
2010-04-09 12:35:32 ----D---- C:\WINDOWS\system32\wbem
2010-04-09 12:35:32 ----D---- C:\WINDOWS\Registration
2010-04-06 19:52:54 ----AC---- C:\WINDOWS\system32\MRT.exe
2010-04-06 19:37:47 ----D---- C:\Program Files\GameSpy Arcade
2010-04-02 21:31:14 ----DC---- C:\Documents and Settings\Internet\Data aplikací\ICQ
2010-03-31 18:01:22 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-09 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-09 95872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-09 139192]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-08-26 32288]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-11-03 6273504]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-18 4652544]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-07-11 47360]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-14 44384]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 NAL;Nal Service ; \??\C:\WINDOWS\system32\Drivers\iqvw32.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-14 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-14 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-14 5600]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-09 810120]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-06-15 606720]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-07-10 204800]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-20 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-09 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

dekuji

#2 Příspěvek od **Caroprd111** » 27 dub 2010 18:57

Zdravím

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Obrázek

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
CREATERESTOREPOINT

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

15a · #3 Příspěvek od **15a** » 27 dub 2010 19:03

ok vyzkousim ,ale radsi si vsechno zazalohuju ,takze budu zkouset za dva dny , necekal jsem tak rychlou odpoved. Zatim a hezky vecer

#4 Příspěvek od **Caroprd111** » 27 dub 2010 19:05

rok · #5 Příspěvek od **rok** » 05 kvě 2010 16:24

zdravím,vkládíám sem ty logy,sice jsem toto téma nezačal já,ale mám úplně stejný problém.Díky za radu:

OTL Extras logfile created on: 5.5.2010 16:43:57 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Roman\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,23 Gb Free Space | 40,56% Space Free | Partition Type: NTFS
Drive D: | 66,71 Gb Total Space | 30,11 Gb Free Space | 45,14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 836,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 1,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded

Computer Name: ROKANE
Current User Name: Roman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client2] -- "C:\Fotostar Offline client2.exe" "%1" ()
Directory [Fotostar Offline client3] -- "C:\Program Files\Fotostar\Fotostar Offline client3\Fotostar Offline client3.exe" "%1" ()
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{54E6A229-CBB0-49AA-B5E8-4AF5C9D9B70A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00138725-7356-4C7B-B030-1E70C7190F7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{01DB3135-02E5-4A52-894B-418FF221E790}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{03414B82-6E93-412C-8862-9E1C809F5A21}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{084FB740-FD77-4740-81A8-FF757C74EE3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0AF8D599-AFFE-44D9-A8F7-BCF0E969E96A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B7D1CF1-0128-41FC-B4E7-A9D3C7D59AC3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BED1331-B035-437F-9792-7562959B7539}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D2C83CF-BD50-4FB3-9D0B-78A6810EDB12}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0EC43DD7-3BF9-42FF-8A0C-F64D0148BDDC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1261B333-CBF2-47D2-A2A1-C9D6E52A39E9}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{135FE131-EA45-4F30-BB19-169A3C087547}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13BDA381-7A58-420D-8CEB-B2510A25D84B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{144C86C2-A653-408E-B78A-30E54BB50EDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16A223AE-3CCF-4500-93CD-9557E6A7A1DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{185DE3AB-E2BC-42A8-BD6B-4FBE6246B7E4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{188590EF-1E5B-4943-BED3-B0C2A604D594}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{195C8262-C6BC-46FD-AF22-FB443A7C7590}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B0802E7-CA09-4643-9DC4-16B5A070A02C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1BCF6E1F-02EA-4C94-B88F-F971F2421249}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{21310EE0-39E6-4881-A9A8-252177BD7154}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{232092F2-5F5D-4D6B-9E0C-65FA0CDB1E6F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24B16D71-C3C0-4573-A98E-0C67D0C54DD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{26946E2A-ED57-41E4-A292-0F0C2EF91165}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{26ACEEAB-8F7A-4A12-83A0-E43803FC64F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{28137B53-BAAC-4EEA-8074-806F2F54CE9C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29A20522-98CE-4B5A-BBD0-E6A2266980E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A528764-67EB-498E-863D-8C498F9D20AA}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{2A80D4BE-59D0-4A16-9B2E-D9CFE600BDD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C32B5F3-95AB-46CA-82EB-9C9F0C67E224}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DDC9E9B-465F-4E31-B66B-4600D9D9BE5C}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{2EA82E52-BEC2-4BBC-8373-A737BF258030}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F215F5C-9D72-4912-8400-F51F504C0E67}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F21C4CA-9228-4CEF-BB24-F0A1E7CE3A4B}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{3054E143-BF66-4826-B393-9F562EFAB8EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30AD99E9-9395-4DE7-B4F3-BE1E8887AC25}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3212E676-2CC4-4953-8158-E1BFB075B932}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36BCB959-8E17-4E65-BF1F-C04AF9138CA4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38854E83-3115-4288-92D1-BE78682B4671}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3950BEBE-4B1D-4B4F-B0AD-2A72786D630B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B8B4EB5-E6DC-4AA3-9FDA-1DAE1755DE85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{41E14A14-4A8E-4547-8845-97123615A01A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4640AD08-3131-49CE-8D46-385717A4F451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{478F566B-79AA-4EFD-B9B3-3ECD060BFB18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47F84E86-FA18-4E23-A10C-5857BC2EA421}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4A332C79-F147-4789-B856-C7E4B2E17A87}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4D64474B-CAF9-4AB9-AA34-198C0697F502}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5083EC2C-1F20-4B5A-A34A-A4259458C628}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{51023B94-6D6D-4D67-BEC0-9E7A7E42D78C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{524F1C5C-C06F-42FC-8FF7-D958AFA61EBE}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{540A0C6B-BFA8-478E-ADA6-06044BFA28C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5712E0D0-E8C7-488C-A6BC-B643E15F65FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58C0BCA7-D4A6-4895-84E0-5AE272E70A0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AA78138-D3F4-407B-82BC-0AFF42413F22}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C560478-1E26-4142-AC22-CAAC34548773}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5DCBAB38-0A41-4F0B-8AF4-FD8ADBF2DC2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F9C07F0-AA45-49CC-81AC-413DD2B69AB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{624C2B66-5CBB-4795-BE8A-F4E2E60147A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6306530D-8587-4B77-8E9B-BDC73D5B0F1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{653D34ED-3288-41DD-A0A8-0C8D1AF83227}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{65C8E30D-DB04-4A8F-9776-561757D9F430}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66BF0474-A36E-4EAF-9A52-422B2F1735BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67F6EAEA-AF15-4D1C-AA00-765E30A58E74}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{698E0BAA-3D2E-4C38-9538-155005E7DEE8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{69E2A534-671C-4445-B2B3-33DEAC5F5275}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6B796B72-C60F-4F50-B842-319FCC05823C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D12FCA0-572B-4E2F-9FC2-730493D24392}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F37DB21-8684-407B-B3CC-91C7768AA9CA}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{6F831A93-4883-4A6A-B930-D787FF350211}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F9E3570-ED50-4224-9B35-9D15D492AFA2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{711BC498-3225-4247-A5E6-22296E927B04}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71C60559-DB78-499F-A1ED-6DEC95CA3415}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72592724-A63D-4EC3-BBEE-09D55E880CC0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{72662FB5-CDE7-484E-8FC9-1DD17F6946C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73C503C4-2520-4821-A3F1-CED52DCEF659}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74BC307E-28A2-4E37-BC2D-843686D7FEDA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{758E3C1E-17F0-4139-9798-9270ADBCDFDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{775D3C45-A42B-4361-86A4-B4908D2D4324}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{792DA6CA-56E9-4E99-85D1-98637E3AF5E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7BA6555E-721B-41B9-BA66-6B59478E53C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C07C3EA-D19E-4D9D-8120-FE87ECDCC45E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81A81C38-F276-42B6-80ED-9AF5569CDE13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{830A19EE-4722-472B-BA04-6B29DEB61D8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84E48007-55A5-49A4-90D3-5EB22ABE3E2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8878E2EF-AEC4-46CC-BA0B-829731151FD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8ABB9BB2-640F-4F73-9A94-9D88C73B6639}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9349E4F3-3057-4931-9214-C189A10B731F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9947B788-0DD6-4330-AB91-4FDF0D2A772E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A10E6DEC-2771-419D-9C09-0FB2B15854FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A14ADA9A-1352-489F-AF6B-FD42CAF6C3AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A71A803A-B4B1-4277-85CB-B80E2E2F18B1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A948E477-BD1E-4C59-AD9C-FC0E1E5B2191}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB7F331E-5AB3-4C0A-87C0-8BAEFD58C3D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AD19A985-2590-4983-830C-A833A9CB21EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ADC79AB8-0557-43B5-89AD-5E5FE5B135E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE6DE1E5-4768-43A1-AA85-F70A7A2CE9B1}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{AE946F05-41CF-4FEA-B402-4009B2C7CA52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AECEBFE6-BC06-4634-9001-E6FC97C65B78}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFBE38F5-0E1E-478B-AEC9-6F85996A1295}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B297D676-A361-42C9-9CE4-06EDB7388E91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2CC7341-9993-45C2-A1D1-56827DC8A17E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2D5F7D3-0D59-4CAE-8D1C-89D08B33F743}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5D59180-06B4-4DB5-B69B-AF2B98061350}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B734B97C-594B-4338-82C5-FFBB0D7F1214}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BACAACDA-023F-4570-AC5B-355AD5142278}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BBF5A28A-7187-46F7-B525-B3CBD0389239}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BCA1E49B-8E6A-48D6-9B41-D21C54D6B969}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD49996F-3493-4839-9B86-C2538890572B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C06C4553-F6B4-4506-B086-A37A34135470}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C138F68A-9B07-4EA7-8126-B2821D258C0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C22C83AA-BC95-4F1A-ACD2-3B70966E7D3F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C55BB280-BAF6-438E-BA0F-317A577929DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6928AD1-AAE0-427E-989E-F00058ED4F13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7AE54AA-8FE1-46D4-B19B-8BA79984959A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C94CB5A2-449C-4654-AB57-371FBDDA5119}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CCB55AEB-8F40-40A8-918A-BD4DE40CD71D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{CF33ABF9-874E-4F4B-AE8C-CC75C8BA6FAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1DFD3A6-7852-483F-8443-61091F591F18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1F8F73B-7189-4637-BAA0-C2D86A25D0CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2068F22-5CF9-493E-B03C-EA386324BFAD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D311431D-B575-45DA-96E5-800708A40ABD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4AA7CEF-2CCA-41A6-AC8B-5223F252DA6A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D68EE253-159D-40AE-9585-116572016A43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7C9C76C-A7E8-439B-B421-3FD94E23E8A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D81C64CC-CBBE-4AFC-BD32-F0EE2FBC9384}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8ABE3D4-7EC9-4C77-9ED3-83DD67682C3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D950B40D-8CC3-4BE7-83D1-13B368A6EA58}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9973F7E-53AD-4689-9F26-A98006EF14A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA37AD05-5B77-48AB-A5E7-3022FB3D4828}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DAAFB5A7-AF57-4143-AEB4-CAA063C273A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DB1EFA18-F588-400C-92F7-0F00BB2ABA7B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DFB7ACC7-F074-4C25-8C7A-3E771166A647}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E09D8B76-2D2F-4127-97E9-88CAD695048D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0FC9BEF-8941-4D51-8AAA-72BBFBF07A14}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E45AA45A-FDD4-4BE9-B828-1004A3068AD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4DBE9FF-86A9-4E23-AA84-A22B647B1707}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5CEC176-A900-47A2-8778-695C03A7DFDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E68A5758-0172-4A78-B19D-9EF18C186188}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E89277E6-FD8F-4637-8F6D-979DC4EAC5BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EA263C00-5F90-4D7E-8579-BE333D611B6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EB09DC94-BF2B-4229-9C5C-9DB28A1977BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3F813A3-C7E1-4447-BFC4-7B4304BBEFE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F43E5269-FB38-4A13-A7D6-C1D25A6071B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F860AE7B-6329-40DF-8544-C2F390718937}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9C3216B-7710-494C-8CAF-A3268526EC64}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB5E98DF-E4AF-4B86-962F-EF576B167220}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{36F7941C-021D-4CE0-8B09-E52672257793}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{F5BF34CE-9E11-451C-BFFD-3AC61662ADC0}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{F782F4AE-0C50-4AD8-818D-E30977DF468A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1EDEE2B3-A007-4E0B-9F50-178421AF2954}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{35620573-FF45-4807-8658-9F3B20D419BF}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{EE0A1946-1EAA-4735-B9AC-15A490E394D5}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{10C86109-65BB-4E22-990A-110DC70DE29C}" = ESET Smart Security
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 18
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59D1195A-7E64-4120-BB37-F053D9FD45FB}" = ODF Add-in for Microsoft Office
"{64D24CA4-3E42-460A-B4C7-FB7A1CE1C629}" = VAG Info System
"{6723899D-5CB3-4F85-AB47-38ED91E83079}" = 602XML Filler
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille
"{E375D72E-5343-4F73-986C-1B00C35F1DFC}" = Disney Princezna - Kouzelná cesta
"{E692347E-2AFA-44AE-8197-5A34308B84CC}" = 602XML Filler rozšíření pro Mozilla Firefox
"µTorrent CZ_is1" = µTorrent CZ 1.7.7 (build 8179)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"B406677FA530D213D0B10B080DCD1080AE866D39" = Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/21/2009 2.04.18)
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fotostar Offline client3" = Fotostar Offline client3
"Hardlock Gerätetreiber" = Hardlock Gerätetreiber
"MiNODLogin" = ESET Antivirus License Finder (MiNODLogin)
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"VAG-COM_is1" = VAG-COM VCDS
"VLC media player" = VLC media player 1.0.3

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14.3.2010 4:38:26 | Computer Name = rokane | Source = VSS | ID = 8193
Description =

Error - 14.3.2010 4:38:27 | Computer Name = rokane | Source = System Restore | ID = 8193
Description =

Error - 14.3.2010 5:47:54 | Computer Name = rokane | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.2.3667, časové razítko 0x4b5102f0,
chybující modul xul.dll, verze 1.9.2.3667, časové razítko 0x4b5101ce, kód výjimky
0xc0000005, posun chyby 0x000b63c8, ID procesu 0x1578, čas spuštění aplikace 0x01cac359d623094b.

Error - 18.3.2010 6:53:55 | Computer Name = rokane | Source = Application Error | ID = 1000
Description = Chybující aplikace WINWORD.EXE, verze 12.0.6514.5000, časové razítko
0x4a89d533, chybující modul MSPTLS.DLL, verze 12.0.6421.1000, časové razítko 0x4993c9f7,
kód výjimky 0xc0000005, posun chyby 0x0008ccd8, ID procesu 0x16e8, čas spuštění
aplikace 0x01cac689472d71c7.

Error - 18.3.2010 11:06:56 | Computer Name = rokane | Source = Application Hang | ID = 1002
Description = Program WINWORD.EXE verze 12.0.6514.5000 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 1778 Čas zahájení: 01cac6ac30ae15cb Čas ukončení: 31

Error - 18.3.2010 15:17:16 | Computer Name = rokane | Source = Application Error | ID = 1000
Description = Chybující aplikace Skype.exe, verze 4.1.0.141, časové razítko 0x4a5efe8f,
chybující modul RPCRT4.dll, verze 6.0.6002.18024, časové razítko 0x49f05bcc, kód
výjimky 0xc0000005, posun chyby 0x0004a0c2, ID procesu 0x145c, čas spuštění aplikace
0x01cac6859601113a.

Error - 22.3.2010 3:52:58 | Computer Name = rokane | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 1.9.1.3685 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID
procesu: 1280 Čas zahájení: 01cac991a8f21192 Čas ukončení: 47

Error - 22.3.2010 7:02:51 | Computer Name = rokane | Source = Application Error | ID = 1000
Description = Chybující aplikace vlc.exe, verze 1.0.3.0, časové razítko 0x4aeacbb7,
chybující modul vlc.exe, verze 1.0.3.0, časové razítko 0x4aeacbb7, kód výjimky
0xc0000005, posun chyby 0x000016e2, ID procesu 0xbdc, čas spuštění aplikace 0x01cac9af0b4a9b75.

Error - 22.3.2010 11:58:54 | Computer Name = rokane | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.1.3685, časové razítko 0x4b68deea,
chybující modul xul.dll, verze 1.9.1.3685, časové razítko 0x4b68ddb4, kód výjimky
0xc0000005, posun chyby 0x0039d240, ID procesu 0x10c8, čas spuštění aplikace 0x01cac9d39f2fe489.

Error - 25.3.2010 15:35:29 | Computer Name = rokane | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

[ Media Center Events ]
Error - 10.10.2008 13:03:53 | Computer Name = rokane | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 10.10.2008 13:08:53 | Computer Name = rokane | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Název objektu: Media Center
Guide

Error - 10.10.2008 13:13:53 | Computer Name = rokane | Source = Media Center Guide | ID = 0
Description = Informace o události: ERROR: SqmApiWrapper.SqmFlushSession failed;
Win32 GetLastError returned 0D Proces: DefaultDomain Název objektu: Media Center
Guide

[ OSession Events ]
Error - 23.10.2009 11:54:21 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.10.2009 11:58:43 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.10.2009 13:12:35 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.10.2009 13:17:42 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

Error - 15.12.2009 9:11:01 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 193
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.12.2009 12:22:43 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 133
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8.1.2010 17:21:01 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 123
seconds with 0 seconds of active time. This session ended with a crash.

Error - 18.2.2010 5:34:37 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23
seconds with 0 seconds of active time. This session ended with a crash.

Error - 18.3.2010 6:53:53 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11.4.2010 7:33:11 | Computer Name = rokane | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 445
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2.5.2010 13:27:10 | Computer Name = rokane | Source = Service Control Manager | ID = 7000
Description =

Error - 4.5.2010 2:14:16 | Computer Name = rokane | Source = Service Control Manager | ID = 7011
Description =

Error - 5.5.2010 1:05:20 | Computer Name = rokane | Source = DCOM | ID = 10010
Description =

Error - 5.5.2010 1:08:24 | Computer Name = rokane | Source = Service Control Manager | ID = 7000
Description =

Error - 5.5.2010 7:00:17 | Computer Name = rokane | Source = Service Control Manager | ID = 7011
Description =

Error - 5.5.2010 8:01:49 | Computer Name = rokane | Source = Service Control Manager | ID = 7030
Description =

Error - 5.5.2010 8:01:49 | Computer Name = rokane | Source = Service Control Manager | ID = 7009
Description =

Error - 5.5.2010 8:01:49 | Computer Name = rokane | Source = Service Control Manager | ID = 7000
Description =

Error - 5.5.2010 8:01:52 | Computer Name = rokane | Source = Service Control Manager | ID = 7009
Description =

Error - 5.5.2010 8:01:52 | Computer Name = rokane | Source = Service Control Manager | ID = 7000
Description =

[ TuneUp Events ]
Error - 3.5.2010 5:54:04 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-03 11:54:04', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2404',1)

Error - 3.5.2010 8:28:07 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-03 14:28:07', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2404',1)

Error - 4.5.2010 2:14:27 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-04 08:14:27', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2404',1)

Error - 4.5.2010 4:22:55 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-04 10:22:55', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2404',1)

Error - 4.5.2010 7:37:41 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-04 13:37:41', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2404',1)

Error - 4.5.2010 23:55:37 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-05 05:55:37', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2404',1)

Error - 5.5.2010 1:07:12 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-05 07:07:12', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2452',0)

Error - 5.5.2010 3:58:05 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-05 09:58:05', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2452',1)

Error - 5.5.2010 4:49:05 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-05 10:49:05', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2452',1)

Error - 5.5.2010 4:54:09 | Computer Name = rokane | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "n": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2010-05-05 10:54:09', '\device\harddiskvolume2\program
files\t-mobile\web'n'walk manager\ameisvc.exe','2452',1)

< End of report >

#6 Příspěvek od **Caroprd111** » 05 kvě 2010 16:26

rok

Dobrý den,
Založte si prosím své vlastní téma.

Děkuji.

rok · #7 Příspěvek od **rok** » 05 kvě 2010 16:28

OTL logfile created on: 5.5.2010 16:43:57 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Roman\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 30,23 Gb Free Space | 40,56% Space Free | Partition Type: NTFS
Drive D: | 66,71 Gb Total Space | 30,11 Gb Free Space | 45,14% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 836,91 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 1,57 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
I: Drive not present or media not loaded

Computer Name: ROKANE
Current User Name: Roman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.05 16:40:49 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
PRC - [2010.04.07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2010.04.07 21:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2010.04.03 18:25:04 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.17 14:21:22 | 008,319,560 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009.09.11 19:58:42 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
PRC - [2009.07.15 19:46:28 | 000,487,424 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009.07.03 16:52:36 | 000,099,520 | ---- | M] (PortableAppZ.blogspot.com) -- C:\Program Files\HDInspectorPortable\HDInspectorPortable.exe
PRC - [2009.06.25 01:53:26 | 003,149,504 | ---- | M] (Altrixsoft) -- C:\Program Files\HDInspectorPortable\App\HDInspector\HDInspector.exe
PRC - [2009.05.28 18:48:36 | 000,258,134 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
PRC - [2009.05.28 18:48:35 | 001,155,180 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.08 21:25:19 | 000,058,608 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2008.10.11 18:15:13 | 000,091,432 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared Files\brs.exe
PRC - [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.03.25 17:22:47 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
PRC - [2007.08.24 06:20:16 | 000,180,224 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2007.08.17 15:58:08 | 000,057,447 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
PRC - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.08.02 04:27:50 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.07.10 19:59:56 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2007.04.19 20:32:08 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.02.15 11:07:15 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.02.06 03:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.01.18 04:26:36 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2006.12.19 02:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2006.11.22 11:31:25 | 000,630,784 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2006.11.03 12:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2005.07.07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe

========== Modules (SafeList) ==========

MOD - [2010.05.05 16:40:49 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
MOD - [2010.03.05 16:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2009.04.11 08:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009.04.11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009.04.11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 09:36:49 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008.01.19 09:36:48 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
MOD - [2008.01.19 09:36:37 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008.01.19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - [2010.04.07 21:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.04.07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.09.11 19:58:42 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.09.11 19:58:31 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.07.15 19:46:28 | 000,487,424 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009.06.22 10:20:52 | 000,458,432 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Stopped] -- C:\Program Files\HDInspectorPortable\App\HDInspector\HDDSvc.exe -- (HDDSvc)
SRV - [2009.05.28 18:48:35 | 001,155,180 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.01.08 21:25:19 | 000,058,608 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2008.12.11 13:31:36 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.17 15:58:08 | 000,057,447 | ---- | M] () [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS)
SRV - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.02.06 03:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2005.11.14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - [2010.04.07 21:08:12 | 000,041,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010.04.07 21:08:06 | 000,032,584 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2010.04.07 21:08:04 | 000,134,488 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010.04.07 21:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.04.07 21:03:46 | 000,133,512 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2009.05.28 18:48:36 | 000,034,312 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2009.01.17 19:42:33 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.01.13 10:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.11.23 12:23:06 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NSHE.SYS -- (NSHE)
DRV - [2008.10.10 10:10:26 | 000,051,040 | ---- | M] (IPWireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ipw3gnet.sys -- (IpwP)
DRV - [2008.09.15 09:56:34 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.09.15 09:56:24 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.09.15 09:56:24 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.09.15 09:56:24 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.09.09 17:10:08 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.15 12:07:00 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2008.03.13 14:51:52 | 000,057,536 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2008.03.13 14:50:02 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2008.02.01 16:17:12 | 000,138,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2008.02.01 16:17:06 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2007.08.24 17:06:20 | 000,612,096 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.08.03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.08.01 22:30:40 | 000,016,376 | ---- | M] (Gemfor s.r.o.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ethpdrv.sys -- (Ethpdrv)
DRV - [2007.07.21 16:05:33 | 002,920,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007.07.21 16:05:33 | 002,920,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.06.24 21:56:54 | 000,038,920 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.06.02 14:59:42 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2007.03.05 20:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007.03.05 20:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2007.03.01 15:24:29 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.02.14 08:11:25 | 001,740,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.01.24 12:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2007.01.24 01:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.23 05:00:59 | 000,050,176 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.12.14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.22 11:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.22 11:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006.11.02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.10.30 05:22:25 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006.10.14 05:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-146535123-57869453-1418956377-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-146535123-57869453-1418956377-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: xmlfiller@software602.cz:3.1.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:7.0.20100326W
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: printpdf@pavlov.net:0.76
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.9
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.06.24 12:30:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.04.18 20:23:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.09 17:38:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.03 18:25:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.03.17 14:21:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009.12.14 17:50:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.04.30 21:07:50 | 000,000,000 | ---D | M]

[2008.11.04 14:57:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions
[2008.11.04 14:57:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roman\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.05.05 06:06:06 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions
[2010.04.27 19:28:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.29 10:44:14 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.10.23 21:25:14 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.03.14 13:16:07 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010.02.23 12:01:05 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.04.30 20:58:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.02.23 12:01:05 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\noia2_option@kk.noia
[2010.02.28 09:56:24 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\extensions\printpdf@pavlov.net
[2009.02.26 14:22:28 | 000,000,880 | ---- | M] () -- C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\n3j7m3ws.default\searchplugins\conduit.xml
[2010.05.05 06:06:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.03 18:25:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.03.14 10:54:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2009.12.23 12:38:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\xmlfiller@software602.cz
[2010.04.03 18:25:02 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.04.03 18:25:02 | 000,137,176 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009.12.17 18:14:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.12.17 16:39:34 | 000,090,112 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npfiller.dll
[2008.06.27 17:03:12 | 001,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2010.04.03 18:25:06 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 21:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009.02.27 14:13:42 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2007.07.12 14:40:47 | 000,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.02.03 05:10:55 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.02.03 05:10:55 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.03 05:10:55 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.03 05:10:55 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.03 05:10:55 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.03 05:10:55 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.10.27 22:15:27 | 000,000,763 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [BtTray] C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKU\S-1-5-21-146535123-57869453-1418956377-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-146535123-57869453-1418956377-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-146535123-57869453-1418956377-1000..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-146535123-57869453-1418956377-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-146535123-57869453-1418956377-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-146535123-57869453-1418956377-1000\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-146535123-57869453-1418956377-1000\..Trusted Domains: postsignum.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-be ... canner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)

rok · #8 Příspěvek od **rok** » 05 kvě 2010 16:29

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Roman\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Roman\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.07 01:44:20 | 000,319,488 | R--- | M] (THQ) - G:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2007.03.29 12:45:28 | 000,000,051 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2007.12.04 14:18:34 | 000,430,080 | R--- | M] () - H:\autoplay.exe -- [ CDFS ]
O32 - AutoRun File - [2007.11.05 16:22:25 | 000,000,090 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{9cf9a0fe-7f02-11dd-94bd-001fc64cf086}\Shell - "" = AutoRun
O33 - MountPoints2\{9cf9a0fe-7f02-11dd-94bd-001fc64cf086}\Shell\AutoRun\command - "" = G:\autorun.exe -- [2007.06.07 01:44:20 | 000,319,488 | R--- | M] (THQ)
O33 - MountPoints2\{ccc5dcba-e167-11de-93e3-001167254d09}\Shell - "" = AutoRun
O33 - MountPoints2\{ccc5dcba-e167-11de-93e3-001167254d09}\Shell\AutoRun\command - "" = H:\autoplay.exe -- [2007.12.04 14:18:34 | 000,430,080 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.05.05 16:40:03 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2010.05.05 15:51:50 | 000,000,000 | ---D | C] -- C:\VAG-COM
[2010.05.05 15:06:26 | 007,284,515 | ---- | C] ( ) -- C:\Users\Roman\Desktop\vag-com-805-CZ.exe
[2010.05.05 14:01:48 | 000,000,000 | ---D | C] -- C:\Users\Roman\AppData\Roaming\AltrixSoft
[2010.05.05 11:09:27 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010.04.14 11:39:25 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 11:39:24 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 11:38:52 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 11:38:46 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.14 11:38:43 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.07 21:08:12 | 000,041,312 | ---- | C] (ESET) -- C:\Windows\System32\drivers\epfwwfp.sys
[2010.04.07 21:08:06 | 000,032,584 | ---- | C] (ESET) -- C:\Windows\System32\drivers\epfwndis.sys
[2010.04.07 21:08:04 | 000,134,488 | ---- | C] (ESET) -- C:\Windows\System32\drivers\epfw.sys
[2010.04.07 21:07:08 | 000,114,984 | ---- | C] (ESET) -- C:\Windows\System32\drivers\ehdrv.sys
[2010.04.07 21:03:46 | 000,133,512 | ---- | C] (ESET) -- C:\Windows\System32\drivers\eamonm.sys
[2007.01.24 12:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.05.05 16:42:29 | 004,194,304 | -HS- | M] () -- C:\Users\Roman\ntuser.dat
[2010.05.05 16:40:49 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Roman\Desktop\OTL.exe
[2010.05.05 16:00:11 | 000,000,486 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2010.05.05 15:52:45 | 000,001,360 | ---- | M] () -- C:\Users\Roman\Desktop\VCDS.lnk
[2010.05.05 15:10:41 | 007,284,515 | ---- | M] ( ) -- C:\Users\Roman\Desktop\vag-com-805-CZ.exe
[2010.05.05 15:00:29 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 15:00:29 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.05 13:51:49 | 000,000,030 | ---- | M] () -- C:\Windows\System\KVAREZ.dll
[2010.05.05 13:44:10 | 000,000,000 | -H-- | M] () -- C:\Windows\msds.dat
[2010.05.05 13:00:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.05 11:43:50 | 000,110,080 | ---- | M] () -- C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.05 07:07:04 | 000,001,002 | ---- | M] () -- C:\Windows\System32\bscs.ini
[2010.05.05 07:07:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.05 07:06:51 | 2012,504,064 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.05 07:05:35 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.05.05 07:05:24 | 000,524,288 | -HS- | M] () -- C:\Users\Roman\ntuser.dat{c88667fb-cf3e-11dd-809c-001fc64cf086}.TMContainer00000000000000000001.regtrans-ms
[2010.05.05 07:05:24 | 000,065,536 | -HS- | M] () -- C:\Users\Roman\ntuser.dat{c88667fb-cf3e-11dd-809c-001fc64cf086}.TM.blf
[2010.05.05 07:04:57 | 003,673,836 | -H-- | M] () -- C:\Users\Roman\AppData\Local\IconCache.db
[2010.05.04 17:19:29 | 000,000,668 | ---- | M] () -- C:\Users\Roman\AppData\Roaming\vso_ts_preview.xml
[2010.05.04 16:26:18 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.05.04 14:30:30 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{54642708-6CAA-4CC0-B5F0-97E015DAAB15}.job
[2010.05.02 20:43:01 | 000,010,318 | ---- | M] () -- C:\Users\Roman\Desktop\Stahování oken DO.docx
[2010.05.01 21:22:20 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Fotostar Offline client3.lnk
[2010.05.01 21:13:02 | 000,602,092 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.05.01 21:13:02 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.01 21:13:02 | 000,116,204 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.05.01 21:13:02 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.01 21:13:01 | 001,402,454 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.30 21:12:34 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010.04.30 21:12:10 | 000,389,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.29 21:21:23 | 000,000,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizovat ESET licenci.lnk
[2010.04.29 21:21:23 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Aktualizovat ESET licenci.lnk
[2010.04.29 12:43:16 | 000,478,931 | ---- | M] () -- C:\uninstall.exe
[2010.04.20 15:35:10 | 000,009,662 | ---- | M] () -- C:\Windows\EPISME00.SWB
[2010.04.20 15:12:03 | 000,004,337 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI
[2010.04.15 16:19:59 | 000,000,324 | ---- | M] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2010.04.15 16:19:23 | 000,004,083 | ---- | M] () -- C:\Windows\System32\SHORTCUT.INI
[2010.04.15 16:09:27 | 000,000,098 | ---- | M] () -- C:\Windows\System32\LOCALDEVICE.INI
[2010.04.14 11:49:19 | 000,000,374 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010.04.10 10:31:20 | 000,009,972 | ---- | M] () -- C:\Users\Roman\Desktop\Burges V4NCT7 spínač do dveří.docx
[2010.04.07 21:08:12 | 000,041,312 | ---- | M] (ESET) -- C:\Windows\System32\drivers\epfwwfp.sys
[2010.04.07 21:08:06 | 000,032,584 | ---- | M] (ESET) -- C:\Windows\System32\drivers\epfwndis.sys
[2010.04.07 21:08:04 | 000,134,488 | ---- | M] (ESET) -- C:\Windows\System32\drivers\epfw.sys
[2010.04.07 21:07:08 | 000,114,984 | ---- | M] (ESET) -- C:\Windows\System32\drivers\ehdrv.sys
[2010.04.07 21:03:46 | 000,133,512 | ---- | M] (ESET) -- C:\Windows\System32\drivers\eamonm.sys
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.05.05 15:52:45 | 000,001,360 | ---- | C] () -- C:\Users\Roman\Desktop\VCDS.lnk
[2010.05.05 13:48:44 | 000,000,030 | ---- | C] () -- C:\Windows\System\KVAREZ.dll
[2010.05.02 20:42:59 | 000,010,318 | ---- | C] () -- C:\Users\Roman\Desktop\Stahování oken DO.docx
[2010.04.29 12:41:46 | 000,242,475 | ---- | C] () -- C:\ca-bundle.crt
[2010.04.21 08:36:29 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Aktualizovat ESET licenci.lnk
[2010.04.10 10:31:19 | 000,009,972 | ---- | C] () -- C:\Users\Roman\Desktop\Burges V4NCT7 spínač do dveří.docx
[2010.02.22 22:14:33 | 000,006,836 | ---- | C] () -- C:\Windows\System32\UNWISE.INI
[2009.12.05 11:07:25 | 000,001,308 | ---- | C] () -- C:\Windows\disney.ini
[2009.12.05 11:07:04 | 000,000,198 | ---- | C] () -- C:\Windows\disneysy.ini
[2009.07.01 19:38:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.05.28 18:55:49 | 000,004,083 | ---- | C] () -- C:\Windows\System32\SHORTCUT.INI
[2009.05.28 18:53:37 | 000,000,324 | ---- | C] () -- C:\Windows\System32\REMOTEDEVICE.INI
[2009.05.28 18:53:19 | 000,004,337 | ---- | C] () -- C:\Windows\System32\LOCALSERVICE.INI
[2009.05.28 18:53:09 | 000,000,098 | ---- | C] () -- C:\Windows\System32\LOCALDEVICE.INI
[2009.05.28 18:47:44 | 000,000,000 | ---- | C] () -- C:\Windows\System32\BSPRINT.INI
[2009.04.21 18:59:31 | 000,129,248 | ---- | C] () -- C:\Windows\System32\drivers\snapman.sys
[2009.04.21 18:59:25 | 000,368,736 | ---- | C] () -- C:\Windows\System32\drivers\tdrpman.sys
[2009.01.14 12:57:52 | 000,000,374 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008.11.19 20:45:54 | 000,000,529 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2008.11.15 15:31:32 | 000,000,394 | ---- | C] () -- C:\Windows\capture.ini
[2008.11.09 19:32:41 | 000,002,925 | ---- | C] () -- C:\Windows\UN32P.INI
[2008.10.27 12:57:01 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.10.13 21:04:21 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.10.12 17:10:02 | 000,056,320 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[2008.09.29 15:17:00 | 000,002,048 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008.09.29 15:17:00 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2008.09.29 15:17:00 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2008.09.29 15:17:00 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2008.09.29 15:17:00 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2008.09.09 21:01:48 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2008.09.09 20:30:57 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2008.09.09 17:10:07 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.09.09 15:52:49 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.03.25 17:22:59 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008.02.04 18:23:10 | 000,693,792 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2007.09.27 00:07:02 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.09.14 10:34:20 | 000,001,002 | ---- | C] () -- C:\Windows\System32\bscs.ini
[2007.08.17 15:59:36 | 000,278,647 | ---- | C] () -- C:\Windows\System32\outlookAddin.dll
[2007.08.17 15:59:14 | 000,528,485 | ---- | C] () -- C:\Windows\System32\BSShell.dll
[2007.08.17 15:57:54 | 000,077,923 | ---- | C] () -- C:\Windows\System32\Bs2Res.dll
[2007.07.30 09:32:16 | 016,326,769 | ---- | C] () -- C:\Windows\System32\BsLangInDepRes.dll
[2007.07.21 15:55:19 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.06.29 12:07:36 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2007.04.21 13:15:38 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007.03.30 00:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2007.03.19 10:59:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\BsVistaCommon.dll
[2007.03.10 13:51:48 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007.02.06 02:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 04:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006.02.25 20:09:38 | 000,774,144 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2009.12.03 21:49:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Ace
[2010.05.05 14:01:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\AltrixSoft
[2009.10.31 17:40:37 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\AltrixSoft-BackupByHDInspectorPortable
[2009.06.05 21:57:10 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BSplayer Pro
[2009.06.06 10:15:27 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools
[2009.06.15 16:24:04 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DMCache
[2008.09.19 10:35:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DVDFab
[2008.09.10 10:56:53 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ESET
[2010.04.30 20:02:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\esmska
[2009.06.04 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\FlashGet
[2009.10.01 15:41:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ICQ
[2009.06.15 16:21:18 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\IDM
[2008.10.18 11:40:08 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\JLC's Software
[2008.11.04 19:46:15 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\MozBackup
[2009.11.06 08:24:53 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\nod32 updater
[2008.09.26 11:17:11 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Nokia
[2008.10.26 15:22:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OpenOffice.org
[2009.07.17 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\PC Suite
[2008.09.09 17:47:03 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\PeerNetworking
[2008.10.18 12:37:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\RapidSolution
[2010.01.13 18:53:49 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Software Informer
[2010.01.13 17:46:43 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Software602
[2010.05.05 15:26:02 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Spyware Terminator
[2009.06.06 10:15:28 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Thunderbird
[2009.11.12 22:31:44 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Tracker Software
[2008.09.16 15:46:56 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TuneUp Software
[2010.05.05 15:17:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\uTorrent
[2010.05.04 17:19:30 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Vso
[2008.09.12 17:13:13 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Zoner
[2010.05.05 16:00:11 | 000,000,486 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2010.05.05 07:05:41 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.05.04 14:30:30 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{54642708-6CAA-4CC0-B5F0-97E015DAAB15}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun -- [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 09:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"ISUSPM Startup" = C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup -- [2004.06.16 07:03:26 | 000,221,184 | ---- | M] (InstallShield Software Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2008.10.01 09:29:44 | 000,966,656 | ---- | M] () -- C:\assistant.exe
[2008.12.18 15:51:02 | 004,648,960 | ---- | M] () -- C:\Fotostar Offline client2.exe
[2009.12.10 12:04:42 | 005,402,624 | ---- | M] () -- C:\Fotostar Offline client3.exe
[2010.04.29 12:43:16 | 000,478,931 | ---- | M] () -- C:\uninstall.exe
[2008.09.15 07:58:08 | 002,723,264 | ---- | M] (Microsoft Corporation) -- C:\vcredist_x86.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.12.03 21:49:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Ace
[2009.12.14 19:44:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Adobe
[2008.09.09 13:07:52 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Ahead
[2010.05.05 14:01:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\AltrixSoft
[2009.10.31 17:40:37 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\AltrixSoft-BackupByHDInspectorPortable
[2008.10.10 07:55:56 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Apple Computer
[2008.09.09 12:47:31 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ATI
[2009.06.05 21:57:10 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\BSplayer Pro
[2008.11.15 01:50:23 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Corel
[2008.10.11 18:34:38 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\CyberLink
[2009.06.06 10:15:27 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DAEMON Tools
[2009.06.15 16:24:04 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DMCache
[2010.04.20 11:44:27 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\dvdcss
[2008.09.19 10:35:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\DVDFab
[2008.09.10 10:56:53 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ESET
[2010.04.30 20:02:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\esmska
[2009.06.04 22:09:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\FlashGet
[2009.10.01 15:41:50 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\ICQ
[2008.09.09 12:46:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Identities
[2009.06.15 16:21:18 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\IDM
[2009.12.03 21:45:42 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\InstallShield
[2008.10.18 11:40:08 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\JLC's Software
[2008.09.09 12:47:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Macromedia
[2009.02.11 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Media Center Programs
[2008.09.09 16:59:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Media Player Classic
[2009.12.14 19:28:49 | 000,000,000 | --SD | M] -- C:\Users\Roman\AppData\Roaming\Microsoft
[2008.11.04 19:46:15 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\MozBackup
[2008.11.04 14:57:46 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Mozilla
[2008.10.29 16:30:55 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Nero
[2009.11.06 08:24:53 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\nod32 updater
[2008.09.26 11:17:11 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Nokia
[2008.10.26 15:22:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\OpenOffice.org
[2009.07.17 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\PC Suite
[2008.09.09 17:47:03 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\PeerNetworking
[2008.10.18 12:37:35 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\RapidSolution
[2008.12.10 10:43:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Real
[2010.05.05 16:23:34 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Skype
[2009.03.15 09:01:55 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\skypePM
[2010.01.13 18:53:49 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Software Informer
[2010.01.13 17:46:43 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Software602
[2010.05.05 15:26:02 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Spyware Terminator
[2009.01.30 19:55:48 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\SUPERAntiSpyware.com
[2008.09.10 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Talkback
[2009.06.06 10:15:28 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Thunderbird
[2009.11.12 22:31:44 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Tracker Software
[2008.09.16 15:46:56 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\TuneUp Software
[2010.05.05 15:17:47 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\uTorrent
[2010.05.05 15:06:07 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\vlc
[2010.05.04 17:19:30 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Vso
[2009.06.06 10:15:28 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Winamp
[2008.09.12 15:01:30 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\WinRAR
[2008.09.12 17:13:13 | 000,000,000 | ---D | M] -- C:\Users\Roman\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2009.06.09 14:47:29 | 000,081,920 | ---- | M] () -- C:\Users\Roman\AppData\Roaming\ezpinst.exe

< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.09.09 16:20:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.09.09 16:20:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.09.09 16:20:28 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.03.25 16:16:15 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.03.25 16:16:15 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 08:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\System32\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.09.09 16:19:34 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.09.09 16:19:35 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2007.07.21 15:55:31 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2009.04.11 08:28:25 | 000,443,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.09.09 17:10:08 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
[1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2007.07.21 15:55:31 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll
[2009.04.11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009.04.11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2009.04.11 08:28:25 | 000,443,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

========== Alternate Data Streams ==========

@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:0295CBF7
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

#9 Příspěvek od **Caroprd111** » 05 kvě 2010 16:29

Caroprd111 píše:rok

Dobrý den,
Založte si prosím své vlastní téma.

Děkuji.

15a · #10 Příspěvek od **15a** » 09 kvě 2010 09:21

az ted jsem se k tomu dostal , scan ale neprobehne zastavise na souboru C:/Windows/System/zipfldr.dll , scanuje to hodinu a nic . . .

dekuji

#11 Příspěvek od **Caroprd111** » 09 kvě 2010 10:40

Zkuste spustit OTL bez skriptu.

15a · #12 Příspěvek od **15a** » 09 kvě 2010 11:08

OTL.txt

OTL logfile created on: 9.5.2010 11:59:03 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Internet\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 012,00 Mb Total Physical Memory | 393,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 109,14 Gb Free Space | 46,87% Space Free | Partition Type: NTFS
Drive D: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 647,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOUSER-3E4D32D7
Current User Name: Internet
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.05.09 09:32:24 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Internet\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.04.16 09:22:16 | 005,206,824 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2010.04.02 18:12:38 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.09 10:13:08 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.03.09 10:12:56 | 002,140,880 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.10.20 14:59:18 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2008.06.15 10:11:35 | 000,606,720 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.06.15 10:11:34 | 001,817,600 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.06.27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006.07.10 12:30:22 | 000,204,800 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2005.04.02 01:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

========== Modules (SafeList) ==========

MOD - [2010.05.09 09:32:24 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Internet\Dokumenty\Stažené soubory\OTL.exe
MOD - [2010.04.16 09:22:16 | 000,107,816 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TV.dll
MOD - [2009.10.20 14:59:02 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.07.11 19:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.03.09 10:14:36 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.03.09 10:13:08 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.06.15 10:11:35 | 000,606,720 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006.07.10 12:30:22 | 000,204,800 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005.04.02 01:51:48 | 000,217,600 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- (StarWindService)

========== Driver Services (SafeList) ==========

DRV - [2010.03.09 10:13:32 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.03.09 10:13:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.03.09 10:11:22 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2008.11.03 10:46:34 | 006,273,504 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2008.08.26 05:57:39 | 000,032,288 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008.08.26 05:57:38 | 000,388,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2008.08.26 05:57:35 | 000,099,776 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008.06.15 10:11:34 | 000,141,312 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.18 06:22:44 | 004,652,544 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.12.20 17:32:12 | 000,030,816 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iqvw32.sys -- (NAL)
DRV - [2006.07.05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.07.08 14:44:18 | 000,159,616 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\vax347b.sys -- (vax347b)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.05.14 00:54:34 | 000,014,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2004.05.14 00:54:32 | 000,021,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2004.05.14 00:54:28 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2004.05.14 00:54:26 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2004.05.14 00:54:24 | 000,044,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vax347s.sys -- (vax347s)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076

IE - HKU\.DEFAULT\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-329068152-2139871995-725345543-1011\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-329068152-2139871995-725345543-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Crawler Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..keyword.URL: "http://www.crawler.com/search/dispatche ... 60076&qkw="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://home.sweetim.com"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.15 14:11:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.02 18:12:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.14 19:03:33 | 000,000,000 | ---D | M]

[2009.04.11 22:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\Mozilla\Extensions
[2010.05.08 22:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\Mozilla\Firefox\Profiles\tqsfu30p.default\extensions
[2010.04.27 14:01:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Internet\Data aplikací\Mozilla\Firefox\Profiles\tqsfu30p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.27 14:01:15 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Internet\Data aplikací\Mozilla\Firefox\Profiles\tqsfu30p.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.12.04 13:32:01 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Internet\Data aplikací\Mozilla\Firefox\Profiles\tqsfu30p.default\searchplugins\sweetim.xml
[2010.05.09 09:31:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.02.16 16:37:13 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.16 16:37:13 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.16 16:37:13 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.16 16:37:13 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.16 16:37:13 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.04.09 12:26:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - No CLSID value found.
O3 - HKU\S-1-5-21-329068152-2139871995-725345543-1011\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - HKU\S-1-5-21-329068152-2139871995-725345543-1011..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\.DEFAULT..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-18..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-2139871995-725345543-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-2139871995-725345543-1011\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Internet\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Internet\Data aplikací\Mozilla\Firefox\Pozadí plochy.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.26 01:40:24 | 000,000,107 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{31ec2364-469d-11de-90e3-001cc05afe4e}\Shell - "" = AutoRun
O33 - MountPoints2\{31ec2364-469d-11de-90e3-001cc05afe4e}\Shell\AutoRun\command - "" = E:\RunGame.exe -- [2004.10.26 01:40:24 | 000,192,512 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.02 19:04:32 | 000,000,000 | ---D | C] -- C:\Michal David - Nejvetsi Italske Hity - 2003
[2010.05.02 18:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Internet\Michal David - Nejvetsi Italske Hity - 2003
[2010.05.02 18:56:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Internet\Plocha\Michal David - Nejvetsi Italske Hity - 2003
[2010.04.27 19:50:49 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.27 19:50:45 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.27 19:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Internet\Data aplikací\Malwarebytes
[2010.04.27 19:23:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.27 19:23:06 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.27 19:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.04.27 19:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.27 19:13:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Internet\Recent
[2010.04.27 19:11:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.04.27 18:33:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Internet\Data aplikací\TeamViewer
[2010.04.27 18:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010.04.16 07:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010.04.15 21:32:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Překladač Google_soubory
[2010.04.15 13:55:36 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Internet\IECompatCache
[2010.04.14 08:37:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Temp
[2010.04.09 12:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6(2).5
[2010.04.09 12:08:27 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6(3).5
[2010.04.09 12:01:58 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6(4).5
[2009.05.22 08:48:03 | 000,159,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347b.sys
[2009.05.22 08:48:03 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\vax347s.sys

========== Files - Modified Within 30 Days ==========

[2010.05.09 12:00:13 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.05.09 11:37:00 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.09 09:23:20 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 5.lnk
[2010.05.09 09:17:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.09 09:17:08 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.09 09:17:00 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.09 09:16:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.09 00:42:31 | 004,456,448 | ---- | M] () -- C:\Documents and Settings\Internet\NTUSER.DAT
[2010.05.09 00:42:18 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Internet\ntuser.ini
[2010.05.09 00:42:05 | 018,260,300 | -H-- | M] () -- C:\Documents and Settings\Internet\Local Settings\Data aplikací\IconCache.db
[2010.05.08 18:17:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.08 18:11:12 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Internet\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.08 18:10:12 | 788,480,260 | ---- | M] () -- C:\Documents and Settings\Internet\Plocha\Ronja dcera loupežníka (cz dabing) avi.avi
[2010.05.02 14:34:58 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.27 19:23:12 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.27 19:11:49 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Internet\Plocha\CCleaner.lnk
[2010.04.27 19:05:58 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.27 18:31:50 | 002,843,056 | ---- | M] () -- C:\Documents and Settings\Internet\Plocha\TeamViewer_Setup.exe
[2010.04.20 16:34:27 | 774,024,796 | ---- | M] () -- C:\Documents and Settings\Internet\Plocha\Gladiator 2000 CZ.avi
[2010.04.18 11:00:06 | 000,278,016 | ---- | M] () -- C:\Documents and Settings\Internet\Dokumenty\Sklenář.ppt
[2010.04.15 21:32:27 | 000,039,952 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\Překladač Google.htm
[2010.04.15 14:07:14 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.04.15 14:07:14 | 000,429,024 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.04.15 14:07:14 | 000,078,052 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.04.15 14:07:14 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.04.15 14:07:13 | 001,018,712 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.04.15 14:01:58 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.04.14 08:41:05 | 000,001,921 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.04.10 16:31:58 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\Internet\Dokumenty\spider.sav

========== Files Created - No Company Name ==========

[2010.05.08 16:09:41 | 788,480,260 | ---- | C] () -- C:\Documents and Settings\Internet\Plocha\Ronja dcera loupežníka (cz dabing) avi.avi
[2010.04.27 19:23:12 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.04.27 19:11:49 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Internet\Plocha\CCleaner.lnk
[2010.04.27 18:33:48 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 5.lnk
[2010.04.27 18:31:26 | 002,843,056 | ---- | C] () -- C:\Documents and Settings\Internet\Plocha\TeamViewer_Setup.exe
[2010.04.20 15:50:44 | 774,024,796 | ---- | C] () -- C:\Documents and Settings\Internet\Plocha\Gladiator 2000 CZ.avi
[2010.04.18 11:00:06 | 000,278,016 | ---- | C] () -- C:\Documents and Settings\Internet\Dokumenty\Sklenář.ppt
[2010.04.15 21:32:26 | 000,039,952 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\Překladač Google.htm
[2010.04.15 14:01:56 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.04.14 08:41:05 | 000,001,921 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.01.28 17:34:39 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.01.28 17:32:43 | 000,197,120 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2009.06.11 15:25:25 | 000,000,068 | ---- | C] () -- C:\WINDOWS\System32\09wutili.sys
[2009.05.20 21:04:34 | 000,015,235 | ---- | C] () -- C:\WINDOWS\System32\msdx92.dll
[2008.12.20 18:25:47 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008.12.20 18:25:43 | 000,056,320 | R--- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2008.12.07 09:53:28 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008.12.03 09:29:53 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2008.07.17 20:16:24 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.07.04 09:21:07 | 000,008,421 | ---- | C] () -- C:\WINDOWS\GERMMENU.INI
[2008.07.04 09:20:52 | 000,004,760 | ---- | C] () -- C:\WINDOWS\ENGLMENU.INI
[2008.07.03 23:00:49 | 000,002,907 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.07.02 20:49:12 | 000,000,041 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.07.02 20:09:18 | 000,000,592 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.07.02 20:09:03 | 000,000,666 | ---- | C] () -- C:\WINDOWS\WEBTRAN4.INI
[2008.07.02 20:08:55 | 000,003,643 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.07.02 20:08:55 | 000,001,037 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.07.02 18:01:38 | 000,000,494 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.02 13:41:24 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.06.15 10:11:34 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.05.28 22:43:13 | 000,000,211 | ---- | C] () -- C:\WINDOWS\System32\BOOTBAK.INI

========== LOP Check ==========

[2008.08.26 06:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2008.06.04 19:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
[2009.09.13 20:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2009.04.17 07:51:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Aliasworlds
[2009.03.09 21:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2008.12.10 21:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EleFun Games
[2009.10.30 21:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.06.20 18:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.10 22:36:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Meridian93
[2008.07.09 19:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Seznam DVD 2008
[2009.05.20 21:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Software4u
[2010.05.07 08:24:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.01.09 17:13:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2009.05.20 22:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2008.12.10 23:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Veselé Omalovánky 3
[2009.06.27 21:42:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WildTangent
[2009.02.11 19:10:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing,, s.r.o
[2010.01.28 17:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\Atari
[2009.07.14 20:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\BeachPartyCraze
[2010.04.02 21:31:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\ICQ
[2009.04.22 21:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\IObit
[2009.07.02 15:49:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\PetShowCraze
[2009.06.10 20:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\SprillBermudeChech
[2010.05.07 08:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\Spyware Terminator
[2010.04.27 18:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\TeamViewer
[2008.07.17 22:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Spyware Terminator
[2009.07.04 21:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sprava\Data aplikací\Spyware Terminator
[2010.05.09 12:00:13 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========

========== Alternate Data Streams ==========

< End of report >

15a · #13 Příspěvek od **15a** » 09 kvě 2010 11:09

Extras

OTL Extras logfile created on: 9.5.2010 11:59:03 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Internet\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 012,00 Mb Total Physical Memory | 393,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 109,14 Gb Free Space | 46,87% Space Free | Partition Type: NTFS
Drive D: | 4,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 647,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOUSER-3E4D32D7
Current User Name: Internet
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{54699D7E-6710-4318-A488-7F8BF82BAB59}" = Testy Autoškola
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{648F9C94-EC44-487B-9DA4-44ED72A082CC}" = Logitech Gaming Software
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{76F4DD9B-C246-4BE0-00B6-3DE9ABF72299}" = Need For Speed Hot Pursuit 2
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{84BAD30E-07CD-496A-AC88-EE9C8DFE2327}_is1" = FlatOut
"{888D0F50-FF0A-4808-966E-23D63277BF2A}" = Intel(R) Network Connections 12.4.38.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{909F8EBC-EC7F-48FF-0085-475D818F0F31}" = Need for Speed Underground 2
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Essentials
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9BC6652C-2375-4D21-9970-85429EEC7177}" = Kao
"{9DFF6811-C498-45E4-94C8-A0B98FCBEC32}" = ESET NOD32 Antivirus
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A12BBE50-840D-4BD0-89D8-585F7C6AA7B4}_is1" = Starsky & Hutch
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B1914265-0D07-48E0-A937-F20A76D0032D}" = Acronis True Image Home
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E9F81423-211E-46B6-9AE0-38568BC5CF6F}" =
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F86B4C7B-B846-4039-878D-6CC8F8D3370E}_is1" = SRS - Street Racing Syndicate
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Ant Movie Catalog_is1" = Ant Movie Catalog
"CCleaner" = CCleaner (remove only)
"Command and Conquer Renegade" = Command and Conquer Renegade
"DVD Shrink_is1" = DVD Shrink 3.2
"EADM" = EA Download Manager
"GameSpy Arcade" = GameSpy Arcade
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IZArc 3.5 beta 2_is1" = IZArc 3.5 beta 2
"Mad_Race_is1" = Mad Race
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Medvěd Míša - Cesta kolem světa" = Medvěd Míša - Cesta kolem světa
"Medvěd Míša - Zakletý hrad" = Medvěd Míša - Zakletý hrad
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mořské dobrodružství" = Mořské dobrodružství
"Mozilla Firefox (3.5.9)" = Mozilla Firefox (3.5.9)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"Racer" = Racer
"Spyware Terminator_is1" = Spyware Terminator
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zoo Empire_is1" = Zoo Empire 1.21

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5.5.2010 8:18:23 | Computer Name = HOUSER-3E4D32D7 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 5.5.2010 8:37:30 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 5.5.2010 9:37:37 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 6.5.2010 3:37:25 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 6.5.2010 4:37:26 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 6.5.2010 5:37:33 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 6.5.2010 6:00:47 | Computer Name = HOUSER-3E4D32D7 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 1.1.1593.0,
P5 mpsigdwn.dll, P6 1.1.1593.0, P7 windows defender, P8 NIL, P9 NIL, P10 NIL.

Error - 6.5.2010 6:37:33 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 6.5.2010 7:37:34 | Computer Name = HOUSER-3E4D32D7 | Source = Google Update | ID = 20
Description =

Error - 7.5.2010 8:56:32 | Computer Name = HOUSER-3E4D32D7 | Source = Application Error | ID = 1000
Description = Chybující aplikace crazyfrog2.exe, verze 1.0.0.1, chybující modul
crazyfrog2.exe, verze 1.0.0.1, adresa chyby 0x0008611b.

[ System Events ]
Error - 5.5.2010 2:04:48 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba brány aplikačního rozhraní.

Error - 5.5.2010 2:04:57 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Služba brány aplikačního rozhraní neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 5.5.2010 7:58:11 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 5.5.2010 10:34:03 | Computer Name = HOUSER-3E4D32D7 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 001CC05AFE4E
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 5.5.2010 16:27:53 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 6.5.2010 3:00:36 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 6.5.2010 8:04:24 | Computer Name = HOUSER-3E4D32D7 | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.100.11 pro síťovou kartu s adresou 001CC05AFE4E
byla serverem DHCP 192.168.100.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 7.5.2010 2:17:16 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 8.5.2010 6:42:01 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 9.5.2010 3:17:33 | Computer Name = HOUSER-3E4D32D7 | Source = Service Control Manager | ID = 7000
Description = Služba Ovladač paralelního portu neuspěla při spuštění v důsledku
následující chyby: %%1058

< End of report >

dekuji

15a · #14 Příspěvek od **15a** » 09 kvě 2010 11:11

OTL , doplneni

dale tam je neco takoveho
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\mswstr10.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\mswdat10.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\msjtes40.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\msjter40.dll:KAVICHS

a asi miliarda souboru

to jsem nepovazoval za nutne ... ?

dekuji

#15 Příspěvek od **Caroprd111** » 09 kvě 2010 18:38

15a píše:OTL , doplneni

dale tam je neco takoveho
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\mswstr10.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\mswdat10.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\msjtes40.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\msjter40.dll:KAVICHS

a asi miliarda souboru to jsem nepovazoval za nutne ... ? dekuji

Tyto soubory také potřebuji vidět.

VIRY.CZ

Trojan.ExOptions.Gen

Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen

Re: Trojan.ExOptions.Gen