Prosím o kontrolu (prevetivně) :)

Zpráva

marek2600 · #1 Příspěvek od **marek2600** » 08 čer 2010 17:07

Logfile of random's system information tool 1.07 (written by random/random)
Run by Marek at 2010-06-08 18:05:56
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (22%) free of 72 GB
Total RAM: 1022 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:05, on 8.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
C:\UGSPLM\I-DEAS11\sec\eds_id11.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exe
C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Elantech\ktp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\QIP\qip.exe
C:\Documents and Settings\Marek\Plocha\RSIT.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/go.php?verb=register-home&lang=cze
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Sidewalker] C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exe
O4 - HKLM\..\Run: [CASS] C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\ktp.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O16 - DPF: {A31CCCB0-46A8-11D3-A726-005004B35102} (XView Class) - https://wan.con.siemens.co.uk/3D-Model- ... werWeb.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Active@ Disk Monitor - LSoft Technologies Inc - C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: I-DEAS License Manager 11.0 - GLOBEtrotter Software Inc. - C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: IT iona_services.config_rep.bo2-0602b cfr-MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe
O23 - Service: IT iona_services.locator.bo2-0602b MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
O23 - Service: IT iona_services.naming.bo2-0602b MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
O23 - Service: IT iona_services.node_daemon.bo2-0602b MyDomain - IONA Technologies - C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE

--
End of file - 12061 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2010-02-20 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidewalker"=C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exe [2006-04-13 36864]
"CASS"=C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe [2006-04-04 180224]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-04-14 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-04-14 602182]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2006-04-14 569413]
"tsnp2std"=C:\WINDOWS\system32\tsnp2std.exe [2006-06-14 331776]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-05-15 675840]
"KTPWare"=C:\Program Files\Elantech\ktp.exe [2006-03-28 512000]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-08-25 53248]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-12-12 88204]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-02-08 7405568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WEBTRAN"= []
"OEXPRESS"= []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9baa28bf-4fbd-11df-a2dc-00197edfeb8d}]
shell\AutoRun\command - bunda\\vratije.exe
shell\explore\command - bunda\vratije.exe
shell\install\command - bunda\vratije.exe
shell\open\command - bunda\vratije.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ef61a6be-8f2d-11dd-9f11-0016d4d37d41}]
shell\AutoRun\command - bunda\\vratije.exe
shell\explore\command - bunda\vratije.exe
shell\install\command - bunda\vratije.exe
shell\open\command - bunda\vratije.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fc8cdf7a-6496-11de-a18d-0016d4d37d41}]
shell\AutoRun\command - bunda\\vratije.exe
shell\explore\command - bunda\vratije.exe
shell\install\command - bunda\vratije.exe
shell\open\command - bunda\vratije.exe

======File associations======

.scr - open - "C:\WINDOWS\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-05-31 18:35:35 ----SHD---- C:\RECYCLER
2010-05-30 21:34:40 ----A---- C:\ComboFix.txt
2010-05-30 21:12:04 ----A---- C:\WINDOWS\MBR.exe
2010-05-30 21:12:03 ----A---- C:\WINDOWS\PEV.exe
2010-05-30 20:12:14 ----RAD---- C:\autorun.inf
2010-05-30 18:15:22 ----D---- C:\Program Files\trend micro
2010-05-30 18:15:21 ----D---- C:\rsit

======List of files/folders modified in the last 1 months======

2010-06-08 18:06:05 ----D---- C:\WINDOWS\Prefetch
2010-06-08 16:41:37 ----D---- C:\WINDOWS\Temp
2010-06-08 16:39:53 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-08 14:06:16 ----D---- C:\Documents and Settings\Marek\Data aplikací\SolidWorks
2010-06-08 13:33:04 ----D---- C:\Temp
2010-06-08 12:53:10 ----SD---- C:\WINDOWS\Tasks
2010-06-08 07:13:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2010-06-07 20:15:35 ----D---- C:\flexlm
2010-06-07 15:22:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-07 07:41:20 ----D---- C:\WINDOWS
2010-06-05 15:54:16 ----D---- C:\WINDOWS\system32
2010-06-05 15:21:01 ----SHD---- C:\System Volume Information
2010-06-05 15:21:01 ----D---- C:\WINDOWS\system32\Restore
2010-06-02 15:46:35 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-30 21:34:47 ----D---- C:\WINDOWS\system32\drivers
2010-05-30 21:34:47 ----D---- C:\Qoobox
2010-05-30 21:31:38 ----D---- C:\WINDOWS\ERDNT
2010-05-30 21:26:52 ----A---- C:\WINDOWS\system.ini
2010-05-30 21:24:17 ----D---- C:\WINDOWS\system32\config
2010-05-30 21:20:11 ----D---- C:\WINDOWS\AppPatch
2010-05-30 21:20:07 ----D---- C:\Program Files\Common Files
2010-05-30 20:12:55 ----D---- C:\Program Files
2010-05-30 20:11:21 ----D---- C:\Documents and Settings\Marek\Data aplikací\MxBoost
2010-05-30 18:19:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-05-30 18:10:41 ----D---- C:\Documents and Settings\Marek\Data aplikací\Spyware Terminator
2010-05-27 18:22:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-25 12:57:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-25 12:57:25 ----D---- C:\Program Files\Internet Explorer
2010-05-21 17:29:52 ----D---- C:\Program Files\AIMP2
2010-05-20 22:27:00 ----D---- C:\WINDOWS\Registration
2010-05-17 13:22:20 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-05-14 21:11:51 ----D---- C:\Program Files\CCleaner
2010-05-14 20:47:53 ----D---- C:\instalačky
2010-05-14 20:29:24 ----D---- C:\Program Files\PSPad editor
2010-05-12 22:53:59 ----A---- C:\WINDOWS\TRNCOM.INI
2010-05-12 22:53:57 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-05-10 15:02:24 ----D---- C:\Config.Msi
2010-05-10 14:59:31 ----SHD---- C:\WINDOWS\Installer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 CPEb;CPEb; C:\WINDOWS\system32\drivers\CPEb.sys [2006-02-23 8192]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-02-20 302000]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-06-10 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-06-10 28160]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-02-20 71088]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-09-01 21275]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-30 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-30 25416]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-04-14 13568]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-12-12 1124097]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (AES2500); C:\WINDOWS\System32\Drivers\ATSwpDrv.sys [2005-03-29 116594]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-04-24 328285]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-04-24 30427]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-04-24 851402]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-04-24 148996]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-04-24 65848]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-03-23 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-03-23 37888]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 Ktp;Elantech Touchpad; C:\WINDOWS\system32\DRIVERS\Ktp.sys [2006-03-17 27904]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-02-08 3640608]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-04-24 83584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-05-23 10304384]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-04 1429632]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-06-10 99584]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aah17cc9;aah17cc9; C:\WINDOWS\system32\drivers\aah17cc9.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-04-24 45683]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Active@ Disk Monitor;Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [2009-09-02 1127944]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-04-24 266295]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-04-14 114753]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 I-DEAS License Manager 11.0;I-DEAS License Manager 11.0; C:\UGSPLM\I-DEAS11\sec\lmgrd.exe [2004-02-09 595456]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-06-10 869888]
R2 IT iona_services.config_rep.bo2-0602b cfr-MyDomain;IT iona_services.config_rep.bo2-0602b cfr-MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe [2002-06-17 127030]
R2 IT iona_services.locator.bo2-0602b MyDomain;IT iona_services.locator.bo2-0602b MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe [2002-06-17 127030]
R2 IT iona_services.naming.bo2-0602b MyDomain;IT iona_services.naming.bo2-0602b MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe [2002-06-17 127030]
R2 IT iona_services.node_daemon.bo2-0602b MyDomain;IT iona_services.node_daemon.bo2-0602b MyDomain; C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe [2002-06-17 127030]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-02-20 1222192]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-02-08 143426]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-05-11 1050120]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-04-14 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-04-14 540745]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-03-13 540672]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 UTSCSI;CLCV0; C:\WINDOWS\system32\UTSCSI.EXE [2010-03-04 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S2 MSSQL$AUTODESKVAULT;SQL Server (AUTODESKVAULT); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-09-22 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-10-15 87336]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-08 867080]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-04-08 79360]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe []
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 08 čer 2010 17:32

Zdravim,

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Stahne a ulozte na plochu UsbFix
Spustte a kliknete na Deletion
Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

Co pritelcin ntb, ze jste se k ni do topicu stale neozval

marek2600 · #3 Příspěvek od **marek2600** » 08 čer 2010 17:35

No ona by to prej nezvládla tak čekám, než budu u jejého notasu

Ale uz staci jen ten log vlozit co vy na to .
No nelze stahnout USBfix, antivir me hodi hlasku trojskeho kone takze se nedokonci ani stahovani..

#4 Příspěvek od **vyosek** » 08 čer 2010 17:41

Hlasku ignorujte, preci Vam nebudu radit abyste si tam natahal trojany a ja se jich pak musel zbavovat

Pokud nepujde z oficial webu, tak TADY je v raru na letecke poste (vypnout avast,rozbalit, postup viz vyse)

marek2600 · #5 Příspěvek od **marek2600** » 08 čer 2010 17:50

############################## | UsbFix 7.006 | [Deletion]

User: Marek (Administrator) # BO2-0602B [ ]
Updated 07/06/10 by El Desaparecido / C_XX
Started at 18:43:57 | 08/06/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
CPU 2: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Disabled /!\
Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated]
Firewall: Sunbelt Kerio Personal Firewall 4.3.635 T [Enabled]

RAM -> 1022 Mb
C:\ (%systemdrive%) -> Fixed drive # 70 Gb (15 Mb free - 22%) [] # NTFS
D:\ -> Fixed drive # 23 Gb (4 Mb free - 18%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Removable drive # 488 Mb (50 Mb free - 10%) [MAREK SEĎA] # FAT32

################## | Files # Infected Folders |

Deleted ! I:\Autorun.inf
Deleted ! C:\Recycler\S-1-5-21-1085031214-261903793-839522115-1003
Deleted ! D:\Recycler\S-1-5-21-1085031214-261903793-839522115-1003
Deleted ! I:\Recycler\S-51-9-25-3434476501-1644491933-601013369-1214\Desktop.ini
Deleted ! I:\Recycler\S-51-9-25-3434476501-1644491938-601013843-1214\Desktop.ini
Deleted ! I:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665
Deleted ! I:\click

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ef61a6be-8f2d-11dd-9f11-0016d4d37d41}

################## | Listing |

[10/12/2008 - 12:21:48 | A | 22929] C:\acadminidump.dmp
[01/09/2008 - 16:36:23 | A | 0] C:\AUTOEXEC.BAT
[30/05/2010 - 20:12:14 | RAD ] C:\autorun.inf
[01/09/2008 - 16:30:55 | A | 211] C:\Boot.bak
[06/11/2009 - 01:19:14 | RSH | 293] C:\boot.ini
[25/10/2001 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[14/05/2010 - 21:13:32 | A | 175690] C:\cc_20100514_211328.reg
[05/06/2010 - 15:24:08 | A | 6492] C:\cc_20100605_152405.reg
[23/08/2009 - 18:52:06 | D ] C:\cfb82d6669acc1e458c7a40c8f1d4644
[17/12/2008 - 20:43:29 | RASHD ] C:\cmdcons
[04/08/2004 - 00:00:04 | A | 261312] C:\cmldr
[30/05/2010 - 21:34:40 | A | 25932] C:\ComboFix.txt
[10/05/2010 - 15:02:24 | D ] C:\Config.Msi
[02/03/2010 - 22:51:45 | A | 10] C:\CONFIG.SYS
[02/09/2008 - 10:01:32 | D ] C:\C_DILLA
[01/09/2008 - 16:41:37 | D ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17734] C:\eula.3082.txt
[07/06/2010 - 20:15:35 | D ] C:\flexlm
[07/11/2007 - 08:00:40 | A | 1110] C:\globdata.ini
[04/03/2010 - 18:01:22 | D ] C:\Inetpub
[14/05/2010 - 20:47:53 | D ] C:\instalačky
[07/11/2007 - 08:00:40 | A | 843] C:\install.ini
[07/11/2007 - 08:03:18 | A | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 96272] C:\install.res.3082.dll
[29/03/2009 - 10:36:27 | A | 129654] C:\inv_oktodelete.bmp
[01/09/2008 - 16:36:23 | RASH | 0] C:\IO.SYS
[24/02/2010 - 22:27:08 | D ] C:\jdk1.3.1_04
[01/09/2008 - 16:36:23 | RASH | 0] C:\MSDOS.SYS
[22/12/2008 - 16:07:52 | RD ] C:\MSOCache
[01/09/2008 - 18:54:30 | D ] C:\MyWorks
[02/03/2010 - 22:51:38 | D ] C:\NEXIS32
[03/08/2004 - 22:38:34 | RASH | 47564] C:\NTDETECT.COM
[23/08/2009 - 19:59:56 | RASH | 250576] C:\ntldr
[07/06/2010 - 20:15:12 | ASH | 1610612736] C:\pagefile.sys
[30/05/2010 - 20:12:55 | D ] C:\Program Files
[26/02/2010 - 00:05:36 | D ] C:\PSFONTS
[30/05/2010 - 21:34:47 | D ] C:\Qoobox
[08/06/2010 - 18:48:39 | SHD ] C:\RECYCLER
[30/05/2010 - 18:15:31 | D ] C:\rsit
[09/04/2010 - 19:46:47 | D ] C:\SolidWorks Data
[05/06/2010 - 15:21:01 | SHD ] C:\System Volume Information
[24/02/2010 - 22:51:26 | D ] C:\Team
[08/06/2010 - 13:33:04 | D ] C:\Temp
[24/02/2010 - 21:11:23 | D ] C:\UGSPLM
[08/06/2010 - 18:48:36 | D ] C:\UsbFix
[08/06/2010 - 18:48:43 | A | 1701] C:\UsbFix.txt
[07/11/2007 - 08:00:40 | A | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | A | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | A | 232960] C:\VC_RED.MSI
[07/06/2010 - 07:41:20 | D ] C:\WINDOWS
[02/09/2008 - 14:43:13 | D ] C:\windows xp professional SP2
[26/02/2010 - 00:05:36 | D ] C:\WINNT
[30/05/2010 - 20:12:14 | RAD ] D:\autorun.inf
[14/05/2010 - 20:23:50 | RD ] D:\blbosti
[21/09/2008 - 16:18:25 | D ] D:\certifikát VUT koleje
[20/01/2010 - 12:18:11 | D ] D:\flash
[14/05/2010 - 20:54:14 | D ] D:\instalačky
[02/03/2010 - 22:12:52 | D ] D:\Program Files
[08/06/2010 - 18:48:39 | SHD ] D:\RECYCLER
[01/09/2008 - 16:52:25 | SHD ] D:\System Volume Information
[19/02/2010 - 12:38:16 | D ] D:\TRANSLAT
[26/05/2010 - 17:26:43 | RD ] D:\ŠKOLA
[08/10/2009 - 18:31:48 | A | 9660] I:\2.cvičení posloupnosti.mws
[18/05/2010 - 18:02:02 | D ] I:\vykresy
[19/04/2010 - 08:40:36 | A | 47] I:\exec5804.bat
[18/05/2010 - 18:05:36 | D ] I:\Stroje pro komunikace
[20/05/2010 - 13:39:40 | RSHD ] I:\bunda
[30/05/2010 - 21:07:38 | A | 1392] I:\BOOTEX.LOG
[22/10/2009 - 18:24:06 | A | 52297] I:\3.cviceni.mws
[04/05/2010 - 15:15:20 | A | 39477248] I:\ram_stroje_ok_se_zatizenim.mf1
[03/06/2010 - 07:26:58 | D ] I:\Díl 1 a 2
[30/04/2010 - 06:05:50 | D ] I:\Marek
[19/04/2010 - 08:40:30 | A | 0] I:\error5804.out
[19/11/2009 - 13:20:22 | A | 51413] I:\cviceni 5.mws
[18/05/2010 - 18:05:42 | D ] I:\Prezentace_QZE
[02/02/2010 - 14:20:10 | A | 91136] I:\marek.doc
[01/12/2009 - 14:47:42 | A | 8675] I:\mathcad deformačka.mcd
[06/05/2010 - 12:05:42 | A | 106528] I:\Díl33.bak
[23/03/2010 - 18:55:38 | A | 28141] I:\zkouska4rocnik-qze.pdf
[25/04/2010 - 18:34:08 | A | 278528] I:\ram_stroje_ok.mf2
[11/03/2010 - 14:58:48 | A | 705069] I:\ram_stroje_ok.dat
[10/03/2010 - 20:52:52 | A | 4658] I:\Nový objekt - Textový dokument (2).txt
[18/05/2010 - 17:55:28 | D ] I:\rám výtahu
[25/04/2010 - 18:34:22 | A | 0] I:\ram_stroje_ok.vcp
[25/04/2010 - 18:34:22 | A | 21856256] I:\ram_stroje_ok.mf1
[19/04/2010 - 08:40:34 | A | 24576] I:\ideas5804.app
[01/02/2010 - 23:31:46 | A | 386243] I:\marek.xmcd
[11/05/2010 - 09:45:06 | A | 178688] I:\tahacek.doc
[16/05/2010 - 14:51:10 | D ] I:\nummm
[11/03/2010 - 14:58:48 | A | 698] I:\ram_stroje_ok.diag
[06/11/2007 - 13:21:22 | A | 8541597] I:\Pohony nakladačů.pdf
[22/03/2010 - 23:33:00 | A | 94] I:\serial_widle.txt
[14/05/2010 - 18:52:48 | A | 3552548] I:\vypracovane otazky na zk do 32ot.pdf
[24/05/2010 - 16:07:10 | D ] I:\sešitek¨od pelosa
[19/04/2010 - 08:40:38 | A | 147] I:\.STOP_PRC5804.CMD
[19/04/2010 - 08:40:30 | A | 447] I:\STOP_SDRC5804.CMD
[19/04/2010 - 08:41:10 | A | 8192] I:\ideas5804.sf2
[19/04/2010 - 08:40:38 | A | 212992] I:\ideas5804.dsp
[19/04/2010 - 08:41:10 | A | 229376] I:\ideas5804.sf1
[19/04/2010 - 08:40:36 | A | 46893] I:\ideas5804.psf
[19/04/2010 - 08:40:36 | A | 0] I:\output5804.out
[19/04/2010 - 08:40:36 | A | 0] I:\foutput5804.out
[19/04/2010 - 08:40:36 | A | 0] I:\ferror5804.out
[19/04/2010 - 08:41:08 | A | 8192] I:\ideas5804.aux
[24/09/2009 - 18:24:30 | A | 44233] I:\marek.mws
[24/09/2009 - 18:24:58 | RSHD ] I:\RECYCLER
[04/05/2010 - 15:15:20 | A | 614400] I:\ram_stroje_ok_se_zatizenim.mf2
[05/11/2009 - 16:26:06 | A | 30856] I:\4.mws
[19/04/2010 - 08:43:30 | A | 24576] I:\ideas5728.app
[20/05/2010 - 11:13:04 | A | 31] I:\Nový objekt - Textový dokument.txt
[04/05/2010 - 11:01:48 | A | 0] I:\ram_stroje_ok_se_zatizenim.vcp
[19/04/2010 - 08:44:14 | A | 8192] I:\ideas5728.sf2
[19/04/2010 - 08:43:32 | A | 212992] I:\ideas5728.dsp
[19/04/2010 - 08:44:14 | A | 229376] I:\ideas5728.sf1
[19/04/2010 - 08:43:30 | A | 46893] I:\ideas5728.psf
[19/04/2010 - 08:44:14 | A | 8192] I:\ideas5728.aux

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
I:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_BO2-0602B.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

#6 Příspěvek od **vyosek** » 08 čer 2010 17:53

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Odpoved k pritelcinemu ntb mate v jejim topicu at se nam to tu nemicha

marek2600 · #7 Příspěvek od **marek2600** » 08 čer 2010 18:26

OTL
OTL logfile created on: 8.6.2010 19:08:13 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Marek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 022,00 Mb Total Physical Memory | 556,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70,00 Gb Total Space | 15,26 Gb Free Space | 21,80% Space Free | Partition Type: NTFS
Drive D: | 23,15 Gb Total Space | 4,21 Gb Free Space | 18,19% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BO2-0602B
Current User Name: Marek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.08 18:55:37 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marek\Plocha\OTL.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.03.04 11:09:08 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\UTSCSI.EXE
PRC - [2009.09.02 12:46:30 | 001,127,944 | ---- | M] (LSoft Technologies Inc) -- C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
PRC - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.03.13 20:56:49 | 000,540,672 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.11 02:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) -- C:\WINDOWS\system32\oodag.exe
PRC - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
PRC - [2007.02.20 13:34:10 | 001,967,664 | ---- | M] (Sunbelt Software) -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
PRC - [2006.06.14 19:20:46 | 000,331,776 | ---- | M] () -- C:\WINDOWS\system32\tsnp2std.exe
PRC - [2006.05.15 15:52:22 | 000,675,840 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2std.exe
PRC - [2006.04.24 23:02:56 | 000,622,653 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006.04.24 23:01:42 | 001,376,340 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006.04.14 11:56:12 | 000,569,413 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
PRC - [2006.04.14 11:52:18 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006.04.14 11:51:52 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006.04.14 11:49:28 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006.04.14 11:44:58 | 000,540,745 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2006.04.14 11:43:02 | 000,114,753 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2006.04.14 11:42:26 | 000,217,164 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2006.04.13 09:33:06 | 000,036,864 | ---- | M] () -- C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exe
PRC - [2006.04.04 11:25:06 | 000,180,224 | ---- | M] () -- C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe
PRC - [2006.03.28 12:36:04 | 000,512,000 | R--- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\Ktp.exe
PRC - [2005.06.10 17:19:38 | 000,869,888 | ---- | M] (Nero AG) -- C:\Program Files\Ahead\InCD\InCDsrv.exe
PRC - [2004.02.09 14:23:38 | 000,749,568 | ---- | M] () -- C:\UGSPLM\I-DEAS11\sec\eds_id11.exe
PRC - [2004.02.09 14:22:04 | 000,595,456 | ---- | M] (GLOBEtrotter Software Inc.) -- C:\UGSPLM\I-DEAS11\sec\lmgrd.exe
PRC - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe
PRC - [2002.12.17 18:23:32 | 000,074,308 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PRC - [2002.06.17 17:53:50 | 000,127,030 | ---- | M] (IONA Technologies) -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe
PRC - [2002.06.17 17:53:48 | 000,127,030 | ---- | M] (IONA Technologies) -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe
PRC - [2002.06.17 17:53:44 | 000,127,030 | ---- | M] (IONA Technologies) -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe
PRC - [2002.06.17 17:53:24 | 000,127,030 | ---- | M] (IONA Technologies) -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe

========== Modules (SafeList) ==========

MOD - [2010.06.08 18:55:37 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marek\Plocha\OTL.exe
MOD - [2008.04.14 08:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.04.24 23:04:06 | 000,053,248 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2005.10.27 16:03:04 | 000,043,520 | R--- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\KtpDll.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.08 13:18:47 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010.04.08 13:18:44 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.04 11:09:08 | 000,045,056 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\UTSCSI.EXE -- (UTSCSI)
SRV - [2009.10.15 06:51:14 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand | Stopped] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV - [2009.09.02 12:46:30 | 001,127,944 | ---- | M] (LSoft Technologies Inc) [Auto | Running] -- C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe -- (Active@ Disk Monitor)
SRV - [2009.06.01 22:20:12 | 000,222,968 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.05.27 04:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$AUTODESKVAULT) SQL Server (AUTODESKVAULT)
SRV - [2009.03.13 20:56:49 | 000,540,672 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.09.22 14:25:13 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.05.11 02:09:48 | 001,050,120 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2007.02.20 13:34:14 | 001,222,192 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe -- (KPF4)
SRV - [2006.04.14 11:44:58 | 000,540,745 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2006.04.14 11:43:02 | 000,114,753 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2006.04.14 11:42:26 | 000,217,164 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2005.09.23 07:01:16 | 002,799,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon80)
SRV - [2005.06.10 17:19:38 | 000,869,888 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Ahead\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2004.02.09 14:22:04 | 000,595,456 | ---- | M] (GLOBEtrotter Software Inc.) [Auto | Running] -- C:\UGSPLM\I-DEAS11\sec\lmgrd.exe -- (I-DEAS License Manager 11.0)
SRV - [2002.12.17 18:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -- (MSSQL$INVENTORCONTENT)
SRV - [2002.12.17 18:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -- (SQLAgent$INVENTORCONTENT)
SRV - [2002.06.17 17:53:50 | 000,127,030 | ---- | M] (IONA Technologies) [Auto | Running] -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnode_daemon.exe -- (IT iona_services.node_daemon.bo2-0602b MyDomain)
SRV - [2002.06.17 17:53:48 | 000,127,030 | ---- | M] (IONA Technologies) [Auto | Running] -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itnaming.exe -- (IT iona_services.naming.bo2-0602b MyDomain)
SRV - [2002.06.17 17:53:44 | 000,127,030 | ---- | M] (IONA Technologies) [Auto | Running] -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itlocator.exe -- (IT iona_services.locator.bo2-0602b MyDomain)
SRV - [2002.06.17 17:53:24 | 000,127,030 | ---- | M] (IONA Technologies) [Auto | Running] -- C:\UGSPLM\I-DEAS11\Iona\OrbixE2A\asp\5.1\bin\itconfig_rep.exe -- (IT iona_services.config_rep.bo2-0602b cfr-MyDomain)

========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.03.30 23:43:27 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.30 23:43:24 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.09.19 12:55:00 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.02.20 13:34:08 | 000,071,088 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\khips.sys -- (khips)
DRV - [2007.02.20 13:34:02 | 000,302,000 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fwdrv.sys -- (fwdrv)
DRV - [2006.05.23 15:39:04 | 010,304,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD) USB2.0 PC Camera (SNP2STD)
DRV - [2006.04.24 22:44:06 | 000,328,285 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006.04.24 22:41:16 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006.04.24 22:39:08 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006.04.24 22:38:30 | 000,065,848 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006.04.24 22:35:26 | 000,148,996 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006.04.24 22:34:32 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006.04.24 17:00:00 | 000,083,584 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.04.17 09:31:00 | 004,262,912 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.04.14 13:04:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006.04.04 03:17:24 | 001,429,632 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2006.03.23 18:59:00 | 000,061,056 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMS7SK.sys -- (EMSCR)
DRV - [2006.03.23 18:59:00 | 000,037,888 | R--- | M] (ENE Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ESD7SK.sys -- (ESDCR)
DRV - [2006.03.17 19:03:32 | 000,027,904 | R--- | M] (ELANTECH Devices Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Ktp.sys -- (Ktp)
DRV - [2006.02.23 18:21:14 | 000,008,192 | ---- | M] (Compal) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\CPEb.sys -- (CPEb)
DRV - [2006.02.08 23:06:00 | 003,640,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005.12.12 09:08:44 | 001,124,097 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.06.10 17:12:12 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.06.10 17:11:50 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005.06.10 16:11:44 | 000,028,160 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDrm.sys -- (incdrm)
DRV - [2005.05.17 14:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.03.29 18:02:22 | 000,116,594 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (AES2500)
DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-261903793-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-1085031214-261903793-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1085031214-261903793-839522115-1003\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1085031214-261903793-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.23 16:42:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.10 14:59:20 | 000,000,000 | ---D | M]

[2008.09.01 19:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Extensions
[2010.06.07 22:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\extensions
[2010.04.27 20:15:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.11 08:44:04 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.04.27 20:15:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2008.09.19 12:59:48 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\daemon-search.xml
[2010.06.05 14:56:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-1.xml
[2009.10.29 12:05:28 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-2.xml
[2009.11.09 18:23:16 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-3.xml
[2009.12.17 12:13:47 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-4.xml
[2010.01.08 23:21:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-5.xml
[2010.02.19 11:07:02 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-6.xml
[2010.02.19 14:27:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-7.xml
[2010.03.23 20:11:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-8.xml
[2010.04.03 23:30:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin-9.xml
[2008.03.31 09:52:00 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin.gif
[2008.03.31 09:52:00 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin.src
[2009.08.31 17:31:08 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\icqplugin.xml
[2009.11.21 19:44:08 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\wfv0s7fw.default\searchplugins\qipsearch.xml
[2010.06.07 22:09:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.08.20 10:16:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.07.06 20:24:26 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2009.10.14 17:21:24 | 000,155,648 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2008.06.30 23:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2010.02.19 14:26:32 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.02.19 14:26:32 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.02.19 14:26:32 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.02.19 14:26:32 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.02.19 14:26:32 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.30 21:26:13 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CASS] C:\Program Files\Compal Electronics, INC\Wireless Select Switch\Wireless Select Switch.exe ()
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [KTPWare] C:\Program Files\Elantech\Ktp.exe (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe (O&O Software GmbH)
O4 - HKLM..\Run: [Sidewalker] C:\Program Files\Compal Electronics, INC\Sidewalker\CSWalker.exe ()
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\system32\tsnp2std.exe ()
O4 - HKU\S-1-5-21-1085031214-261903793-839522115-1003..\Run: [OEXPRESS] File not found
O4 - HKU\S-1-5-21-1085031214-261903793-839522115-1003..\Run: [WEBTRAN] File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-261903793-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-261903793-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-1085031214-261903793-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/1.3 ... 04-win.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {A31CCCB0-46A8-11D3-A726-005004B35102} https://wan.con.siemens.co.uk/3D-Model- ... werWeb.cab (XView Class)
O16 - DPF: {CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3 ... 04-win.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\pcl {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Marek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Marek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.09.01 16:36:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.06.08 18:48:44 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.06.08 18:48:44 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{fc8cdf7a-6496-11de-a18d-0016d4d37d41}\Shell\AutoRun\command - "" = bunda\\vratije.exe
O33 - MountPoints2\{fc8cdf7a-6496-11de-a18d-0016d4d37d41}\Shell\explore\command - "" = bunda\vratije.exe
O33 - MountPoints2\{fc8cdf7a-6496-11de-a18d-0016d4d37d41}\Shell\install\command - "" = bunda\vratije.exe
O33 - MountPoints2\{fc8cdf7a-6496-11de-a18d-0016d4d37d41}\Shell\open\command - "" = bunda\vratije.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008.09.01 16:35:55 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.08 18:55:30 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marek\Plocha\OTL.exe
[2010.06.08 18:48:44 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2010.06.08 18:43:43 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.06.05 15:33:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Marek\Recent
[2010.06.02 09:46:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Marek\Plocha\ok
[2010.05.31 18:35:35 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.05.30 18:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.30 18:15:21 | 000,000,000 | ---D | C] -- C:\rsit
[2008.09.01 17:02:57 | 000,122,880 | ---- | C] ( ) -- C:\WINDOWS\rsnp2std.dll
[2008.09.01 17:02:57 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[12 C:\Documents and Settings\Marek\Plocha\*.tmp files -> C:\Documents and Settings\Marek\Plocha\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.08 19:06:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.08 19:06:02 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.06.08 19:05:44 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.08 19:05:41 | 000,045,378 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.08 19:05:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.08 19:05:04 | 001,431,517 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.06.08 18:55:37 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marek\Plocha\OTL.exe
[2010.06.08 18:54:47 | 001,927,826 | ---- | M] () -- C:\WINDOWS\System32\drivers\fwdrv.err
[2010.06.08 18:48:44 | 000,010,431 | ---- | M] () -- C:\UsbFix_Upload_Me_BO2-0602B.zip
[2010.06.08 14:06:01 | 000,002,429 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SolidWorks 2010.lnk
[2010.06.07 15:22:56 | 012,058,624 | ---- | M] () -- C:\Documents and Settings\Marek\NTUSER.DAT
[2010.06.05 15:24:08 | 000,006,492 | ---- | M] () -- C:\cc_20100605_152405.reg
[2010.06.03 20:33:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.06.03 12:53:05 | 000,010,356 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\MAREK.sldstd
[2010.06.02 15:46:35 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.01 11:13:46 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.06.01 11:12:10 | 000,183,296 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\A3 agama.drwdot
[2010.06.01 11:11:44 | 000,177,152 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\A4 agama.drwdot
[2010.05.30 21:26:52 | 000,000,277 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.30 21:26:13 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.27 18:22:07 | 001,347,150 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.27 18:22:07 | 000,544,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.27 18:22:07 | 000,541,650 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.05.27 18:22:07 | 000,125,444 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.05.27 18:22:07 | 000,113,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.25 22:47:12 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Marek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 12:57:10 | 000,000,004 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\avdrn.dat
[2010.05.20 22:24:34 | 001,107,755 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\rám výtahu.pdf
[2010.05.20 22:24:03 | 001,038,848 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\rám výtahu.doc
[2010.05.20 17:14:28 | 017,771,648 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\ZdenoPDF.pdf
[2010.05.20 17:14:18 | 013,291,738 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\scanPDF.pdf
[2010.05.20 15:06:48 | 000,080,669 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\zach1.jpg
[2010.05.20 15:05:55 | 000,057,932 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\zach.jpg
[2010.05.20 14:37:00 | 000,097,875 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\PrintFile33.jpg
[2010.05.20 14:13:05 | 000,098,370 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\PrintFile12.jpg
[2010.05.20 14:11:03 | 000,070,177 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\PrintFile11.jpg
[2010.05.20 14:09:10 | 000,067,012 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\PrintFile1.jpg
[2010.05.20 14:07:32 | 000,083,507 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\PrintFile.jpg
[2010.05.14 21:13:32 | 000,175,690 | ---- | M] () -- C:\cc_20100514_211328.reg
[2010.05.14 20:12:38 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Marek\Plocha\Microsoft Office Word 2003 (2).lnk
[2010.05.12 22:53:59 | 000,002,496 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2010.05.12 22:53:57 | 000,001,780 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.05.10 15:00:27 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[12 C:\Documents and Settings\Marek\Plocha\*.tmp files -> C:\Documents and Settings\Marek\Plocha\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.08 18:48:44 | 000,010,431 | ---- | C] () -- C:\UsbFix_Upload_Me_BO2-0602B.zip
[2010.06.05 15:24:07 | 000,006,492 | ---- | C] () -- C:\cc_20100605_152405.reg
[2010.06.03 12:53:05 | 000,010,356 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\MAREK.sldstd
[2010.06.01 11:14:23 | 000,183,296 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\A3 agama.drwdot
[2010.06.01 11:14:23 | 000,177,152 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\A4 agama.drwdot
[2010.05.30 21:12:04 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.30 21:12:03 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.25 12:57:14 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\NetworkService\Data aplikací\khiteb.dat
[2010.05.25 12:57:11 | 000,013,404 | ---- | C] () -- C:\Documents and Settings\Marek\hs_err_pid2404.log
[2010.05.25 12:57:10 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Marek\Data aplikací\avdrn.dat
[2010.05.20 22:24:31 | 001,107,755 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\rám výtahu.pdf
[2010.05.20 17:14:18 | 017,771,648 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\ZdenoPDF.pdf
[2010.05.20 17:14:13 | 013,291,738 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\scanPDF.pdf
[2010.05.20 15:06:48 | 000,080,669 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\zach1.jpg
[2010.05.20 15:05:55 | 000,057,932 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\zach.jpg
[2010.05.20 14:37:00 | 000,097,875 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\PrintFile33.jpg
[2010.05.20 14:13:05 | 000,098,370 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\PrintFile12.jpg
[2010.05.20 14:11:03 | 000,070,177 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\PrintFile11.jpg
[2010.05.20 14:09:09 | 000,067,012 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\PrintFile1.jpg
[2010.05.20 14:07:32 | 000,083,507 | ---- | C] () -- C:\Documents and Settings\Marek\Plocha\PrintFile.jpg
[2010.05.14 21:13:30 | 000,175,690 | ---- | C] () -- C:\cc_20100514_211328.reg
[2010.04.13 18:37:22 | 000,000,478 | ---- | C] () -- C:\WINDOWS\solvermfc.INI
[2010.04.08 13:24:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2010.03.30 23:43:26 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.03.30 23:43:24 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.03.10 23:04:59 | 000,000,157 | ---- | C] () -- C:\WINDOWS\matlab.ini
[2010.03.04 11:09:08 | 000,430,080 | ---- | C] () -- C:\WINDOWS\udll.dll
[2010.02.24 21:05:28 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.06.19 21:06:22 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.06.19 21:06:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009.05.20 19:16:22 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009.03.13 20:56:49 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.11.30 23:38:43 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2008.11.20 20:37:21 | 000,000,148 | ---- | C] () -- C:\WINDOWS\thtitanc.INI
[2008.11.18 22:39:55 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.11.12 21:12:34 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.09.19 12:54:59 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.04 21:37:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.09.03 10:56:02 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.02 11:19:13 | 000,002,236 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.09.02 09:44:03 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2008.09.01 19:55:18 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.09.01 19:53:05 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.09.01 19:52:01 | 000,001,780 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.09.01 19:51:59 | 000,002,496 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.09.01 19:51:51 | 000,004,192 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.09.01 19:51:51 | 000,001,849 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.09.01 17:17:42 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.09.01 17:02:59 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2008.09.01 17:02:58 | 000,024,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2008.09.01 17:02:57 | 010,304,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2008.09.01 17:00:53 | 000,356,352 | R--- | C] () -- C:\WINDOWS\EMCRI.dll
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.08.21 20:46:34 | 000,059,160 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2006.04.24 22:50:56 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2006.04.04 09:31:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CPEbLib.dll
[2006.02.08 23:06:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.02.08 23:06:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.02.08 23:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.02.08 23:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.02.08 23:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.02.08 23:06:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.02.17 12:41:32 | 000,000,603 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2005.02.17 12:41:30 | 000,000,593 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2008.12.10 12:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Actify
[2010.02.06 13:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.03.04 18:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.11.02 20:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2010.04.08 13:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
[2009.08.20 10:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.04.13 20:00:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MentorGraphics
[2008.09.15 16:03:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2010.05.30 18:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2010.05.17 13:22:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.31 10:03:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Softland
[2010.03.02 22:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Ansys
[2010.03.03 20:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Autodesk
[2008.09.01 18:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\DAEMON Tools
[2010.04.08 13:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\DassaultSystemes
[2010.04.13 19:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\EDrawings
[2010.02.14 14:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Facebook
[2009.11.21 16:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\ICQ
[2008.11.17 22:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\LANGMaster
[2008.10.05 22:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Leadertech
[2010.04.13 20:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Luxology
[2008.09.29 18:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Mathsoft
[2008.10.27 18:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\MechSoft
[2010.05.30 20:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\MxBoost
[2009.02.04 14:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\SolidDocuments
[2010.05.30 18:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Spyware Terminator
[2008.09.22 16:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"WEBTRAN" =
"OEXPRESS" =
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2009.01.05 18:22:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.10.07 15:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Adobe
[2010.03.02 22:04:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Ansys
[2008.09.20 14:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Apple Computer
[2010.03.03 20:40:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Autodesk
[2008.09.02 15:01:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Cyberlink
[2008.09.01 18:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\DAEMON Tools
[2010.04.08 13:45:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\DassaultSystemes
[2010.04.13 19:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\EDrawings
[2010.02.14 14:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Facebook
[2009.01.24 12:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Google
[2008.09.02 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\GRETECH
[2008.09.02 09:45:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Help
[2009.11.21 16:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\ICQ
[2008.09.01 16:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Identities
[2008.09.01 16:58:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Intel
[2008.11.17 22:05:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\LANGMaster
[2008.10.05 22:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Leadertech
[2010.04.13 20:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Luxology
[2008.09.03 20:05:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Macromedia
[2008.09.29 18:20:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Mathsoft
[2008.10.27 18:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\MechSoft
[2010.04.08 13:22:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Marek\Data aplikací\Microsoft
[2008.09.01 19:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Mozilla
[2010.05.30 20:11:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\MxBoost
[2010.04.08 19:54:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\PSpad
[2010.03.06 15:53:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Real
[2008.11.12 21:25:49 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Marek\Data aplikací\SecuROM
[2009.02.04 14:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\SolidDocuments
[2010.06.08 14:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\SolidWorks
[2010.05.30 18:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Spyware Terminator
[2008.09.19 11:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\Sun
[2008.09.20 18:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\SUPERAntiSpyware.com
[2008.09.22 16:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\uTorrent
[2008.09.21 17:18:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\vlc
[2008.09.01 18:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Marek\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2010.02.14 14:09:15 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Marek\Data aplikací\Facebook\uninstall.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Marek\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2008.09.01 16:54:06 | 000,016,158 | R--- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Microsoft\Installer\{0763E426-FB61-4CD3-B8C7-01A0F37CAAEB}\ARPPRODUCTICON.exe
[2008.09.29 18:17:16 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Microsoft\Installer\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}\ARPPRODUCTICON.exe
[2008.09.22 19:35:38 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2008.09.29 18:18:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Microsoft\Installer\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}\ARPPRODUCTICON.exe
[2008.09.02 10:41:45 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Marek\Data aplikací\Microsoft\Installer\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}\ARPPRODUCTICON.exe

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\windows xp professional SP2\I386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\windows xp professional SP2\I386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\windows xp professional SP2\I386\sp2.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

marek2600 · #8 Příspěvek od **marek2600** » 08 čer 2010 18:27

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\windows xp professional SP2\I386\sp2.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\windows xp professional SP2\I386\sp2.cab:Changer.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2004.08.17 15:49:28 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\windows xp professional SP2\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.09.19 12:55:00 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.09.01 18:23:33 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.09.01 18:23:33 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.09.01 18:23:32 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.08 19:05:52 | 000,000,086 | ---- | M] () -- C:\WINDOWS\system32\LMGRD.LOG
[2010.06.08 19:05:41 | 000,045,378 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.06.08 19:05:04 | 001,431,517 | ---- | M] () -- C:\WINDOWS\system32\oodbs.lor
[2010.06.08 19:06:22 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

========== Alternate Data Streams ==========

@Alternate Data Stream - 213 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:39413AC3
< End of report >

EXTRAS
OTL Extras logfile created on: 8.6.2010 19:08:13 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Documents and Settings\Marek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 022,00 Mb Total Physical Memory | 556,00 Mb Available Physical Memory | 54,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70,00 Gb Total Space | 15,26 Gb Free Space | 21,80% Space Free | Partition Type: NTFS
Drive D: | 23,15 Gb Total Space | 4,21 Gb Free Space | 18,19% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BO2-0602B
Current User Name: Marek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1085031214-261903793-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- (www.BitLord.com)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{065A7AFE-195D-4DFB-A4B2-A83842C0F79F}" = Wireless Select Switch
"{0763E426-FB61-4CD3-B8C7-01A0F37CAAEB}" = Fingerprint Sensor Minimum Install
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{16E72583-459E-428C-B4E7-C2CC4538FFED}" = WinPDF Writer
"{1959101B-E34C-4266-8915-20F23B5BCF43}" = SolidWorks eDrawings 2010
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{2CD6BBA0-17C8-4789-9B9B-B36F7E815F6A}" = DWG TrueView 2007
"{2D8D14CC-5B31-44B9-87FC-BEC3D8AFFD1D}" = SolidWorks Explorer 2010 SP0
"{30120000-00B2-0409-0000-0000000FF1CE}" = Office 2007 Add-in - Microsoft Save as PDF or XPS (Beta)
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56DCD20A-E558-4396-AF59-14D15AA737BB}" = DWGeditor
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6EF75643-E1C3-4954-AC7D-FCEE1656D800}" = Microsoft WSE 2.0 Runtime
"{6F411DB4-EC41-482B-AD46-384957928F69}" = AOEMView 2008
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736D2DAD-3D87-4CAA-8646-83D238AD68E0}" = PhotoView 360
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Integrated Camera
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CFAEC66-BA0E-4076-AAA5-2BE29153E6DF}" = Microsoft XML Parser
"{7F4DD591-1000-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 10
"{7F4DD591-1000-4C43-9CB2-8107D70F3DB5}" = Moduly Autodesk Inventor Professional 10
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A182077A-8D6B-4194-B48A-B4DC37C69907}" = RealSpeak Solo for UK English Emily
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Microsoft Flight Simulator X: Acceleration
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF2066F6-7C57-46A1-A306-077EBBFC7B2B}" = SolidWorks 2010 SP0
"{AFFBB1A4-26E9-42D8-ACBB-B8B1ECF862DC}" = Actify SpinFire Reader
"{B502B428-3386-40A9-98DB-079AAB72E64F}" = mEoU
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B93DCC70-FC6D-41C7-B261-A14F83EA3D53}" = I-DEAS SFAM Component
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BE114DB8-D43B-4C88-842E-573E8EFB1613}" = Sidewalker
"{BF52A2EB-92BB-473E-9070-9E7BBF568791}" = Active@ Hard Disk Monitor
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D481EA96-2313-4A7C-98EE-710D1AF884AC}" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (INVENTORCONTENT)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E659E0EE-10E6-49B7-8696-60F38D0EB174}" = Sunbelt Kerio Personal Firewall
"{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIMP2" = AIMP2
"AOEMView 2008" = AOEMView 2008
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"avast5" = avast! Free Antivirus
"BitLord" = BitLord 1.1
"CCleaner" = CCleaner
"doPDF 6 printer_is1" = doPDF 6.2 printer
"Elantech" = KTP Ware PS/2-WDM 5.0.3.6
"Foxit Reader" = Foxit Reader
"GOM Player" = GOM Player
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"I-DEAS 11.00.000" = I-DEAS 11.00.000
"I-DEAS Help Library for I-DEAS 11" = I-DEAS Help Library for I-DEAS 11
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = InCD
"InstallShield_{065A7AFE-195D-4DFB-A4B2-A83842C0F79F}" = Wireless Select Switch
"InstallShield_{BE114DB8-D43B-4C88-842E-573E8EFB1613}" = Sidewalker
"IrfanView" = IrfanView (remove only)
"Java 2 SDK Standard Edition v1.3.1_04" = Java 2 SDK Standard Edition v1.3.1_04
"JRE 1.3.1_04" = Java 2 Runtime Environment Standard Edition v1.3.1_04
"Maxthon2" = Maxthon2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Studio 2005 Tools for Applications - ENU" = Microsoft Visual Studio 2005 Tools for Applications - ENU
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NEXIS32 3.40.13" = IDA NEXIS 32 rel. 3.40
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PC Translator" = PC Translator
"ProInst" = Software Intel(R) PROSet/Wireless
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"RTMshadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Flight Simulator X
"SolidWorks Installation Manager 20100-40000-1100-200" = SolidWorks 2010 SP0
"SP1shadow_{A9729B90-D37B-4A69-B66A-7436AC1F7274}" = Flight Simulator X Service Pack 1
"Spyware Terminator_is1" = Spyware Terminator
"STCC - The Game_1.1.1.10_is1" = STCC - The Game
"Usbfix" = Usbfix By C_XX & El Desaparecido
"VLC media player" = VideoLAN VLC media player 0.8.6e
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1085031214-261903793-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 3.12.2008 11:33:45 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 7.1.2009 15:14:10 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 13.1.2009 14:33:32 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 29.1.2009 13:20:29 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 6.2.2009 8:39:51 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 25.5.2009 13:25:03 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 5.11.2009 17:28:36 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

Error - 17.11.2009 5:27:40 | Computer Name = BO2-0602B | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 6.6.2010 15:52:03 | Computer Name = BO2-0602B | Source = MSSQL$AUTODESKVAULT | ID = 17113
Description = Error 2(Systém nemůže nalézt uvedený soubor.) occurred while opening
file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf' to obtain
configuration information at startup. An invalid startup option might have caused
the error. Verify your startup options, and correct or remove them if necessary.

Error - 7.6.2010 9:16:20 | Computer Name = BO2-0602B | Source = MSSQL$AUTODESKVAULT | ID = 17113
Description = Error 2(Systém nemůže nalézt uvedený soubor.) occurred while opening
file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf' to obtain
configuration information at startup. An invalid startup option might have caused
the error. Verify your startup options, and correct or remove them if necessary.

Error - 7.6.2010 14:15:40 | Computer Name = BO2-0602B | Source = MSSQL$AUTODESKVAULT | ID = 17113
Description = Error 2(Systém nemůže nalézt uvedený soubor.) occurred while opening
file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf' to obtain
configuration information at startup. An invalid startup option might have caused
the error. Verify your startup options, and correct or remove them if necessary.

Error - 8.6.2010 13:02:15 | Computer Name = BO2-0602B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.5.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.6.2010 13:02:15 | Computer Name = BO2-0602B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.5.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.6.2010 13:02:35 | Computer Name = BO2-0602B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.5.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.6.2010 13:02:48 | Computer Name = BO2-0602B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.5.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.6.2010 13:03:02 | Computer Name = BO2-0602B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.5.3, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 8.6.2010 13:05:56 | Computer Name = BO2-0602B | Source = MSSQL$AUTODESKVAULT | ID = 17113
Description = Error 2(Systém nemůže nalézt uvedený soubor.) occurred while opening
file 'C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\DATA\master.mdf' to obtain
configuration information at startup. An invalid startup option might have caused
the error. Verify your startup options, and correct or remove them if necessary.

Error - 8.6.2010 13:07:34 | Computer Name = BO2-0602B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace msimn.exe, verze 6.0.2900.5512, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 8.6.2010 12:44:12 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7031
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně
ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund:
Restartovat službu.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba Active@ Disk Monitor byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba I-DEAS License Manager 11.0 byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba IT iona_services.config_rep.bo2-0602b cfr-MyDomain byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.6.2010 12:44:13 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba InCD Helper byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 8.6.2010 12:44:41 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7034
Description = Služba Sunbelt Kerio Personal Firewall 4 byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.6.2010 13:06:07 | Computer Name = BO2-0602B | Source = Service Control Manager | ID = 7024
Description = Služba SQL Server (AUTODESKVAULT) ukončena s chybou 17113 (0x42D9),
specifickou pro službu.

< End of report >

marek2600 · #9 Příspěvek od **marek2600** » 08 čer 2010 18:36

Mám malý problém. Když jsem spustil ten OTL, tak se mi nějak sekl pc a resetnul jsem jej. Zůstaly mě nějaké neviditelné ikony na ploše a jsou tam pořád..

#10 Příspěvek od **vyosek** » 08 čer 2010 18:58

Poradim se o tom s kolegou...behem zitrejsiho dopoledne tu budete mit rozlusteni

marek2600 · #11 Příspěvek od **marek2600** » 08 čer 2010 19:00

Oki díky moc teda:) a ty logy co jsem vkládal jsou tedy vpořádku ?

#12 Příspěvek od **vyosek** » 08 čer 2010 19:02

Projizdel jsem je zatim jen zbezne, ale havet nevidno - zitra poradne prostuduju - videl jsem tam drobnosti

marek2600 · #13 Příspěvek od **marek2600** » 08 čer 2010 19:19

ještě abych upřesnil tu chybu. Ty ikony jsou neviditelné jakoby když se dá vyjmout složku tak se zprůhlední. A nejsou jen na ploše, ale i když třeba otevřu nějakou složku (např. stažené soubory). Tak zítra zatím )

#14 Příspěvek od **vyosek** » 08 čer 2010 19:21

Nemate nahodou zaple zobrazovani skrytych souboru (Moznosti slozky- zobrazovat skryte soubory)

I kolega neco naznacoval v tomto smeru...

marek2600 · #15 Příspěvek od **marek2600** » 08 čer 2010 19:38

He kápl jste na to

Ale ono se to spustilo samo automaticky tím OTL

už je to vpořádku

VIRY.CZ

Prosím o kontrolu (prevetivně) :)

Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)

Re: Prosím o kontrolu (prevetivně) :)