Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
Dahed
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 12 čer 2010 20:11

Kontrola

#1 Příspěvek od Dahed »

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:09:55, on 12.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dahed\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [SPIRun] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [Config] C:\games\Age Of Empires 2\Age Of Empires ii\Config.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\PowerDVD9\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RGSC] C:\games\GTA 4\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\driver\2k_xp\182.50\PhysX_9.09.0203_SystemSoftware.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: FIFA 09 Registration.lnk = C:\games\FIFA 09\Support\EAregister.exe
O4 - Startup: Registration Brothers In Arms EiB.LNK = C:\games\BrothersInArmsEiB\Support\Register\RegistrationReminder.exe
O4 - Startup: Registration Ghost Recon Advanced Warfighter.LNK = C:\games\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: bw+0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 21341 bytes
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#2 Příspěvek od vyosek »

Zdravim,

dle pravidel fora se jiz dava log z RSITu, ale ja Vas o nej nuitne nezadam...To jen pro priste :)

:arrow: Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
  • C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
  • Kliknete na Prochazet
  • Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
  • Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
  • Kliknete na Otestovat soubor
  • Vysledek analyzy sem vlozte (jako odkaz)
:arrow: Stahnete OTL (viz muj podpis) a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
Dahed
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 12 čer 2010 20:11

Re: Kontrola

#3 Příspěvek od Dahed »

Soubor bwplugprotocol-8876480.dll přijatý 2010.05.12 01:51:24 (UTC)
Současný stav: Dokončeno
Výsledek: 0/40 (0.00%)

Link > http://www.virustotal.com/cs/analisis/9 ... 1276422127 <

- v priloze je OTL + Extras
Přílohy
OTL+Extras.rar
OTL.txt + Extras.txt
(24.93 KiB) Staženo 75 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#4 Příspěvek od vyosek »

OTL logfile created on: 12.6.2010 23:14:17 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Dahed\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 273,12 Gb Free Space | 58,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KUDRNA
Current User Name: Dahed
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.12 21:33:52 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dahed\Plocha\OTL.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.02.24 21:17:04 | 000,385,928 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010.02.03 09:46:52 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009.12.17 11:23:54 | 000,272,896 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2009.11.11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.11.04 12:05:55 | 000,032,768 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
PRC - [2009.10.07 09:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.10.07 09:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2009.08.13 12:43:54 | 003,276,288 | ---- | M] (The Author of QIP) -- C:\Program Files\QIP\qip.exe
PRC - [2009.05.07 21:05:44 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared files\brs.exe
PRC - [2009.04.27 20:41:58 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.11 23:16:00 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
PRC - [2007.08.07 02:05:46 | 000,200,704 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2005.01.28 15:35:58 | 000,434,176 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2004.12.10 13:45:26 | 000,049,152 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE


========== Modules (SafeList) ==========

MOD - [2010.06.12 21:33:52 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dahed\Plocha\OTL.exe
MOD - [2009.11.04 12:05:55 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Dahed\Local Settings\Temp\IadHide5.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2005.01.28 15:34:04 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2005.01.28 15:31:34 | 000,045,056 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\gamehook.dll
MOD - [2003.03.18 21:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003.02.21 05:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.03.30 11:16:12 | 001,107,336 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.10.07 09:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.10.07 09:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2002.12.05 14:00:00 | 000,003,584 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\System32\regedt32.exe -- (NOD32FiXTemDono)


========== Driver Services (SafeList) ==========

DRV - [2010.04.04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010.02.03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.01.16 19:39:25 | 000,025,616 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Dahed\Local Settings\Temp\WKC25EB.tmp -- (GarenaPEngine)
DRV - [2009.11.10 22:38:04 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.11.10 22:38:03 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.11.05 11:37:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.10.07 09:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.10.07 09:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009.10.07 09:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.05.07 21:05:22 | 000,087,536 | ---- | M] (CyberLink Corp.) [2010/05/14 08:17:57] [Kernel | Auto | Running] -- C:\Program Files\PowerDVD9\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2007.11.17 09:43:56 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.11.17 09:43:46 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.08.09 05:11:40 | 000,102,400 | R--- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2007.08.07 02:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007.07.05 05:33:32 | 000,048,768 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007.03.02 05:37:00 | 000,732,672 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\t3.sys -- (t3)
DRV - [2007.02.27 09:31:10 | 000,171,008 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctusfsyn.sys -- (CTUSFSYN)
DRV - [2007.02.20 16:01:58 | 001,656,576 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\t3filt.sys -- (t3filt)
DRV - [2005.12.08 05:54:52 | 000,114,688 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005.12.08 05:54:44 | 000,142,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.01.07 18:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.12.22 13:58:14 | 000,008,704 | R--- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Pfmodnt.sys -- (PfModNT)
DRV - [2004.12.10 13:48:40 | 000,068,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004.12.10 13:48:08 | 000,052,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2004.12.10 13:47:58 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2002.12.05 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002.12.05 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: eafo3fflauncher@ea.com:1.1
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.05.20 16:28:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.05 14:37:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.02 18:46:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.05.20 16:27:59 | 000,000,000 | ---D | M]

[2009.11.05 10:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Extensions
[2010.06.12 21:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\extensions
[2010.05.02 17:45:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.29 01:52:01 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2010.04.29 12:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\extensions\DTToolbar@toolbarnet.com
[2010.05.29 10:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\extensions\eafo3fflauncher@ea.com
[2009.10.06 18:10:14 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\conduit.xml
[2010.04.29 12:07:10 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\daemon-search.xml
[2009.11.05 11:00:12 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\qipsearch.xml
[2010.06.12 21:09:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.01 23:44:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.14 10:16:32 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.14 10:16:32 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.14 10:16:32 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.14 10:16:32 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.14 10:16:32 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2002.12.05 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Config] C:\games\Age Of Empires 2\Age of Empires II\Config.exe ( )
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\PowerDVD9\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SPIRun] C:\WINDOWS\System32\SPIRun.dll (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech)
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [RGSC] C:\games\GTA 4\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\FIFA 09 Registration.lnk = C:\games\FIFA 09\Support\EAregister.exe File not found
O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms EiB.LNK = C:\games\BrothersInArmsEiB\Support\Register\RegistrationReminder.exe File not found
O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Ghost Recon Advanced Warfighter.LNK = C:\games\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\bw+0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {4505337c-d730-4912-991d-d40b0254f929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\offline-8876480 {4505337C-D730-4912-991D-D40B0254F929} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.04 10:49:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.11.04 11:40:55 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.at3 - C:\WINDOWS\System32\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.hfyu - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.mp42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.vp60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (570887052984320)

========== Files/Folders - Created Within 7 Days ==========

[2010.06.12 23:12:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.06.12 21:33:37 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Dahed\Plocha\OTL.exe
[2010.06.11 10:57:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dahed\Dokumenty\Savegames
[2010.06.10 11:50:12 | 000,197,120 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\fdco1.dll
[2010.06.10 11:50:12 | 000,054,016 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\NVENETFD.sys
[2010.06.10 11:48:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP
[2010.06.10 11:47:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\nview
[2010.06.10 11:46:37 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvunrm.exe
[2010.06.10 11:46:37 | 000,035,328 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvconrm.dll
[2010.06.10 11:46:36 | 000,009,216 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\bdco1.dll
[2010.06.10 11:46:35 | 000,943,872 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvnrm.sys
[2010.06.10 11:46:35 | 000,022,016 | R--- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvnetbus.sys
[2010.06.10 11:22:12 | 014,757,888 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010.06.10 11:22:12 | 002,646,632 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010.06.10 11:22:12 | 002,030,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010.06.10 11:22:12 | 000,061,440 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010.06.10 11:22:11 | 011,647,592 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010.06.10 11:22:11 | 004,075,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010.06.10 11:22:11 | 001,097,728 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010.06.10 11:22:11 | 000,227,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010.06.10 11:22:11 | 000,227,944 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010.06.10 10:50:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dahed\Dokumenty\Settlers7
[2010.06.06 19:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dahed\Local Settings\Data aplikací\WOP
[2010.06.06 19:17:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\WOP
[2010.06.06 19:11:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dahed\Local Settings\Data aplikací\Wings of Prey
[2010.06.06 15:12:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Dahed\Data aplikací\InstallShield Installation Information
[2010.06.06 15:11:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[2010.06.06 14:39:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\solcache
[2010.06.06 14:37:58 | 001,022,976 | ---- | C] (Cendant Software) -- C:\WINDOWS\System32\SierraNW.dll
[2010.06.06 14:37:58 | 000,231,936 | ---- | C] (Cendant Software) -- C:\WINDOWS\System32\SNWValid.dll
[2010.06.06 14:37:54 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra On-Line
[2010.06.06 14:37:31 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.06.12 23:11:33 | 000,199,680 | ---- | M] () -- C:\Documents and Settings\Dahed\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.12 23:09:35 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.06.12 23:09:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.12 23:09:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.12 23:08:43 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\Dahed\NTUSER.DAT
[2010.06.12 22:58:07 | 000,000,698 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.12 21:33:52 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Dahed\Plocha\OTL.exe
[2010.06.11 11:11:21 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\The Settlers 7 - Paths to a Kingdom.lnk
[2010.06.10 11:55:47 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Dahed\ntuser.ini
[2010.06.10 11:35:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.06.10 09:00:43 | 000,000,038 | ---- | M] () -- C:\WINDOWS\AviSplitter.INI
[2010.06.10 07:25:45 | 000,273,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.10 07:18:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.06.10 07:13:26 | 000,432,844 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.10 07:13:26 | 000,429,376 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.10 07:13:26 | 000,067,620 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.10 07:13:25 | 000,979,852 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.10 07:13:25 | 000,078,224 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.09 08:27:02 | 000,001,436 | ---- | M] () -- C:\Documents and Settings\Dahed\Plocha\DivX Movies.lnk
[2010.06.09 08:26:58 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Player.lnk
[2010.06.09 08:26:46 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DivX Plus Converter.lnk
[2010.06.08 13:03:20 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.06.08 13:03:20 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.06.07 08:42:19 | 000,000,170 | ---- | M] () -- C:\Documents and Settings\Dahed\Plocha\Day of Defeat Source.url
[2010.06.06 23:31:06 | 004,236,994 | -H-- | M] () -- C:\Documents and Settings\Dahed\Local Settings\Data aplikací\IconCache.db
[2010.06.06 22:10:19 | 000,137,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.06 22:10:10 | 000,214,520 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.06 14:39:14 | 000,000,340 | ---- | M] () -- C:\WINDOWS\SIERRA.INI
[2010.06.06 10:35:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.11 11:11:21 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\The Settlers 7 - Paths to a Kingdom.lnk
[2010.06.10 11:46:38 | 000,005,815 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2010.06.10 11:22:11 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.06.06 19:01:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2010.06.06 18:18:35 | 000,000,170 | ---- | C] () -- C:\Documents and Settings\Dahed\Plocha\Day of Defeat Source.url
[2010.06.06 14:37:34 | 000,000,340 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010.05.28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.01.04 13:47:42 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.12.21 17:38:48 | 000,000,994 | ---- | C] () -- C:\WINDOWS\ARPR.INI
[2009.11.10 22:38:04 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.11.10 22:38:03 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.11.07 12:38:52 | 000,000,698 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.11.05 11:37:51 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.11.05 11:15:10 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.11.04 11:09:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.11.04 11:09:35 | 000,003,923 | ---- | C] () -- C:\WINDOWS\System32\AudioDrv.ini
[2009.11.04 11:09:19 | 000,137,728 | R--- | C] () -- C:\WINDOWS\System32\OemSpi.dll
[2009.11.04 11:09:19 | 000,118,850 | R--- | C] () -- C:\WINDOWS\System32\CTPcie.dll
[2009.11.04 10:54:59 | 000,102,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvgts.sys
[2009.02.11 23:30:02 | 001,481,728 | ---- | C] () -- C:\WINDOWS\System32\legitcheckcontrol.dll.bak
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.05.26 22:33:08 | 000,741,376 | ---- | C] () -- C:\WINDOWS\System32\audxlib.dll
[2008.05.26 22:33:08 | 000,524,288 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.05.26 22:33:08 | 000,245,760 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2008.05.26 22:33:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2008.05.26 22:33:08 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2008.05.26 22:33:08 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2008.05.26 22:33:08 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2008.05.26 22:33:08 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2008.05.26 22:33:08 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2008.05.26 22:33:08 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\ff_realaac.dll
[2008.05.26 22:33:08 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2008.05.26 22:33:08 | 000,041,984 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2008.05.26 22:33:08 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2008.03.29 17:42:22 | 000,245,248 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2008.03.29 17:42:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008.03.29 17:42:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2008.03.29 17:42:08 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2008.03.29 17:42:04 | 000,141,312 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2008.03.29 17:42:04 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2008.03.29 17:42:02 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2008.03.29 17:42:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2008.03.29 17:41:54 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2008.03.29 17:41:52 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2008.03.29 17:41:52 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2008.03.21 22:30:08 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.03.21 22:28:54 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008.02.20 12:11:16 | 000,035,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2007.06.28 20:54:10 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007.03.02 05:21:32 | 000,028,614 | R--- | C] () -- C:\WINDOWS\System32\t3.ini
[2007.03.01 04:59:38 | 000,007,404 | R--- | C] () -- C:\WINDOWS\sfsyn.ini
[2006.02.15 08:05:10 | 000,000,049 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2005.12.31 16:19:08 | 001,097,728 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.12.31 16:13:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.11.30 13:49:56 | 000,161,792 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll

========== LOP Check ==========

[2009.12.05 11:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BioWare
[2009.11.05 11:37:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.02.26 11:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts Inc
[2009.11.05 10:51:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.05.21 14:46:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.05.20 16:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.05.20 16:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2010.05.20 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.01.18 14:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2009.11.19 18:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2009.11.07 18:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.06.09 08:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2010.06.06 19:17:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WOP
[2010.04.08 18:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\2K Sports
[2009.12.16 11:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Bioshock
[2010.02.26 12:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Command and Conquer 4 Beta
[2009.11.05 12:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\DAEMON Tools Lite
[2009.11.16 19:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\DC++
[2009.12.02 21:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\GetRightToGo
[2010.06.06 23:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\HLSW
[2010.04.17 13:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Leadertech
[2009.12.05 21:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mount&Blade
[2010.04.04 07:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mount&Blade Warband
[2010.05.21 18:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Nokia
[2010.06.03 17:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\PC Suite
[2010.02.19 10:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\runic games
[2009.11.19 18:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Sports Interactive
[2010.02.27 12:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\The Creative Assembly
[2010.03.30 22:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\TS3Client
[2010.04.17 10:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Ubisoft

========== Purity Check ==========
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#5 Příspěvek od vyosek »

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"LDM" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -- [2009.11.04 12:05:55 | 000,032,768 | ---- | M] (Logitech)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"RGSC" = C:\games\GTA 4\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe /silent -- File not found
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"" =
"NokiaOviSuite2" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray -- [2010.02.24 21:17:04 | 000,385,928 | ---- | M] (Nokia)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.11.11 10:57:36 | 001,451,520 | ---- | M] (Nokia)

< c:\windows\*.* /U >
[9 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.04.08 18:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\2K Sports
[2010.05.29 16:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Adobe
[2009.12.26 16:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Ahead
[2009.12.16 11:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Bioshock
[2010.02.26 12:01:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Command and Conquer 4 Beta
[2010.01.21 01:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Creative
[2010.05.29 14:13:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\CyberLink
[2009.11.05 12:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\DAEMON Tools Lite
[2009.11.16 19:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\DC++
[2010.05.31 22:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\DivX
[2009.12.02 21:32:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\GetRightToGo
[2010.01.15 15:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Hamachi
[2009.12.21 17:22:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Help
[2010.06.06 23:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\HLSW
[2009.11.04 10:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Identities
[2009.11.04 10:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\InstallShield
[2010.06.06 15:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\InstallShield Installation Information
[2010.04.17 13:04:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Leadertech
[2009.11.04 12:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Logitech
[2010.05.29 16:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Macromedia
[2010.01.13 17:54:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Dahed\Data aplikací\Microsoft
[2009.11.28 16:02:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Microsoft Games
[2010.04.05 14:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\mIRC
[2009.12.05 21:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mount&Blade
[2010.04.04 07:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mount&Blade Warband
[2009.11.05 10:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla
[2010.05.21 18:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Nokia
[2010.04.04 08:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\NVIDIA
[2010.06.03 17:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\PC Suite
[2010.02.19 10:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\runic games
[2009.12.05 17:27:40 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Dahed\Data aplikací\SecuROM
[2009.11.19 18:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Sports Interactive
[2009.11.28 18:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Sun
[2010.05.31 19:16:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\teamspeak2
[2010.02.27 12:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\The Creative Assembly
[2010.03.30 22:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\TS3Client
[2010.04.17 10:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Ubisoft
[2010.02.15 23:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Ventrilo
[2009.11.05 11:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\WinRAR
[2010.06.12 23:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Dahed\Data aplikací\Xfire

< %APPDATA%\*.exe /s >
[2010.06.06 15:11:17 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Documents and Settings\Dahed\Data aplikací\InstallShield Installation Information\{6530FDAA-5B1F-4830-95BB-650E9804D239}\setup.exe
[2009.12.02 23:34:16 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe


< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.12.05 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.12.05 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2002.12.05 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2002.12.05 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 23:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.04 00:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: ISAPNP.SYS >
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.11.07 12:06:27 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2002.12.05 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVGTS.SYS >
[2007.08.09 05:11:40 | 000,102,400 | R--- | M] () MD5=EBA187BDAE44FD4CCEA06AB89F106288 -- C:\WINDOWS\system32\drivers\nvgts.sys
[2007.08.09 05:11:40 | 000,102,400 | R--- | M] (NVIDIA Corporation) MD5=FA740E97A0FE36E368C2299D9F3C01C1 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\nvgts.sys

< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.11.05 11:37:52 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.11.04 11:43:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.11.04 11:43:27 | 000,630,784 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.11.04 11:43:27 | 000,450,560 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.10 11:35:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2010.06.10 07:25:45 | 000,273,376 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.06.12 23:09:35 | 000,276,202 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.06.10 07:13:25 | 000,078,224 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.06.10 07:13:26 | 000,067,620 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.06.10 07:13:26 | 000,429,376 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.06.10 07:13:26 | 000,432,844 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.06.10 07:13:25 | 000,979,852 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#6 Příspěvek od vyosek »

OTL Extras logfile created on: 12.6.2010 23:14:17 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Dahed\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 273,12 Gb Free Space | 58,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KUDRNA
Current User Name: Dahed
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Program Files\HLSW\hlsw.exe" = C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\games\Call of Duty 2\CoD2MP_s.exe" = C:\games\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\games\World of Warcraft\WoW-3.2.0-enGB-downloader.exe" = C:\games\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\games\World of Warcraft\Launcher.exe" = C:\games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"C:\games\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = C:\games\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = C:\games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = C:\games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Garena\Garena.exe" = C:\Program Files\Garena\Garena.exe:*:Enabled:Garena -- File not found
"C:\games\Modern Warfare 2\iw4mp.exe" = C:\games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp -- File not found
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\DC++\DCPlusPlus.exe" = C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++ -- File not found
"C:\games\Age Of Empires 2\Age of Empires II\Age2_x1\Age2_x1.exe" = C:\games\Age Of Empires 2\Age of Empires II\Age2_x1\Age2_x1.exe:*:Enabled:Age of Empires II Expansion -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\games\GTA 4\Grand Theft Auto IV\GTAIV.exe" = C:\games\GTA 4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- File not found
"C:\games\Order Of War\oow_final_dx9.exe" = C:\games\Order Of War\oow_final_dx9.exe:*:Enabled:ORDER OF WAR -- File not found
"C:\games\GTA2\gta2.exe" = C:\games\GTA2\gta2.exe:*:Enabled:GTA2 main executable -- File not found
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:PowerDVD 9.0 -- File not found
"C:\Documents and Settings\Dahed\Local Settings\Temp\39322c61a58a45f98e6719304b896059\RelicDownloader.exe" = C:\Documents and Settings\Dahed\Local Settings\Temp\39322c61a58a45f98e6719304b896059\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager -- File not found
"C:\games\FlatOut 2\flatout2.exe" = C:\games\FlatOut 2\flatout2.exe:*:Enabled:flatout2 -- File not found
"C:\games\Hidden & Dangerous 2\HD2_SabreSquadron.exe" = C:\games\Hidden & Dangerous 2\HD2_SabreSquadron.exe:*:Enabled:HD2_SabreSquadron -- File not found
"C:\games\Hidden & Dangerous 2\HD2DS_SabreSquadron.exe" = C:\games\Hidden & Dangerous 2\HD2DS_SabreSquadron.exe:*:Enabled:HD2DS_SabreSquadron -- File not found
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\games\Neverwinter Nights 2\nwn2main.exe" = C:\games\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main -- File not found
"C:\games\Neverwinter Nights 2\nwn2main_amdxp.exe" = C:\games\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD -- File not found
"C:\games\Neverwinter Nights 2\nwupdate.exe" = C:\games\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater -- File not found
"C:\games\Neverwinter Nights 2\nwn2server.exe" = C:\games\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server -- File not found
"C:\games\Call of Duty\CoDMP.exe" = C:\games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP -- File not found
"C:\games\Call of Duty\CoDUOMP.exe" = C:\games\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP -- File not found
"C:\games\Worms 4 Mayhem Courage09\WORMS 4 MAYHEM.EXE" = C:\games\Worms 4 Mayhem Courage09\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem -- File not found
"C:\games\East India Company Unleashed Edition\trafalgar.exe" = C:\games\East India Company Unleashed Edition\trafalgar.exe:*:Enabled:East India Company Application -- File not found
"C:\games\East India Company Unleashed Edition\privateer.exe" = C:\games\East India Company Unleashed Edition\privateer.exe:*:Enabled:East India Company Application -- File not found
"C:\games\East India Company Unleashed Edition\LAN\EICServer.exe" = C:\games\East India Company Unleashed Edition\LAN\EICServer.exe:*:Enabled:EICLANServer Application -- File not found
"C:\games\GM10\hl2.exe" = C:\games\GM10\hl2.exe:*:Enabled:hl2 -- File not found
"C:\games\TrackMania Nations ESWC Special Edition\TmNationsESWC.exe" = C:\games\TrackMania Nations ESWC Special Edition\TmNationsESWC.exe:*:Enabled:TmNationsESWC -- File not found
"C:\games\Starship Troopers\STGame.exe" = C:\games\Starship Troopers\STGame.exe:*:Enabled:Starship Troopers Euro1 -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\games\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe" = C:\games\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA -- File not found
"C:\games\Battlefield Bad Company 2 - BETA\BFBC2Game.exe" = C:\games\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA -- File not found
"C:\games\Command & Conquer 4 Beta\Data\rts-final.exe" = C:\games\Command & Conquer 4 Beta\Data\rts-final.exe:*:Enabled:Command & Conquer™ 4 Beta -- File not found
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe" = C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe:*:Disabled:Relic Patch Download Manager -- (THQ Canada Inc.)
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe" = C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes: Tales of Valor -- (THQ Canada Inc.)
"C:\games\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\games\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\games\Battlefield Bad Company 2\BFBC2Game.exe" = C:\games\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2 -- (EA Digital Illusions CE AB)
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"C:\games\MLB 2K10\mlb2k10.exe" = C:\games\MLB 2K10\mlb2k10.exe:*:Enabled:2K Sports Major League Baseball 2K10 -- File not found
"C:\games\FIFA 09\FIFA09.exe" = C:\games\FIFA 09\FIFA09.exe:*:Enabled:FIFA09 -- File not found
"C:\games\Ghost Recon Advanced Warfighter\GRAW.exe" = C:\games\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW -- File not found
"C:\games\Medal of Honor Pacific Assault(tm)\mohpa.exe" = C:\games\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm) -- File not found
"C:\games\Order Of War\oow_final_dx10.exe" = C:\games\Order Of War\oow_final_dx10.exe:*:Enabled:ORDER OF WAR -- File not found
"C:\games\Joint Task Force\jtf.exe" = C:\games\Joint Task Force\jtf.exe:*:Enabled:jtf -- File not found
"C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe" = C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe:*:Enabled:Napoleon: Total War -- (The Creative Assembly Ltd)
"C:\games\Football Manager 2010\fm.exe" = C:\games\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010 -- File not found
"C:\games\StarCraft II Beta\StarCraft II.exe" = C:\games\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher -- File not found
"C:\games\StarCraft II Beta\Versions\Base15343\SC2.exe" = C:\games\StarCraft II Beta\Versions\Base15343\SC2.exe:*:Enabled:StarCraft II -- File not found
"C:\games\The Scourge Project - Episode 1 and 2\Binaries\Win32\ScourgeGame.exe" = C:\games\The Scourge Project - Episode 1 and 2\Binaries\Win32\ScourgeGame.exe:*:Enabled:The Scourge Project: Ep 1 and 2 -- File not found
"C:\games\FIFA Online\NFE.exe" = C:\games\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online -- (Electronic Arts)
"C:\Documents and Settings\Dahed\Local Settings\Apps\2.0\798A24LN.DJD\2XB7LMPC.Y2C\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe" = C:\Documents and Settings\Dahed\Local Settings\Apps\2.0\798A24LN.DJD\2XB7LMPC.Y2C\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)
"C:\games\Half-Life\hl.exe" = C:\games\Half-Life\hl.exe:*:Enabled:Half-Life Launcher -- File not found
"C:\games\Alien Breed Impact\Binaries\AlienBreed-Impact.exe" = C:\games\Alien Breed Impact\Binaries\AlienBreed-Impact.exe:*:Enabled:Alien Breed Impact -- File not found
"C:\games\Ultima Online Mondain's Legacy\client.exe" = C:\games\Ultima Online Mondain's Legacy\client.exe:*:Enabled:Ultima Online Client -- (Electronic Arts)
"C:\games\Incubation\Incubation TWM\Incubation.exe" = C:\games\Incubation\Incubation TWM\Incubation.exe:*:Enabled:Incubation -- File not found
"C:\games\Wings of Prey\aces.exe" = C:\games\Wings of Prey\aces.exe:*:Enabled:Wings of Prey -- File not found
"C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe" = C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe:*:Enabled:Warhammer® 40,000™: Dawn of War® II -- (THQ Canada Inc.)
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- (Ubisoft)
"C:\games\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe" = C:\games\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe:*:Enabled:The Settlers 7 - Paths to a Kingdom -- (Blue Byte GmbH)
"C:\Program Files\Steam\steamapps\dahed711\day of defeat source\hl2.exe" = C:\Program Files\Steam\steamapps\dahed711\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}" = Sound Blaster X-Fi
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}" = EA SPORTS(TM) FIFA Online
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B3332FCA-3B51-4053-8C2D-9F7ACFE6065A}" = Wocarson Windows Genuine Advantage Validation v1.9.9.1 Cracked V2
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C10D6AB8-05BB-422D-AAE3-36D6E0381487}" = ESET NOD32 Antivirus
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{DF7B213D-2065-41ED-BB51-7A3EED31EA7B}" = Ultima Online: Mondain's Legacy
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age Of Empires II(All in One)" = Age Of Empires II(All in One)
"CDA Converter Plus" = CDA Converter Plus
"Cole2k Media - Codec Pack" = Cole2k Media - Codec Pack (Advanced) 7.1.0
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"CyberLink PowerDVD 9.0.1501" = CyberLink PowerDVD 9.0.1501 CZ
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Eset NOD32 v3.0.642 FiX1.2 by TemDono_is1" = NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up
"GameParkClient_is1" = GamePark
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.2.1
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}" = Call of Duty(R) - World at War(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"pinger1.0" = pinger
"PokerStars" = PokerStars
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Sierra Utilities" = Sierra Utilities
"Steam App 15620" = Warhammer 40,000: Dawn of War II
"Steam App 20540" = Company of Heroes: Tales of Valor
"Steam App 300" = Day of Defeat: Source
"Steam App 34030" = Napoleon: Total War
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"World of Warcraft" = World of Warcraft
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Xfire" = Xfire (remove only)
"XP Codec Pack" = XP Codec Pack
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Aliens vs Predator" = Aliens vs Predator
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"QIP 2005" = QIP 2005 8095

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10.6.2010 1:04:07 | Computer Name = KUDRNA | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 10.6.2010 1:04:07 | Computer Name = KUDRNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 8007041F z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 10.6.2010 1:26:18 | Computer Name = KUDRNA | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 10.6.2010 1:26:19 | Computer Name = KUDRNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 8007041F z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 10.6.2010 5:48:50 | Computer Name = KUDRNA | Source = MsiInstaller | ID = 1013
Description = Produkt: NVIDIA PhysX -- Installation terminated

Error - 11.6.2010 3:13:32 | Computer Name = KUDRNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 8007041F z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 12.6.2010 0:49:54 | Computer Name = KUDRNA | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 12.6.2010 0:49:54 | Computer Name = KUDRNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 8007041F z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

Error - 12.6.2010 17:10:03 | Computer Name = KUDRNA | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil

Error - 12.6.2010 17:10:03 | Computer Name = KUDRNA | Source = EventSystem | ID = 4609
Description = Systém událostí modelu COM+ zjistil při vnitřním zpracovávání chybný
návratový kód. Hodnota HRESULT byla 8007041F z řádku 44 v d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.Obraťte
se na služby odborné pomoci společnosti Microsoft a informujte je o této chyb

[ System Events ]
Error - 12.6.2010 8:30:09 | Computer Name = KUDRNA | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 12.6.2010 11:12:59 | Computer Name = KUDRNA | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 12.6.2010 14:51:11 | Computer Name = KUDRNA | Source = Service Control Manager | ID = 7034
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 12.6.2010 17:09:54 | Computer Name = KUDRNA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Eset Nod32 Boot.

Error - 12.6.2010 17:09:54 | Computer Name = KUDRNA | Source = Service Control Manager | ID = 7000
Description = Služba Eset Nod32 Boot neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 12.6.2010 17:10:03 | Computer Name = KUDRNA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1055 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12.6.2010 17:10:03 | Computer Name = KUDRNA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1055 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 12.6.2010 17:10:03 | Computer Name = KUDRNA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1055 při pokusu o spuštění služby ServiceLayer
s argumenty za účelem spuštění serveru: {ACF50018-41F8-476D-85FD-CD953DAE4A49}

Error - 12.6.2010 17:10:03 | Computer Name = KUDRNA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1055 při pokusu o spuštění služby winmgmt
s argumenty za účelem spuštění serveru: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error - 12.6.2010 17:10:04 | Computer Name = KUDRNA | Source = Service Control Manager | ID = 7034
Description = Služba LogMeIn Hamachi 2.0 Tunneling Engine byla neočekávaně ukončena.
Tento stav nastal již 1krát.


< End of report >
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#7 Příspěvek od vyosek »

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=2&q="
[2010.04.29 12:07:10 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\daemon-search.xml
[2009.11.05 11:00:12 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\qipsearch.xml
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [RGSC] C:\games\GTA 4\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\FIFA 09 Registration.lnk = C:\games\FIFA 09\Support\EAregister.exe File not found
O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms EiB.LNK = C:\games\BrothersInArmsEiB\Support\Register\RegistrationReminder.exe File not found
O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Ghost Recon Advanced Warfighter.LNK = C:\games\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe File not found
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[2010.06.10 11:48:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP
[2010.06.06 15:11:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=-
""=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3724:TCP"=-

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
Dahed
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 12 čer 2010 20:11

Re: Kontrola

#8 Příspěvek od Dahed »

All processes killed
Error: Unable to interpret <otl> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found> in the current context!
Error: Unable to interpret <IE - HKU\S-1-5-21-1547161642-789336058-725345543-1003\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "QIP Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="> in the current context!
Error: Unable to interpret <[2010.04.29 12:07:10 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\daemon-search.xml> in the current context!
Error: Unable to interpret <[2009.11.05 11:00:12 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\qipsearch.xml> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [KernelFaultCheck] File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [nwiz] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [] File not found> in the current context!
Error: Unable to interpret <O4 - HKU\S-1-5-21-1547161642-789336058-725345543-1003..\Run: [RGSC] C:\games\GTA 4\Grand Theft Auto IV\Rockstar Games Social Club\RGSCLauncher.exe File not found> in the current context!
Error: Unable to interpret <O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\FIFA 09 Registration.lnk = C:\games\FIFA 09\Support\EAregister.exe File not found> in the current context!
Error: Unable to interpret <O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms EiB.LNK = C:\games\BrothersInArmsEiB\Support\Register\RegistrationReminder.exe File not found> in the current context!
Error: Unable to interpret <O4 - Startup: C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Ghost Recon Advanced Warfighter.LNK = C:\games\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe File not found> in the current context!
Error: Unable to interpret <O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <[2010.06.10 11:48:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP> in the current context!
Error: Unable to interpret <[2010.06.06 15:11:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP> in the current context!
Error: Unable to interpret <[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context!
Error: Unable to interpret <[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context!
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002320_.tmp moved successfully.
C:\WINDOWS\005597_.tmp moved successfully.
C:\WINDOWS\1C4551A64743409391E41477CD655043.TMP folder moved successfully.
C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP367.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP491.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A4.tmp folder moved successfully.
C:\WINDOWS\Installer\MSIC129.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\OLD3A.tmp moved successfully.
C:\WINDOWS\system32\tmp70.tmp moved successfully.
C:\WINDOWS\Temp\7lyvzxws.TMP moved successfully.
C:\WINDOWS\Temp\HTT1410.tmp moved successfully.
C:\WINDOWS\Temp\HTT146E.tmp moved successfully.
C:\WINDOWS\Temp\NODC3A6.tmp moved successfully.
C:\WINDOWS\Temp\NSF10.tmp moved successfully.
C:\WINDOWS\Temp\NSF21.tmp moved successfully.
C:\WINDOWS\Temp\NSF4F8B.tmp moved successfully.
C:\WINDOWS\Temp\NSF61.tmp moved successfully.
C:\WINDOWS\Temp\NUP20.tmp moved successfully.
C:\WINDOWS\Temp\NUP22.tmp moved successfully.
C:\WINDOWS\Temp\NUP4F8A.tmp moved successfully.
C:\WINDOWS\Temp\NUP4F8C.tmp moved successfully.
C:\WINDOWS\Temp\NUP60.tmp moved successfully.
C:\WINDOWS\Temp\sy9cq9vm.TMP moved successfully.
C:\WINDOWS\Temp\tmp17.tmp moved successfully.
C:\WINDOWS\Temp\WDF2EA5.tmp folder moved successfully.
C:\WINDOWS\Temp\~DFFAE8.tmp moved successfully.
C:\WINDOWS\Temp\~DFFAFA.tmp moved successfully.
C:\WINDOWS\Temp\~DFFE34.tmp moved successfully.
C:\WINDOWS\Temp\~DFFE44.tmp moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3724:TCP deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dahed
->Temp folder emptied: 1713306238 bytes
->Temporary Internet Files folder emptied: 140482157 bytes
->Java cache emptied: 39757568 bytes
->FireFox cache emptied: 97226720 bytes
->Flash cache emptied: 59317 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7222753 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 906,00 mb


[EMPTYFLASH]

User: All Users

User: Dahed
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.6.0 log created on 06132010_174750

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#9 Příspěvek od vyosek »

Nezkopiroval jste cely skript (chybela vam tam horni : u otl), takze jeste jednou spustte se stejnym skriptem a pozor na kopirovani :!:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
Dahed
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 12 čer 2010 20:11

Re: Kontrola

#10 Příspěvek od Dahed »

All processes killed
========== OTL ==========
HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1547161642-789336058-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1547161642-789336058-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1547161642-789336058-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
C:\Documents and Settings\Dahed\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "XfireXO Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\Dahed\Data aplikací\Mozilla\Firefox\Profiles\bkrvurye.default\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1547161642-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-1547161642-789336058-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC not found.
File move failed. C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\FIFA 09 Registration.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms EiB.LNK scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Ghost Recon Advanced Warfighter.LNK scheduled to be moved on reboot.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Folder C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP\ not found.
Folder C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP\ not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3724:TCP not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dahed
->Temp folder emptied: 823674 bytes
->Temporary Internet Files folder emptied: 58460 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36325509 bytes
->Flash cache emptied: 625 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 36,00 mb


[EMPTYFLASH]

User: All Users

User: Dahed
->Flash cache emptied: 0 bytes

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.6.0 log created on 06132010_211208

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\FIFA 09 Registration.lnk not found!
File\Folder C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms EiB.LNK not found!
File\Folder C:\Documents and Settings\Dahed\Nabídka Start\Programy\Po spuštění\Registration Ghost Recon Advanced Warfighter.LNK not found!

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#11 Příspěvek od vyosek »

Dobre rano,

jak se chova PC :???:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
Dahed
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 12 čer 2010 20:11

Re: Kontrola

#12 Příspěvek od Dahed »

Je to lepsi, dekuju moc ... :)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#13 Příspěvek od vyosek »

To rad slysim, predem nemate zac, ale jeste neutikejte :) Ceka nas uklid, kontrola a pripadne nejake musky vychytat...

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC
:arrow: Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za 14 dni

:arrow: Dejte novy log z RSITu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Uživatelský avatar
Dahed
Návštěvník
Návštěvník
Příspěvky: 30
Registrován: 12 čer 2010 20:11

Re: Kontrola

#14 Příspěvek od Dahed »

Logfile of random's system information tool 1.07 (written by random/random)
Run by Dahed at 2010-06-14 18:59:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 309 GB (65%) free of 477 GB
Total RAM: 3071 MB (83% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:48, on 14.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dahed\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Dahed.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [SPIRun] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [Config] C:\games\Age Of Empires 2\Age Of Empires ii\Config.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\PowerDVD9\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST" WISE_SETUP_EXE_PATH="d:\driver\2k_xp\182.50\PhysX_9.09.0203_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

--
End of file - 7076 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\System32\xRaidSetup.exe [2007-05-25 1957888]
"SPIRun"=Rundll32 SPIRun.dll,RunDLLEntry []
"Config"=C:\games\Age Of Empires 2\Age Of Empires ii\Config.exe [2006-07-06 151552]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2007-08-07 200704]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"RemoteControl9"=C:\Program Files\PowerDVD9\PowerDVD9\PDVD9Serv.exe [2009-04-27 87336]
"PDVD9LanguageShortcut"=C:\Program Files\PowerDVD9\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-05-07 75048]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST WISE_SETUP_EXE_PATH=d:\driver\2k_xp\182.50\PhysX_9.09.0203_SystemSoftware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-02-24 385928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dahed^Nabídka Start^Programy^Po spuštění^FIFA 09 Registration.lnk]
C:\games\FIFA 09\Support\EAregister.exe /remind /language=ENB /PRID=ODS:15373.110.Base Product /WHPR=FIFA 09 /PRNM=Electronic Arts Product []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dahed^Nabídka Start^Programy^Po spuštění^Registration Brothers In Arms EiB.LNK]
C:\games\BrothersInArmsEiB\Support\Register\RegistrationReminder.exe -d 804088 -l english -r 7 -g Brothers In Arms EiB -c united -i []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Dahed^Nabídka Start^Programy^Po spuštění^Registration Ghost Recon Advanced Warfighter.LNK]
C:\games\Ghost Recon Advanced Warfighter\Support\Register\RegistrationReminder.exe -d 804208 -l english -r 7 -g Ghost Recon Advanced Warfighter -c us -i 2530 []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\games\Call of Duty 2\CoD2MP_s.exe"="C:\games\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\games\World of Warcraft\WoW-3.2.0-enGB-downloader.exe"="C:\games\World of Warcraft\WoW-3.2.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\games\World of Warcraft\Launcher.exe"="C:\games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\games\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe"="C:\games\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe"="C:\games\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"="C:\games\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\games\Modern Warfare 2\iw4mp.exe"="C:\games\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"C:\games\Age Of Empires 2\Age of Empires II\Age2_x1\Age2_x1.exe"="C:\games\Age Of Empires 2\Age of Empires II\Age2_x1\Age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\games\GTA 4\Grand Theft Auto IV\GTAIV.exe"="C:\games\GTA 4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\games\Order Of War\oow_final_dx9.exe"="C:\games\Order Of War\oow_final_dx9.exe:*:Enabled:ORDER OF WAR"
"C:\games\GTA2\gta2.exe"="C:\games\GTA2\gta2.exe:*:Enabled:GTA2 main executable"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:PowerDVD 9.0"
"C:\Documents and Settings\Dahed\Local Settings\Temp\39322c61a58a45f98e6719304b896059\RelicDownloader.exe"="C:\Documents and Settings\Dahed\Local Settings\Temp\39322c61a58a45f98e6719304b896059\RelicDownloader.exe:*:Enabled:Relic Patch Download Manager"
"C:\games\FlatOut 2\flatout2.exe"="C:\games\FlatOut 2\flatout2.exe:*:Enabled:flatout2"
"C:\games\Hidden & Dangerous 2\HD2_SabreSquadron.exe"="C:\games\Hidden & Dangerous 2\HD2_SabreSquadron.exe:*:Enabled:HD2_SabreSquadron"
"C:\games\Hidden & Dangerous 2\HD2DS_SabreSquadron.exe"="C:\games\Hidden & Dangerous 2\HD2DS_SabreSquadron.exe:*:Enabled:HD2DS_SabreSquadron"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\games\Neverwinter Nights 2\nwn2main.exe"="C:\games\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"C:\games\Neverwinter Nights 2\nwn2main_amdxp.exe"="C:\games\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"C:\games\Neverwinter Nights 2\nwupdate.exe"="C:\games\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"C:\games\Neverwinter Nights 2\nwn2server.exe"="C:\games\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"C:\games\Call of Duty\CoDMP.exe"="C:\games\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\games\Call of Duty\CoDUOMP.exe"="C:\games\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"C:\games\Worms 4 Mayhem Courage09\WORMS 4 MAYHEM.EXE"="C:\games\Worms 4 Mayhem Courage09\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\games\East India Company Unleashed Edition\trafalgar.exe"="C:\games\East India Company Unleashed Edition\trafalgar.exe:*:Enabled:East India Company Application"
"C:\games\East India Company Unleashed Edition\privateer.exe"="C:\games\East India Company Unleashed Edition\privateer.exe:*:Enabled:East India Company Application"
"C:\games\East India Company Unleashed Edition\LAN\EICServer.exe"="C:\games\East India Company Unleashed Edition\LAN\EICServer.exe:*:Enabled:EICLANServer Application"
"C:\games\GM10\hl2.exe"="C:\games\GM10\hl2.exe:*:Enabled:hl2"
"C:\games\TrackMania Nations ESWC Special Edition\TmNationsESWC.exe"="C:\games\TrackMania Nations ESWC Special Edition\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\games\Starship Troopers\STGame.exe"="C:\games\Starship Troopers\STGame.exe:*:Enabled:Starship Troopers Euro1"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\games\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="C:\games\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"C:\games\Battlefield Bad Company 2 - BETA\BFBC2Game.exe"="C:\games\Battlefield Bad Company 2 - BETA\BFBC2Game.exe:*:Enabled:EA Battlefield: Bad Company™ 2 - BETA"
"C:\games\Command & Conquer 4 Beta\Data\rts-final.exe"="C:\games\Command & Conquer 4 Beta\Data\rts-final.exe:*:Enabled:Command & Conquer™ 4 Beta"
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe"="C:\Program Files\Steam\steamapps\common\company of heroes\RelicDownloader\RelicDownloader.exe:*:Disabled:Relic Patch Download Manager"
"C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe"="C:\Program Files\Steam\steamapps\common\company of heroes\RelicCOH.exe:*:Enabled:Company of Heroes: Tales of Valor"
"C:\games\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\games\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\games\Battlefield Bad Company 2\BFBC2Game.exe"="C:\games\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\games\MLB 2K10\mlb2k10.exe"="C:\games\MLB 2K10\mlb2k10.exe:*:Enabled:2K Sports Major League Baseball 2K10"
"C:\games\FIFA 09\FIFA09.exe"="C:\games\FIFA 09\FIFA09.exe:*:Enabled:FIFA09"
"C:\games\Ghost Recon Advanced Warfighter\GRAW.exe"="C:\games\Ghost Recon Advanced Warfighter\GRAW.exe:*:Enabled:GRAW"
"C:\games\Medal of Honor Pacific Assault(tm)\mohpa.exe"="C:\games\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\games\Order Of War\oow_final_dx10.exe"="C:\games\Order Of War\oow_final_dx10.exe:*:Enabled:ORDER OF WAR"
"C:\games\Joint Task Force\jtf.exe"="C:\games\Joint Task Force\jtf.exe:*:Enabled:jtf"
"C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe"="C:\Program Files\Steam\steamapps\common\napoleon total war\Napoleon.exe:*:Enabled:Napoleon: Total War"
"C:\games\Football Manager 2010\fm.exe"="C:\games\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010"
"C:\games\StarCraft II Beta\StarCraft II.exe"="C:\games\StarCraft II Beta\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\games\StarCraft II Beta\Versions\Base15343\SC2.exe"="C:\games\StarCraft II Beta\Versions\Base15343\SC2.exe:*:Enabled:StarCraft II"
"C:\games\The Scourge Project - Episode 1 and 2\Binaries\Win32\ScourgeGame.exe"="C:\games\The Scourge Project - Episode 1 and 2\Binaries\Win32\ScourgeGame.exe:*:Enabled:The Scourge Project: Ep 1 and 2"
"C:\games\FIFA Online\NFE.exe"="C:\games\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online"
"C:\Documents and Settings\Dahed\Local Settings\Apps\2.0\798A24LN.DJD\2XB7LMPC.Y2C\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe"="C:\Documents and Settings\Dahed\Local Settings\Apps\2.0\798A24LN.DJD\2XB7LMPC.Y2C\curs..tion_eee711038731a406_0004.0000_152ef8e82e8f5a48\CurseClient.exe:*:Enabled:Curse Client 4.0"
"C:\games\Half-Life\hl.exe"="C:\games\Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\games\Alien Breed Impact\Binaries\AlienBreed-Impact.exe"="C:\games\Alien Breed Impact\Binaries\AlienBreed-Impact.exe:*:Enabled:Alien Breed Impact"
"C:\games\Ultima Online Mondain's Legacy\client.exe"="C:\games\Ultima Online Mondain's Legacy\client.exe:*:Enabled:Ultima Online Client"
"C:\games\Incubation\Incubation TWM\Incubation.exe"="C:\games\Incubation\Incubation TWM\Incubation.exe:*:Enabled:Incubation"
"C:\games\Wings of Prey\aces.exe"="C:\games\Wings of Prey\aces.exe:*:Enabled:Wings of Prey"
"C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe"="C:\Program Files\Steam\steamapps\common\dawn of war 2\DOW2.exe:*:Enabled:Warhammer® 40,000™: Dawn of War® II"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\games\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe"="C:\games\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\Settlers7R.exe:*:Enabled:The Settlers 7 - Paths to a Kingdom"
"C:\Program Files\Steam\steamapps\dahed711\day of defeat source\hl2.exe"="C:\Program Files\Steam\steamapps\dahed711\day of defeat source\hl2.exe:*:Enabled:Day of Defeat: Source"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-06-14 18:59:42 ----D---- C:\rsit
2010-06-14 18:59:42 ----D---- C:\Program Files\trend micro
2010-06-14 18:54:19 ----D---- C:\Program Files\CCleaner
2010-06-13 17:55:47 ----D---- C:\WINDOWS\pss
2010-06-13 16:56:59 ----D---- C:\Documents and Settings\Dahed\Data aplikací\BlackBean
2010-06-10 11:50:12 ----RA---- C:\WINDOWS\system32\fdco1.dll
2010-06-10 11:47:52 ----D---- C:\WINDOWS\nview
2010-06-10 11:46:37 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2010-06-10 11:46:37 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-06-10 11:46:36 ----RA---- C:\WINDOWS\system32\bdco1.dll
2010-06-10 11:22:12 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-06-10 11:22:12 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-06-10 11:22:12 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-06-10 11:22:12 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-06-10 11:22:11 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-06-10 11:22:11 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-06-10 11:22:11 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-06-10 11:22:11 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-06-10 11:22:11 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-06-10 07:18:24 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-10 07:18:19 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-10 07:18:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-10 07:13:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-10 07:13:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-10 07:13:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-10 07:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-06-06 19:17:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\WOP
2010-06-06 19:01:04 ----A---- C:\WINDOWS\AviSplitter.INI
2010-06-06 15:12:00 ----D---- C:\Documents and Settings\Dahed\Data aplikací\InstallShield Installation Information
2010-06-06 14:39:40 ----D---- C:\WINDOWS\solcache
2010-06-06 14:37:58 ----A---- C:\WINDOWS\system32\SNWValid.dll
2010-06-06 14:37:58 ----A---- C:\WINDOWS\system32\SierraNW.dll
2010-06-06 14:37:54 ----D---- C:\Program Files\Sierra On-Line
2010-06-06 14:37:34 ----A---- C:\WINDOWS\SIERRA.INI
2010-06-06 14:37:31 ----A---- C:\WINDOWS\IsUninst.exe
2010-06-03 19:54:21 ----D---- C:\Program Files\CDA Converter Plus
2010-05-31 19:24:25 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-05-31 19:24:25 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-05-31 19:24:25 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-05-31 19:24:25 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-05-31 19:24:24 ----N---- C:\WINDOWS\system32\px.dll
2010-05-31 19:24:05 ----D---- C:\Program Files\Common Files\DivX Shared
2010-05-31 19:21:43 ----D---- C:\Program Files\DivX
2010-05-31 19:21:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-05-29 16:28:23 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-05-29 16:27:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-05-29 16:27:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-05-29 16:27:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-05-28 11:18:56 ----D---- C:\WINDOWS\system32\Adobe
2010-05-28 02:09:00 ----A---- C:\WINDOWS\system32\xfcodec.dll
2010-05-26 08:26:38 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-21 14:48:07 ----D---- C:\Program Files\Common Files\PCSuite
2010-05-21 14:46:31 ----D---- C:\Program Files\MSXML 4.0
2010-05-20 16:52:26 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-05-20 16:43:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nokia
2010-05-20 16:41:06 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-05-20 16:41:06 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-05-20 16:26:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
2010-05-20 16:15:31 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-05-20 16:15:11 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-05-20 16:15:09 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2010-05-20 16:14:43 ----D---- C:\Documents and Settings\Dahed\Data aplikací\Nokia
2010-05-20 16:14:42 ----D---- C:\Documents and Settings\Dahed\Data aplikací\PC Suite
2010-05-20 16:14:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-05-20 16:14:22 ----D---- C:\Program Files\Common Files\Nokia
2010-05-20 16:14:19 ----D---- C:\Program Files\DIFX
2010-05-20 16:14:06 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-05-20 16:14:05 ----D---- C:\Program Files\Nokia
2010-05-20 16:13:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations

======List of files/folders modified in the last 1 months======

2010-06-14 18:59:43 ----D---- C:\WINDOWS\Temp
2010-06-14 18:59:42 ----RD---- C:\Program Files
2010-06-14 18:59:36 ----D---- C:\WINDOWS\Prefetch
2010-06-14 18:55:57 ----D---- C:\WINDOWS\Minidump
2010-06-14 18:55:57 ----D---- C:\WINDOWS\Debug
2010-06-14 18:55:57 ----D---- C:\WINDOWS
2010-06-14 18:50:47 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-06-14 18:47:32 ----D---- C:\WINDOWS\system32
2010-06-14 18:47:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-14 17:51:54 ----D---- C:\Documents and Settings\Dahed\Data aplikací\Xfire
2010-06-13 21:12:46 ----D---- C:\WINDOWS\system32\Restore
2010-06-13 19:06:46 ----D---- C:\Program Files\Steam
2010-06-13 19:06:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-13 18:05:24 ----D---- C:\games
2010-06-13 17:56:27 ----RASH---- C:\boot.ini
2010-06-13 17:56:27 ----A---- C:\WINDOWS\win.ini
2010-06-13 17:56:27 ----A---- C:\WINDOWS\system.ini
2010-06-13 17:48:05 ----SHD---- C:\WINDOWS\Installer
2010-06-13 17:42:37 ----D---- C:\Documents and Settings\Dahed\Data aplikací\HLSW
2010-06-13 17:05:01 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-06-13 16:19:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-13 15:39:05 ----D---- C:\Program Files\ESET
2010-06-13 11:49:30 ----D---- C:\Program Files\XP Codec Pack
2010-06-13 11:45:00 ----D---- C:\Program Files\Logitech
2010-06-12 23:13:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-12 23:13:00 ----HD---- C:\WINDOWS\inf
2010-06-12 23:13:00 ----D---- C:\WINDOWS\system32\drivers
2010-06-12 23:07:27 ----D---- C:\Image
2010-06-12 22:58:07 ----A---- C:\WINDOWS\wincmd.ini
2010-06-12 17:31:54 ----D---- C:\foto
2010-06-12 07:10:05 ----RSD---- C:\WINDOWS\assembly
2010-06-12 07:09:39 ----D---- C:\WINDOWS\system32\DirectX
2010-06-11 11:11:20 ----D---- C:\WINDOWS\WinSxS
2010-06-11 10:38:11 ----D---- C:\Filmy
2010-06-10 11:55:13 ----D---- C:\WINDOWS\Help
2010-06-10 11:55:13 ----D---- C:\Program Files\NVIDIA Corporation
2010-06-10 11:54:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2010-06-10 11:54:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-10 11:54:22 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-10 11:54:22 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-10 07:35:02 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-10 07:18:19 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-09 08:39:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-06-08 13:03:20 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-06-08 13:03:20 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-06-04 17:23:54 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-03 16:20:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2010-06-03 14:35:10 ----D---- C:\Program Files\Xfire
2010-06-03 14:32:16 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-06-02 20:47:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-06-02 20:45:16 ----SD---- C:\WINDOWS\Tasks
2010-06-02 19:57:54 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-05-31 22:24:52 ----D---- C:\Documents and Settings\Dahed\Data aplikací\DivX
2010-05-31 19:24:05 ----D---- C:\Program Files\Common Files
2010-05-31 19:16:56 ----D---- C:\Documents and Settings\Dahed\Data aplikací\teamspeak2
2010-05-29 16:17:19 ----D---- C:\Documents and Settings\Dahed\Data aplikací\Macromedia
2010-05-29 16:17:19 ----D---- C:\Documents and Settings\Dahed\Data aplikací\Adobe
2010-05-29 16:17:07 ----D---- C:\WINDOWS\system32\Macromed
2010-05-29 14:13:25 ----D---- C:\Documents and Settings\Dahed\Data aplikací\CyberLink
2010-05-29 10:07:51 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-05-29 10:07:51 ----A---- C:\WINDOWS\system32\pbsvc.exe
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-26 08:49:27 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/05/14 08:17:57]; \??\C:\Program Files\PowerDVD9\PowerDVD9\000.fcl []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-11-10 278984]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-11-10 25416]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2002-12-05 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2002-12-05 55936]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\drivers\PfModNT.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys [2005-12-08 142336]
R3 CTUSFSYN;Creative SoundFont Synthesizer; C:\WINDOWS\system32\drivers\ctusfsyn.sys [2007-02-27 171008]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys [2004-12-10 13056]
R3 L8042mou;Logitech SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\L8042mou.Sys [2004-12-10 52992]
R3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LMouKE.Sys [2004-12-10 68992]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-11-17 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-11-17 22016]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\System32\DRIVERS\ctoss2k.sys [2005-12-08 114688]
R3 t3;Sound Blaster X-Fi Xtreme Audio; C:\WINDOWS\system32\drivers\t3.sys [2007-03-02 732672]
R3 t3filt;t3filt; C:\WINDOWS\system32\drivers\t3filt.sys [2007-02-20 1656576]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 a7ukzpfq;a7ukzpfq; C:\WINDOWS\system32\drivers\a7ukzpfq.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Dahed\LOCALS~1\Temp\WKC25EB.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-12 44032]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-05-29 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-13 214520]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-04-27 271760]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2002-12-05 3584]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Kontrola

#15 Příspěvek od vyosek »

:arrow: Spustte HJT a provedeme fixnuti polozek
  • HJT najdete zde C:\Program Files\trend micro\Dahed.exe
  • Otevre se Vam okno, kliknete na Do a system scan only
  • V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
  • R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
    O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
  • Kliknete na Fix checked (vlevo dole)
  • HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo
:arrow: Z logu je patrno, ze nemate aktualni verzi Internet Exploreru - aktualizujte jej :arrow: Po startu se Vam spousti strasne velke mnozstvi zbytecnych programu - na jejich zastaveni muzete pouzit StartUpLite (viz muj podpis) - tim docilite daleko rychlejsiho zpousteni pc

:arrow: Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

:arrow: Pokud nejsou dale s PC problemy a ani dotazy nemate, je to z me strany vse...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“