Logfile of random's system information tool 1.07 (written by random/random)
Run by Sentenza at 2010-06-13 09:02:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (16%) free of 238 GB
Total RAM: 1023 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:02:49, on 13.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Sentenza.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://game.amd.com/us-en/drivers_catalyst.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - (no file)
O1 - Hosts: 92.240.237.20 l2authd.lineage2.com # Forbidden Lands Lineage 2 Server
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com # Gameguard
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6976 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{92a2f4ec-51d2-4283-87d5-93b7005fc356}
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-01-31 949376]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-31 1794320]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-04-10 729088]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [2003-09-15 270336]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-04-02 75048]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Setupx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}]
shell\AutoRun\command - D:\SETUP.EXE /AUTORUN
shell\configure\command - D:\SETUP.EXE
shell\install\command - D:\SETUP.EXE
======List of files/folders created in the last 1 months======
2010-06-10 01:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 01:28:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 01:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 01:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 01:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 01:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-04 18:35:39 ----D---- C:\DVDVideoSoft
2010-06-04 18:28:48 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-06-04 18:28:38 ----D---- C:\Program Files\DVDVideoSoft
2010-06-04 18:22:11 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
2010-06-04 18:13:18 ----D---- C:\Program Files\Common Files\Vbox
2010-06-04 18:10:04 ----D---- C:\fda
2010-06-04 17:59:54 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-06-04 17:59:53 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-06-04 17:59:46 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-06-04 17:59:44 ----A---- C:\WINDOWS\system32\Msvcr70.dll
2010-06-04 17:38:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2010-05-29 16:23:09 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
2010-05-29 16:21:58 ----D---- C:\Program Files\Ventrilo
2010-05-29 16:21:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-05-28 15:17:08 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
2010-05-28 15:14:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2010-05-28 15:14:06 ----D---- C:\Program Files\Common Files\CyberLink
2010-05-28 15:12:03 ----D---- C:\Program Files\CyberLink
2010-05-28 15:12:03 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-05-28 15:11:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Temp
2010-05-28 10:39:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-14 18:03:38 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Google
2010-05-14 17:58:17 ----D---- C:\Program Files\Google
======List of files/folders modified in the last 1 months======
2010-06-13 09:02:50 ----D---- C:\WINDOWS\Prefetch
2010-06-13 09:02:47 ----D---- C:\Program Files\trend micro
2010-06-13 09:02:46 ----D---- C:\WINDOWS\Temp
2010-06-13 08:40:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-13 08:40:53 ----D---- C:\WINDOWS
2010-06-12 23:01:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-12 21:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-12 16:39:35 ----HD---- C:\WINDOWS\inf
2010-06-11 17:26:50 ----SHD---- C:\WINDOWS\Installer
2010-06-11 17:22:04 ----D---- C:\WINDOWS\Debug
2010-06-11 12:09:10 ----SD---- C:\Documents and Settings\Sentenza\Data aplikací\Microsoft
2010-06-10 08:45:37 ----D---- C:\WINDOWS\system32
2010-06-10 01:28:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 01:28:26 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 01:27:32 ----D---- C:\Program Files\Internet Explorer
2010-06-10 01:27:24 ----D---- C:\WINDOWS\ie8updates
2010-06-05 08:58:49 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
2010-06-05 08:49:58 ----D---- C:\Program Files\Adobe
2010-06-04 18:55:56 ----RSD---- C:\WINDOWS\assembly
2010-06-04 18:55:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-04 18:28:48 ----D---- C:\Program Files\Common Files
2010-06-04 18:28:38 ----RD---- C:\Program Files
2010-06-04 18:20:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-04 18:20:14 ----D---- C:\WINDOWS\system32\drivers
2010-06-04 18:14:36 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Adobe
2010-06-04 17:36:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-04 17:34:44 ----D---- C:\WINDOWS\WinSxS
2010-06-04 17:19:18 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-06-04 17:09:15 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
2010-06-04 15:14:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-06-02 01:01:49 ----D---- C:\Program Files\Ask.com
2010-06-02 01:01:48 ----SD---- C:\WINDOWS\Tasks
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-28 15:11:27 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-05-28 15:11:27 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-05-26 12:32:04 ----A---- C:\_srvlog.txt
2010-05-19 21:39:30 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Skype
2010-05-19 20:31:18 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-01-31 132640]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-01-31 24096]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-01-31 15424]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/05/28 15:14:24]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-01-31 512096]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 OmniTV;Cx2388x AvStream Video Capture; C:\WINDOWS\system32\DRIVERS\OmniTV.sys [2006-10-04 198656]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-13 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 ac5onbzc;ac5onbzc; C:\WINDOWS\system32\drivers\ac5onbzc.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-31 692496]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-01-31 552064]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-31 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola Logu - Dekuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Kontrola Logu - Dekuji
Zdravím 
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
COMODO Internet Security používáte pouze jako firewall 
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy. Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
autochk.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
COMODO Internet Security používáte pouze jako firewall 
Re: Kontrola Logu - Dekuji
OTL logfile created on: 13.6.2010 10:42:58 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Sentenza\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 8,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 36,63 Gb Free Space | 15,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SENTTENZA
Current User Name: Sentenza
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.13 10:41:32 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sentenza\Dokumenty\Downloads\OTL.exe
PRC - [2010.04.02 09:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010.03.03 16:00:33 | 002,247,640 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Gamesy\Lineage II\system\L2.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010.01.31 22:36:31 | 000,692,496 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.01.31 22:36:25 | 001,794,320 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.01.31 22:20:19 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2010.01.31 22:20:19 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2010.01.21 09:24:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2009.10.30 16:08:26 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.10.30 16:05:48 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.09.30 10:55:34 | 006,371,328 | ---- | M] (Pandora.TV) -- C:\Program Files\The KMPlayer\KMPlayer.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.05.01 12:07:44 | 000,843,776 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2006.04.10 10:19:46 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2006.01.02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
========== Modules (SafeList) ==========
MOD - [2010.06.13 10:41:32 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sentenza\Dokumenty\Downloads\OTL.exe
MOD - [2010.01.31 22:36:33 | 000,168,208 | ---- | M] () -- C:\WINDOWS\system32\guard32.dll
MOD - [2008.04.14 09:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.01.31 23:01:30 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.01.31 22:36:31 | 000,692,496 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.01.31 22:20:19 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009.10.30 16:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.10.30 16:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.06.05 14:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2010.04.02 09:11:16 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/05/28 15:14:24] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.03.12 17:12:33 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.01.31 22:36:33 | 000,132,640 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010.01.31 22:36:33 | 000,082,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010.01.31 22:36:33 | 000,024,096 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.01.31 22:20:19 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.01.31 22:20:19 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2010.01.07 17:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 23:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.10 15:22:22 | 000,110,120 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017unic.sys -- (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)
DRV - [2007.12.10 15:22:22 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017obex.sys -- (s3017obex)
DRV - [2007.12.10 15:22:20 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mgmt.sys -- (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)
DRV - [2007.12.10 15:22:18 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdm.sys -- (s3017mdm)
DRV - [2007.12.10 15:22:18 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdfl.sys -- (s3017mdfl)
DRV - [2007.12.10 15:22:14 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017bus.sys -- (s3017bus) Sony Ericsson Device 3017 driver (WDM)
DRV - [2006.10.04 11:37:16 | 000,198,656 | ---- | M] (YUAN High-Tech Development Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OmniTV.sys -- (OmniTV)
DRV - [2006.07.13 14:11:04 | 000,083,712 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.05 14:55:58 | 000,043,392 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006.06.07 11:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.05.29 09:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.05.29 09:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.05.29 09:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.05.29 09:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2006.05.02 19:12:06 | 000,229,376 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006.03.17 20:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006.02.07 13:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14978&l=dis
IE - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\..\URLSearchHook: {92a2f4ec-51d2-4283-87d5-93b7005fc356} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2008.03.11 12:47:38 | 000,000,917 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 92.240.237.20 l2authd.lineage2.com # Forbidden Lands Lineage 2 Server
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com # Gameguard
O3 - HKLM\..\Toolbar: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - No CLSID value found.
O3 - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {92A2F4EC-51D2-4283-87D5-93B7005FC356} - No CLSID value found.
O3 - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ()
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.190.64.20 195.146.125.146
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.31 22:09:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell\configure\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell\install\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setupx.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.01.31 22:09:27 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (50397631582568448)
========== Files/Folders - Created Within 30 Days ==========
[2010.06.13 10:40:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.06.11 22:02:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sentenza\Recent
[2010.06.11 12:09:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Identities
[2010.06.11 11:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\Tisk
[2010.06.09 12:21:10 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.06 14:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Plocha\praxe
[2010.06.05 08:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Plocha\heslo
[2010.06.04 18:35:39 | 000,000,000 | ---D | C] -- C:\DVDVideoSoft
[2010.06.04 18:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\DVDVideoSoft
[2010.06.04 18:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.06.04 18:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.06.04 18:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
[2010.06.04 18:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\Adobe
[2010.06.04 18:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vbox
[2010.06.04 18:10:04 | 000,000,000 | ---D | C] -- C:\fda
[2010.06.04 17:59:54 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2010.06.04 17:59:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010.06.04 17:59:53 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2010.06.04 17:59:46 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010.06.04 17:59:45 | 000,045,056 | ---- | C] (DGPDev) -- C:\WINDOWS\System32\CxxProgressBar.ocx
[2010.06.04 17:59:44 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.06.04 17:59:44 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msvcr70.dll
[2010.06.04 17:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.06.04 17:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Downloaded Installations
[2010.05.29 16:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
[2010.05.29 16:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010.05.29 16:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.05.28 15:18:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Cyberlink
[2010.05.28 15:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\CyberLink
[2010.05.28 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
[2010.05.28 15:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2010.05.28 15:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010.05.28 15:12:03 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.05.28 15:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010.05.28 15:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.05.14 18:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\Google
[2010.05.14 18:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2010.05.14 17:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Temp
[2010.05.14 17:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2010.05.14 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.13 10:45:07 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Sentenza\NTUSER.DAT
[2010.06.13 10:07:47 | 000,034,882 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\pk.JPG
[2010.06.13 10:03:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.13 08:59:24 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2010.06.13 08:40:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.13 08:40:34 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.13 08:40:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.13 08:40:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.12 21:20:05 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.12 18:36:17 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 23:47:01 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Sentenza\ntuser.ini
[2010.06.11 00:19:38 | 002,111,334 | -H-- | M] () -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\IconCache.db
[2010.06.10 08:45:39 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.05 08:58:41 | 167,849,137 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\ophcrack-xp-livecd-2.0.iso
[2010.06.05 00:27:29 | 000,000,685 | -H-- | M] () -- C:\Documents and Settings\All Users\Dokumenty\os117275.bin
[2010.06.04 18:47:26 | 011,478,328 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240_NEW.avi
[2010.06.04 18:29:54 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\DVDVideoSoft Free Studio.lnk
[2010.06.04 17:43:54 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.06.04 17:36:54 | 000,401,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.04 17:36:54 | 000,398,746 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.04 17:36:54 | 000,073,416 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.04 17:36:54 | 000,062,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.04 17:36:53 | 000,943,518 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.04 17:19:18 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.06.04 16:36:30 | 011,358,301 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240.mp4
[2010.06.02 11:10:29 | 000,036,054 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\stolek pod televizi.jpg
[2010.05.28 15:14:24 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 10.lnk
[2010.05.28 15:11:27 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2010.05.28 15:11:27 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010.05.28 15:11:27 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.05.28 15:06:14 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Sentenza\default.pls
[2010.05.26 18:40:09 | 000,102,912 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Golf Ballu.ppt
[2010.05.26 18:30:26 | 000,062,464 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Ping pong Velunka.ppt
[2010.05.26 18:05:43 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Populační růst a chudoba - Ballu.doc
[2010.05.26 18:02:48 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Povodně a tání ledovců - Verča.doc
[2010.05.23 18:22:51 | 000,044,263 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\ASmatros.JPG
[2010.05.19 20:30:59 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.17 21:49:44 | 001,800,768 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\ODPADLIK.MP3
[2010.05.16 12:22:15 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\reportaz.doc
[2010.05.16 12:08:11 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\fejeton.doc
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.13 10:07:47 | 000,034,882 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\pk.JPG
[2010.06.05 08:57:36 | 167,849,137 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\ophcrack-xp-livecd-2.0.iso
[2010.06.04 18:36:01 | 011,478,328 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240_NEW.avi
[2010.06.04 18:29:54 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\DVDVideoSoft Free Studio.lnk
[2010.06.04 18:29:33 | 000,000,685 | -H-- | C] () -- C:\Documents and Settings\All Users\Dokumenty\os117275.bin
[2010.06.04 17:41:45 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.06.04 17:31:26 | 011,358,301 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240.mp4
[2010.06.02 11:10:29 | 000,036,054 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\stolek pod televizi.jpg
[2010.05.28 15:14:24 | 000,001,758 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 10.lnk
[2010.05.26 18:40:09 | 000,102,912 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Golf Ballu.ppt
[2010.05.26 18:30:26 | 000,062,464 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Ping pong Velunka.ppt
[2010.05.26 18:05:42 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Populační růst a chudoba - Ballu.doc
[2010.05.26 18:02:47 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Povodně a tání ledovců - Verča.doc
[2010.05.23 18:35:53 | 004,147,280 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Red hot chilly pepers - Otherside.wma
[2010.05.23 18:35:45 | 003,820,978 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Save Tonight.mp3
[2010.05.23 18:35:39 | 001,800,768 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\ODPADLIK.MP3
[2010.05.23 18:22:51 | 000,044,263 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\ASmatros.JPG
[2010.05.16 12:20:58 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\reportaz.doc
[2010.05.16 12:08:11 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\fejeton.doc
[2010.05.14 17:58:30 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.14 17:58:29 | 000,000,940 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.12 17:12:33 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.02.27 14:37:55 | 000,000,155 | ---- | C] () -- C:\WINDOWS\MaterialsDlg.ini
[2010.02.27 14:37:54 | 000,000,169 | ---- | C] () -- C:\WINDOWS\LuminancesDlg.ini
[2010.02.27 14:37:54 | 000,000,169 | ---- | C] () -- C:\WINDOWS\EnvironmentsDlg.ini
[2010.02.13 02:40:19 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.02.06 12:41:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2010.02.01 14:20:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.01 13:41:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.01.31 23:15:17 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.01.31 22:53:13 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2010.01.31 22:36:41 | 000,168,208 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2010.01.31 22:31:53 | 000,019,392 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.01.31 22:31:51 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.01.31 22:31:47 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.01.31 22:20:40 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2005.12.07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
========== LOP Check ==========
[2010.02.01 00:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.03.12 17:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.03.06 14:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2010.02.27 12:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2010.03.06 14:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.04 17:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.05.28 15:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.01.31 23:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.01.31 22:59:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.02.01 00:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2010.02.01 00:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ashampoo
[2010.03.05 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Audacity
[2010.06.04 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
[2010.06.04 17:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
[2010.06.05 08:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
[2010.03.27 12:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Datalayer
[2010.04.25 11:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Facebook
[2010.02.27 12:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\IMSIDesign
[2010.01.31 22:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Leadertech
[2010.03.06 14:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Nokia
[2010.03.19 20:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\OpenCandy
[2010.01.31 22:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Opera
[2010.03.06 14:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\PC Suite
[2010.01.31 23:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\TuneUp Software
[2010.06.13 08:59:24 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic troubleshooting.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 09:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.06.04 18:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Adobe
[2010.03.12 18:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ahead
[2010.02.01 00:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ashampoo
[2010.01.31 23:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\ATI
[2010.03.05 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Audacity
[2010.06.04 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
[2010.06.04 17:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
[2010.05.28 22:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
[2010.06.05 08:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
[2010.03.27 12:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Datalayer
[2010.04.25 11:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Facebook
[2010.05.14 18:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Google
[2010.01.31 22:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Identities
[2010.02.27 12:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\IMSIDesign
[2010.02.01 13:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\InstallShield
[2010.01.31 22:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Leadertech
[2010.01.31 22:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Macromedia
[2010.02.04 17:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Malwarebytes
[2010.06.11 12:09:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Microsoft
[2010.03.06 14:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Nokia
[2010.03.19 20:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\OpenCandy
[2010.01.31 22:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Opera
[2010.03.06 14:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\PC Suite
[2010.05.19 21:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Skype
[2010.05.19 20:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\skypePM
[2010.01.31 23:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\TuneUp Software
[2010.05.29 16:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
[2010.01.31 23:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2010.04.25 11:32:05 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Sentenza\Data aplikací\Facebook\uninstall.exe
[2010.03.19 20:50:00 | 003,828,846 | ---- | M] () -- C:\Documents and Settings\Sentenza\Data aplikací\OpenCandy\maximus_install.exe
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 01:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.12 17:12:33 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.01.31 22:43:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.01.31 22:43:46 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.01.31 22:43:46 | 000,507,904 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.06.13 08:40:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Sentenza\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 8,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 36,63 Gb Free Space | 15,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SENTTENZA
Current User Name: Sentenza
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.13 10:41:32 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sentenza\Dokumenty\Downloads\OTL.exe
PRC - [2010.04.02 09:11:22 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2010.03.03 16:00:33 | 002,247,640 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Gamesy\Lineage II\system\L2.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010.01.31 22:36:31 | 000,692,496 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010.01.31 22:36:25 | 001,794,320 | ---- | M] () -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.01.31 22:20:19 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2010.01.31 22:20:19 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2010.01.21 09:24:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2009.10.30 16:08:26 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.10.30 16:05:48 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.09.30 10:55:34 | 006,371,328 | ---- | M] (Pandora.TV) -- C:\Program Files\The KMPlayer\KMPlayer.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.05.01 12:07:44 | 000,843,776 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2006.04.10 10:19:46 | 000,729,088 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2006.01.02 18:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
========== Modules (SafeList) ==========
MOD - [2010.06.13 10:41:32 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sentenza\Dokumenty\Downloads\OTL.exe
MOD - [2010.01.31 22:36:33 | 000,168,208 | ---- | M] () -- C:\WINDOWS\system32\guard32.dll
MOD - [2008.04.14 09:49:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.01.31 23:01:30 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.01.31 22:36:31 | 000,692,496 | ---- | M] () [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010.01.31 22:20:19 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009.10.30 16:05:48 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.10.30 16:01:00 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.06.05 14:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)
========== Driver Services (SafeList) ==========
DRV - [2010.04.02 09:11:16 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/05/28 15:14:24] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl -- ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC})
DRV - [2010.03.12 17:12:33 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.01.31 22:36:33 | 000,132,640 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2010.01.31 22:36:33 | 000,082,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010.01.31 22:36:33 | 000,024,096 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010.01.31 22:20:19 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2010.01.31 22:20:19 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2010.01.07 17:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 23:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.10 15:22:22 | 000,110,120 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017unic.sys -- (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)
DRV - [2007.12.10 15:22:22 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017obex.sys -- (s3017obex)
DRV - [2007.12.10 15:22:20 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mgmt.sys -- (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)
DRV - [2007.12.10 15:22:18 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdm.sys -- (s3017mdm)
DRV - [2007.12.10 15:22:18 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017mdfl.sys -- (s3017mdfl)
DRV - [2007.12.10 15:22:14 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3017bus.sys -- (s3017bus) Sony Ericsson Device 3017 driver (WDM)
DRV - [2006.10.04 11:37:16 | 000,198,656 | ---- | M] (YUAN High-Tech Development Co. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\OmniTV.sys -- (OmniTV)
DRV - [2006.07.13 14:11:04 | 000,083,712 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.05 14:55:58 | 000,043,392 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2006.06.07 11:08:58 | 001,580,544 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.05.29 09:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006.05.29 09:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006.05.29 09:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006.05.29 09:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2006.05.02 19:12:06 | 000,229,376 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2006.03.17 20:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2006.02.07 13:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14978&l=dis
IE - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\..\URLSearchHook: {92a2f4ec-51d2-4283-87d5-93b7005fc356} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2008.03.11 12:47:38 | 000,000,917 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 92.240.237.20 l2authd.lineage2.com # Forbidden Lands Lineage 2 Server
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com # Gameguard
O3 - HKLM\..\Toolbar: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - No CLSID value found.
O3 - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {92A2F4EC-51D2-4283-87D5-93B7005FC356} - No CLSID value found.
O3 - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe ()
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.190.64.20 195.146.125.146
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.31 22:09:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell\configure\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}\Shell\install\command - "" = D:\SETUP.EXE -- File not found
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Setupx.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.01.31 22:09:27 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (50397631582568448)
========== Files/Folders - Created Within 30 Days ==========
[2010.06.13 10:40:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.06.11 22:02:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sentenza\Recent
[2010.06.11 12:09:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Identities
[2010.06.11 11:18:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\Tisk
[2010.06.09 12:21:10 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.06 14:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Plocha\praxe
[2010.06.05 08:59:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Plocha\heslo
[2010.06.04 18:35:39 | 000,000,000 | ---D | C] -- C:\DVDVideoSoft
[2010.06.04 18:29:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\DVDVideoSoft
[2010.06.04 18:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.06.04 18:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.06.04 18:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
[2010.06.04 18:14:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\Adobe
[2010.06.04 18:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Vbox
[2010.06.04 18:10:04 | 000,000,000 | ---D | C] -- C:\fda
[2010.06.04 17:59:54 | 000,309,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmv8dmod.dll
[2010.06.04 17:59:54 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010.06.04 17:59:53 | 000,420,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4c32.dll
[2010.06.04 17:59:46 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gdiplus.dll
[2010.06.04 17:59:45 | 000,045,056 | ---- | C] (DGPDev) -- C:\WINDOWS\System32\CxxProgressBar.ocx
[2010.06.04 17:59:44 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.06.04 17:59:44 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Msvcr70.dll
[2010.06.04 17:38:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.06.04 17:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Downloaded Installations
[2010.05.29 16:23:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
[2010.05.29 16:21:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2010.05.29 16:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010.05.28 15:18:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Cyberlink
[2010.05.28 15:17:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Dokumenty\CyberLink
[2010.05.28 15:17:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
[2010.05.28 15:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2010.05.28 15:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CyberLink
[2010.05.28 15:12:03 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.05.28 15:12:03 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010.05.28 15:11:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.05.14 18:03:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Data aplikací\Google
[2010.05.14 18:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2010.05.14 17:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Temp
[2010.05.14 17:58:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2010.05.14 17:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.06.13 10:45:07 | 004,194,304 | -H-- | M] () -- C:\Documents and Settings\Sentenza\NTUSER.DAT
[2010.06.13 10:07:47 | 000,034,882 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\pk.JPG
[2010.06.13 10:03:02 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.13 08:59:24 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2010.06.13 08:40:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.13 08:40:34 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.13 08:40:18 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.13 08:40:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.12 21:20:05 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.12 18:36:17 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.11 23:47:01 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Sentenza\ntuser.ini
[2010.06.11 00:19:38 | 002,111,334 | -H-- | M] () -- C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\IconCache.db
[2010.06.10 08:45:39 | 000,114,968 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.05 08:58:41 | 167,849,137 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\ophcrack-xp-livecd-2.0.iso
[2010.06.05 00:27:29 | 000,000,685 | -H-- | M] () -- C:\Documents and Settings\All Users\Dokumenty\os117275.bin
[2010.06.04 18:47:26 | 011,478,328 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240_NEW.avi
[2010.06.04 18:29:54 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\DVDVideoSoft Free Studio.lnk
[2010.06.04 17:43:54 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.06.04 17:36:54 | 000,401,200 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.04 17:36:54 | 000,398,746 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.04 17:36:54 | 000,073,416 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.04 17:36:54 | 000,062,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.04 17:36:53 | 000,943,518 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.04 17:19:18 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.06.04 16:36:30 | 011,358,301 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240.mp4
[2010.06.02 11:10:29 | 000,036,054 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\stolek pod televizi.jpg
[2010.05.28 15:14:24 | 000,001,758 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 10.lnk
[2010.05.28 15:11:27 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll
[2010.05.28 15:11:27 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll
[2010.05.28 15:11:27 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml3a.dll
[2010.05.28 15:06:14 | 000,000,172 | ---- | M] () -- C:\Documents and Settings\Sentenza\default.pls
[2010.05.26 18:40:09 | 000,102,912 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Golf Ballu.ppt
[2010.05.26 18:30:26 | 000,062,464 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Ping pong Velunka.ppt
[2010.05.26 18:05:43 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Populační růst a chudoba - Ballu.doc
[2010.05.26 18:02:48 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\Povodně a tání ledovců - Verča.doc
[2010.05.23 18:22:51 | 000,044,263 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\ASmatros.JPG
[2010.05.19 20:30:59 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.17 21:49:44 | 001,800,768 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\ODPADLIK.MP3
[2010.05.16 12:22:15 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\reportaz.doc
[2010.05.16 12:08:11 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Sentenza\Plocha\fejeton.doc
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.13 10:07:47 | 000,034,882 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\pk.JPG
[2010.06.05 08:57:36 | 167,849,137 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\ophcrack-xp-livecd-2.0.iso
[2010.06.04 18:36:01 | 011,478,328 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240_NEW.avi
[2010.06.04 18:29:54 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\DVDVideoSoft Free Studio.lnk
[2010.06.04 18:29:33 | 000,000,685 | -H-- | C] () -- C:\Documents and Settings\All Users\Dokumenty\os117275.bin
[2010.06.04 17:41:45 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.06.04 17:31:26 | 011,358,301 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\04062010240.mp4
[2010.06.02 11:10:29 | 000,036,054 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\stolek pod televizi.jpg
[2010.05.28 15:14:24 | 000,001,758 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerDVD 10.lnk
[2010.05.26 18:40:09 | 000,102,912 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Golf Ballu.ppt
[2010.05.26 18:30:26 | 000,062,464 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Ping pong Velunka.ppt
[2010.05.26 18:05:42 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Populační růst a chudoba - Ballu.doc
[2010.05.26 18:02:47 | 000,042,496 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Povodně a tání ledovců - Verča.doc
[2010.05.23 18:35:53 | 004,147,280 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Red hot chilly pepers - Otherside.wma
[2010.05.23 18:35:45 | 003,820,978 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\Save Tonight.mp3
[2010.05.23 18:35:39 | 001,800,768 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\ODPADLIK.MP3
[2010.05.23 18:22:51 | 000,044,263 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\ASmatros.JPG
[2010.05.16 12:20:58 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\reportaz.doc
[2010.05.16 12:08:11 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Sentenza\Plocha\fejeton.doc
[2010.05.14 17:58:30 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.14 17:58:29 | 000,000,940 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.12 17:12:33 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.02.27 14:37:55 | 000,000,155 | ---- | C] () -- C:\WINDOWS\MaterialsDlg.ini
[2010.02.27 14:37:54 | 000,000,169 | ---- | C] () -- C:\WINDOWS\LuminancesDlg.ini
[2010.02.27 14:37:54 | 000,000,169 | ---- | C] () -- C:\WINDOWS\EnvironmentsDlg.ini
[2010.02.13 02:40:19 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.02.06 12:41:22 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2010.02.01 14:20:05 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.01 13:41:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.01.31 23:15:17 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.01.31 22:53:13 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2010.01.31 22:36:41 | 000,168,208 | ---- | C] () -- C:\WINDOWS\System32\guard32.dll
[2010.01.31 22:31:53 | 000,019,392 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.01.31 22:31:51 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.01.31 22:31:47 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.01.31 22:20:40 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2005.12.07 13:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
========== LOP Check ==========
[2010.02.01 00:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.03.12 17:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.03.06 14:16:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2010.02.27 12:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2010.03.06 14:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.04 17:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.05.28 15:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.01.31 23:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.01.31 22:59:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.02.01 00:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2010.02.01 00:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ashampoo
[2010.03.05 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Audacity
[2010.06.04 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
[2010.06.04 17:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
[2010.06.05 08:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
[2010.03.27 12:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Datalayer
[2010.04.25 11:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Facebook
[2010.02.27 12:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\IMSIDesign
[2010.01.31 22:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Leadertech
[2010.03.06 14:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Nokia
[2010.03.19 20:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\OpenCandy
[2010.01.31 22:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Opera
[2010.03.06 14:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\PC Suite
[2010.01.31 23:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\TuneUp Software
[2010.06.13 08:59:24 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic troubleshooting.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 09:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[5 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.06.04 18:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Adobe
[2010.03.12 18:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ahead
[2010.02.01 00:54:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ashampoo
[2010.01.31 23:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\ATI
[2010.03.05 21:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Audacity
[2010.06.04 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
[2010.06.04 17:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
[2010.05.28 22:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
[2010.06.05 08:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
[2010.03.27 12:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Datalayer
[2010.04.25 11:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Facebook
[2010.05.14 18:03:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Google
[2010.01.31 22:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Identities
[2010.02.27 12:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\IMSIDesign
[2010.02.01 13:59:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\InstallShield
[2010.01.31 22:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Leadertech
[2010.01.31 22:50:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Macromedia
[2010.02.04 17:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Malwarebytes
[2010.06.11 12:09:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Microsoft
[2010.03.06 14:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Nokia
[2010.03.19 20:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\OpenCandy
[2010.01.31 22:29:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Opera
[2010.03.06 14:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\PC Suite
[2010.05.19 21:39:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Skype
[2010.05.19 20:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\skypePM
[2010.01.31 23:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\TuneUp Software
[2010.05.29 16:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
[2010.01.31 23:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sentenza\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2010.04.25 11:32:05 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\Sentenza\Data aplikací\Facebook\uninstall.exe
[2010.03.19 20:50:00 | 003,828,846 | ---- | M] () -- C:\Documents and Settings\Sentenza\Data aplikací\OpenCandy\maximus_install.exe
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 09:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 09:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 01:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 01:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\system32\DRIVERS\isapnp.sys
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 08:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 09:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 01:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 09:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 09:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 09:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.03.12 17:12:33 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.01.31 22:43:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.01.31 22:43:46 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.01.31 22:43:46 | 000,507,904 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.06.13 08:40:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Re: Kontrola Logu - Dekuji
OTL Extras logfile created on: 13.6.2010 10:42:58 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Sentenza\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 8,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 36,63 Gb Free Space | 15,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SENTTENZA
Current User Name: Sentenza
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage II
"{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = OSCAR Editor
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JRAID
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{68FBB7BE-34F5-4FE9-AA07-E7894533CF0E}" = TurboCAD Professional 14
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{BE83EC7F-7519-4036-8B59-ECE494308124}" = ATI Catalyst Control Center
"{C4A0C307-053A-4335-8B28-60E901DB1029}" = Nero 7 Essentials
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Internet Security
"CyberLink PowerDVD 10.0.1516.51" = CyberLink PowerDVD 10.0.1516.51 - odinstalovat češtinu
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FormatFactory" = FormatFactory 2.15
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.4
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = OSCAR Editor
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NOD32" = Antivirový systém NOD32
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9.5.2010 4:48:23 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 5:12:05 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 5:56:32 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Error - 9.5.2010 6:27:04 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 6:33:12 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 7:45:02 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 10.5.2010 2:19:58 | Computer Name = SENTTENZA | Source = Application Error | ID = 1004
Description = Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Error - 14.5.2010 13:18:54 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 15.5.2010 7:35:40 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 15.5.2010 9:23:38 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
[ System Events ]
Error - 7.5.2010 9:14:25 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 7.5.2010 15:16:25 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 8.5.2010 7:05:08 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 8.5.2010 9:04:51 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 9.5.2010 5:56:34 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba Klient DNS byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 23.5.2010 10:02:55 | Computer Name = SENTTENZA | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.103 pro síťovou kartu se síťovou
adresou 001731EDBCCB byla ukončena.
< End of report >
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Sentenza\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 84,00 Mb Available Physical Memory | 8,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 36,63 Gb Free Space | 15,73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SENTTENZA
Current User Name: Sentenza
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage II
"{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = OSCAR Editor
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JRAID
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{68FBB7BE-34F5-4FE9-AA07-E7894533CF0E}" = TurboCAD Professional 14
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}" = ATI Parental Control & Encoder
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{BE83EC7F-7519-4036-8B59-ECE494308124}" = ATI Catalyst Control Center
"{C4A0C307-053A-4335-8B28-60E901DB1029}" = Nero 7 Essentials
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Internet Security
"CyberLink PowerDVD 10.0.1516.51" = CyberLink PowerDVD 10.0.1516.51 - odinstalovat češtinu
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"FormatFactory" = FormatFactory 2.15
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.4
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}" = OSCAR Editor
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"NOD32" = Antivirový systém NOD32
"The KMPlayer" = The KMPlayer (remove only)
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2000478354-329068152-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9.5.2010 4:48:23 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 5:12:05 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 5:56:32 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Error - 9.5.2010 6:27:04 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 6:33:12 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 9.5.2010 7:45:02 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 10.5.2010 2:19:58 | Computer Name = SENTTENZA | Source = Application Error | ID = 1004
Description = Chybující aplikace svchost.exe, verze 5.1.2600.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000000.
Error - 14.5.2010 13:18:54 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 15.5.2010 7:35:40 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
Error - 15.5.2010 9:23:38 | Computer Name = SENTTENZA | Source = Application Error | ID = 1000
Description = Chybující aplikace l2.exe, verze 0.0.0.0, chybující modul l2.exe,
verze 0.0.0.0, adresa chyby 0x0000cc1f.
[ System Events ]
Error - 7.5.2010 9:14:25 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 7.5.2010 15:16:25 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 8.5.2010 7:05:08 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 8.5.2010 9:04:51 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 9.5.2010 5:56:34 | Computer Name = SENTTENZA | Source = Service Control Manager | ID = 7034
Description = Služba Klient DNS byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 23.5.2010 10:02:55 | Computer Name = SENTTENZA | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.1.103 pro síťovou kartu se síťovou
adresou 001731EDBCCB byla ukončena.
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Kontrola Logu - Dekuji
Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.
Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.
Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe- Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
- Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.
Re: Kontrola Logu - Dekuji
COMODO Internet Security pouzivam pouze jako firewall.
PS: omlouvam se za spam, ale chtel jsem, aby to bylo prehlednejsi
PS: omlouvam se za spam, ale chtel jsem, aby to bylo prehlednejsi
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Kontrola Logu - Dekuji
V pořádku.
Caroprd111 píše:Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.
Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
- Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
- Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.
Re: Kontrola Logu - Dekuji
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11
----- EOF -----
scanner sequence 3.MN.11
----- EOF -----
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Kontrola Logu - Dekuji
Logfile of random's system information tool 1.07 (written by random/random)
Run by Sentenza at 2010-06-13 11:46:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (16%) free of 238 GB
Total RAM: 1023 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:28, on 13.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Sentenza\Plocha\Gamesy\Lineage II\system\L2.exe
C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Sentenza.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://game.amd.com/us-en/drivers_catalyst.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - (no file)
O1 - Hosts: 92.240.237.20 l2authd.lineage2.com # Forbidden Lands Lineage 2 Server
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com # Gameguard
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 7070 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{92a2f4ec-51d2-4283-87d5-93b7005fc356}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-01-31 949376]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-31 1794320]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-04-10 729088]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [2003-09-15 270336]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-04-02 75048]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Setupx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}]
shell\AutoRun\command - D:\SETUP.EXE /AUTORUN
shell\configure\command - D:\SETUP.EXE
shell\install\command - D:\SETUP.EXE
======List of files/folders created in the last 1 months======
2010-06-13 10:40:22 ----D---- C:\WINDOWS\system32\appmgmt
2010-06-10 01:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 01:28:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 01:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 01:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 01:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 01:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-04 18:35:39 ----D---- C:\DVDVideoSoft
2010-06-04 18:28:48 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-06-04 18:28:38 ----D---- C:\Program Files\DVDVideoSoft
2010-06-04 18:22:11 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
2010-06-04 18:13:18 ----D---- C:\Program Files\Common Files\Vbox
2010-06-04 18:10:04 ----D---- C:\fda
2010-06-04 17:59:54 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-06-04 17:59:53 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-06-04 17:59:46 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-06-04 17:59:44 ----A---- C:\WINDOWS\system32\Msvcr70.dll
2010-06-04 17:38:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2010-05-29 16:23:09 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
2010-05-29 16:21:58 ----D---- C:\Program Files\Ventrilo
2010-05-29 16:21:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-05-28 15:17:08 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
2010-05-28 15:14:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2010-05-28 15:14:06 ----D---- C:\Program Files\Common Files\CyberLink
2010-05-28 15:12:03 ----D---- C:\Program Files\CyberLink
2010-05-28 15:12:03 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-05-28 15:11:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Temp
2010-05-28 10:39:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-14 18:03:38 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Google
2010-05-14 17:58:17 ----D---- C:\Program Files\Google
======List of files/folders modified in the last 1 months======
2010-06-13 11:46:17 ----D---- C:\Program Files\trend micro
2010-06-13 11:46:12 ----D---- C:\WINDOWS\Temp
2010-06-13 11:19:12 ----RD---- C:\Program Files
2010-06-13 11:16:04 ----D---- C:\WINDOWS\Prefetch
2010-06-13 10:40:22 ----D---- C:\WINDOWS\system32
2010-06-13 10:40:21 ----SHD---- C:\WINDOWS\Installer
2010-06-13 10:40:19 ----SD---- C:\WINDOWS\Tasks
2010-06-13 10:06:52 ----D---- C:\WINDOWS
2010-06-13 08:40:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-12 23:01:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-12 21:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-12 16:39:35 ----HD---- C:\WINDOWS\inf
2010-06-11 17:22:04 ----D---- C:\WINDOWS\Debug
2010-06-11 12:09:10 ----SD---- C:\Documents and Settings\Sentenza\Data aplikací\Microsoft
2010-06-10 01:28:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 01:28:26 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 01:27:32 ----D---- C:\Program Files\Internet Explorer
2010-06-10 01:27:24 ----D---- C:\WINDOWS\ie8updates
2010-06-05 08:58:49 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
2010-06-05 08:49:58 ----D---- C:\Program Files\Adobe
2010-06-04 18:55:56 ----RSD---- C:\WINDOWS\assembly
2010-06-04 18:55:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-04 18:28:48 ----D---- C:\Program Files\Common Files
2010-06-04 18:20:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-04 18:20:14 ----D---- C:\WINDOWS\system32\drivers
2010-06-04 18:14:36 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Adobe
2010-06-04 17:36:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-04 17:34:44 ----D---- C:\WINDOWS\WinSxS
2010-06-04 17:19:18 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-06-04 17:09:15 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
2010-06-04 15:14:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-28 15:11:27 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-05-28 15:11:27 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-05-26 12:32:04 ----A---- C:\_srvlog.txt
2010-05-19 21:39:30 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Skype
2010-05-19 20:31:18 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-01-31 132640]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-01-31 24096]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-01-31 15424]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/05/28 15:14:24]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-01-31 512096]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 OmniTV;Cx2388x AvStream Video Capture; C:\WINDOWS\system32\DRIVERS\OmniTV.sys [2006-10-04 198656]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-13 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ac5onbzc;ac5onbzc; C:\WINDOWS\system32\drivers\ac5onbzc.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-31 692496]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-01-31 552064]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-31 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Run by Sentenza at 2010-06-13 11:46:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 37 GB (16%) free of 238 GB
Total RAM: 1023 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:46:28, on 13.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Sentenza\Plocha\Gamesy\Lineage II\system\L2.exe
C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Documents and Settings\Sentenza\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sentenza\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Sentenza.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14978&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://game.amd.com/us-en/drivers_catalyst.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - (no file)
O1 - Hosts: 92.240.237.20 l2authd.lineage2.com # Forbidden Lands Lineage 2 Server
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com # Gameguard
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: (no name) - {92a2f4ec-51d2-4283-87d5-93b7005fc356} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 7070 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{92a2f4ec-51d2-4283-87d5-93b7005fc356}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2010-01-31 949376]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-31 1794320]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-05-01 843776]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-04-10 729088]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [2003-09-15 270336]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"RemoteControl10"=C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-04-02 75048]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - D:\Setupx.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84d1ad42-0ea9-11df-85fa-806d6172696f}]
shell\AutoRun\command - D:\SETUP.EXE /AUTORUN
shell\configure\command - D:\SETUP.EXE
shell\install\command - D:\SETUP.EXE
======List of files/folders created in the last 1 months======
2010-06-13 10:40:22 ----D---- C:\WINDOWS\system32\appmgmt
2010-06-10 01:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 01:28:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 01:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 01:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 01:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 01:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-04 18:35:39 ----D---- C:\DVDVideoSoft
2010-06-04 18:28:48 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-06-04 18:28:38 ----D---- C:\Program Files\DVDVideoSoft
2010-06-04 18:22:11 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\avidemux
2010-06-04 18:13:18 ----D---- C:\Program Files\Common Files\Vbox
2010-06-04 18:10:04 ----D---- C:\fda
2010-06-04 17:59:54 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-06-04 17:59:53 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-06-04 17:59:46 ----A---- C:\WINDOWS\system32\gdiplus.dll
2010-06-04 17:59:44 ----A---- C:\WINDOWS\system32\Msvcr70.dll
2010-06-04 17:38:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2010-05-29 16:23:09 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Ventrilo
2010-05-29 16:21:58 ----D---- C:\Program Files\Ventrilo
2010-05-29 16:21:11 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-05-28 15:17:08 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\CyberLink
2010-05-28 15:14:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2010-05-28 15:14:06 ----D---- C:\Program Files\Common Files\CyberLink
2010-05-28 15:12:03 ----D---- C:\Program Files\CyberLink
2010-05-28 15:12:03 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-05-28 15:11:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Temp
2010-05-28 10:39:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-14 18:03:38 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Google
2010-05-14 17:58:17 ----D---- C:\Program Files\Google
======List of files/folders modified in the last 1 months======
2010-06-13 11:46:17 ----D---- C:\Program Files\trend micro
2010-06-13 11:46:12 ----D---- C:\WINDOWS\Temp
2010-06-13 11:19:12 ----RD---- C:\Program Files
2010-06-13 11:16:04 ----D---- C:\WINDOWS\Prefetch
2010-06-13 10:40:22 ----D---- C:\WINDOWS\system32
2010-06-13 10:40:21 ----SHD---- C:\WINDOWS\Installer
2010-06-13 10:40:19 ----SD---- C:\WINDOWS\Tasks
2010-06-13 10:06:52 ----D---- C:\WINDOWS
2010-06-13 08:40:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-12 23:01:01 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-12 21:20:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-12 16:39:35 ----HD---- C:\WINDOWS\inf
2010-06-11 17:22:04 ----D---- C:\WINDOWS\Debug
2010-06-11 12:09:10 ----SD---- C:\Documents and Settings\Sentenza\Data aplikací\Microsoft
2010-06-10 01:28:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 01:28:26 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-10 01:27:32 ----D---- C:\Program Files\Internet Explorer
2010-06-10 01:27:24 ----D---- C:\WINDOWS\ie8updates
2010-06-05 08:58:49 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\DAEMON Tools Lite
2010-06-05 08:49:58 ----D---- C:\Program Files\Adobe
2010-06-04 18:55:56 ----RSD---- C:\WINDOWS\assembly
2010-06-04 18:55:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-04 18:28:48 ----D---- C:\Program Files\Common Files
2010-06-04 18:20:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-04 18:20:14 ----D---- C:\WINDOWS\system32\drivers
2010-06-04 18:14:36 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Adobe
2010-06-04 17:36:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-04 17:34:44 ----D---- C:\WINDOWS\WinSxS
2010-06-04 17:19:18 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-06-04 17:09:15 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\BitTorrent
2010-06-04 15:14:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-28 15:11:27 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-05-28 15:11:27 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-05-26 12:32:04 ----A---- C:\_srvlog.txt
2010-05-19 21:39:30 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\Skype
2010-05-19 20:31:18 ----D---- C:\Documents and Settings\Sentenza\Data aplikací\skypePM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-01-31 132640]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-01-31 24096]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2010-01-31 15424]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/05/28 15:14:24]; \??\C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2010-01-31 512096]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-05-02 229376]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-04-27 93824]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 OmniTV;Cx2388x AvStream Video Capture; C:\WINDOWS\system32\DRIVERS\OmniTV.sys [2006-10-04 198656]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-13 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ac5onbzc;ac5onbzc; C:\WINDOWS\system32\drivers\ac5onbzc.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-31 692496]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-01-31 552064]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-14 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-31 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Kontrola Logu - Dekuji
V logu pořád vidím nelegální NOD32. Dokud ho neodinstalujete a nenahradíte free řešením, odmítám pokračovat.
Přispějete na provoz fóra?