Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

spravce zařízení

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

spravce zařízení

#1 Příspěvek od brankar »

Tak už zase otravuji :o přišel jsem z práce a syn mi oznámil že nejde zvuk a joystiky na hry a windows je ve verzi 98 stak kouknu do spravce zařízení a tam zcela bílo žadné zařízení je možné že to drží zase nějaky šmejd nebo to syn vypnul že pry se hrabal v nastrojich pro konfiguraci systemu +služby :iefox:

zatím díky :oops:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: spravce zařízení

#2 Příspěvek od motji »

Hezké odpoledne :)

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#3 Příspěvek od brankar »

Dobry den Motji tady je log

OTL logfile created on: 16.6.2010 18:51:49 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 236,00 Mb Available Physical Memory | 46,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 53,15 Gb Free Space | 35,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VLASTN-81FD8C78
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.16 18:48:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
PRC - [2010.02.02 13:42:15 | 000,723,632 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2009.11.20 20:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\opera.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.06.16 18:48:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
MOD - [2010.02.02 13:42:47 | 000,171,552 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2008.04.14 14:00:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.05.03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.02.02 13:42:15 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)


========== Driver Services (SafeList) ==========

DRV - [2010.06.10 10:53:46 | 000,056,788 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kwflower.log -- (kwflower)
DRV - [2010.06.02 20:38:51 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.02.17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010.02.17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010.02.02 13:42:46 | 000,134,344 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2009.10.10 19:15:45 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.15 12:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.03.05 11:32:39 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2008.10.30 11:21:03 | 000,075,072 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008.06.24 10:36:14 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2008.04.13 22:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2007.05.02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.03.01 10:34:22 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.11.23 04:50:50 | 001,410,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.07.15 16:02:41 | 000,056,960 | ---- | M] (OrangeWare Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ousb2hub.sys -- (ousb2hub)
DRV - [2005.07.15 16:02:30 | 000,045,696 | ---- | M] (OrangeWare Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ousbehci.sys -- (ousbehci)
DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.30 17:36:24 | 000,637,713 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004.02.24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2002.12.27 04:41:00 | 000,026,880 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, =


IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A A0 D6 E0 EA 69 CA 01 [binary data]
IE - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2010.06.15 07:24:43 | 000,000,021 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\.DEFAULT\..\Toolbar\webbrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\webbrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} Reg Error: Value error. (Shockwave Flash Object)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\user\Dokumenty\Obrázky\01F1GPAUS3517.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\user\Dokumenty\Obrázky\01F1GPAUS3517.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: HidServ - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.01.24 09:58:29 | 000,000,000 | ---D | M]
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54901231209938944)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.16 18:48:48 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.06.16 16:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.06.15 13:58:28 | 000,000,000 | ---D | C] -- C:\Program Files\Marcos Velasco Security
[2010.06.15 13:58:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Plocha\mvregclean59-br
[2010.06.15 12:52:43 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.06.15 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010.06.15 11:53:27 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.15 11:52:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.06.15 11:49:01 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010.06.15 11:49:01 | 000,017,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010.06.15 11:17:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.06.15 07:27:50 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user\Recent
[2010.06.14 09:55:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2010.06.11 19:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\Flight Simulator X Files
[2010.06.11 19:27:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\Crack
[2010.06.05 11:39:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.06.04 12:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Dokumenty\BLOKOVANI
[2010.06.04 08:41:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Data aplikací\Kerio
[2010.06.02 20:31:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.06.02 20:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
[2010.06.02 16:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\LucasArts
[2010.05.30 20:35:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Samsung_USB_Drivers

========== Files - Modified Within 30 Days ==========

[2010.06.16 18:48:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user\Plocha\OTL.exe
[2010.06.16 17:27:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.16 17:23:32 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\user\ntuser.dat
[2010.06.16 17:23:32 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\user\ntuser.ini
[2010.06.16 16:44:09 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\user\Plocha\EVEREST Home Edition.lnk
[2010.06.16 16:07:46 | 000,000,676 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.06.16 16:07:46 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2010.06.16 16:07:46 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.06.16 15:09:35 | 000,005,335 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.06.16 14:32:41 | 005,302,730 | -H-- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\IconCache.db
[2010.06.16 12:03:08 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.16 12:02:11 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.15 16:24:13 | 000,176,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.15 13:58:29 | 000,000,957 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MV RegClean 5.9.lnk
[2010.06.15 13:57:49 | 001,432,604 | ---- | M] () -- C:\Documents and Settings\user\Plocha\mvregclean59-br.zip
[2010.06.15 12:52:37 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.06.15 12:39:20 | 001,085,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.15 12:39:20 | 000,471,496 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.15 12:39:20 | 000,469,558 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.15 12:39:20 | 000,091,866 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.15 12:39:20 | 000,078,808 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.15 07:24:43 | 000,000,021 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.06.14 08:35:07 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.14 07:40:54 | 000,021,840 | ---- | M] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.06.14 07:40:54 | 000,017,212 | ---- | M] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.06.14 07:40:54 | 000,012,067 | ---- | M] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.06.13 18:37:15 | 000,055,828 | -H-- | M] () -- C:\treeinfo.wc
[2010.06.12 20:11:10 | 000,001,176 | ---- | M] () -- C:\Documents and Settings\user\Plocha\FS Global 2010 Homepage.lnk
[2010.06.12 17:44:55 | 000,000,374 | ---- | M] () -- C:\WINDOWS\cfplogvw.INI
[2010.06.12 15:06:51 | 000,001,787 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Flight Simulator 2004.lnk
[2010.06.12 14:15:44 | 000,041,656 | ---- | M] () -- C:\Documents and Settings\user\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.12 10:42:35 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\user\Dokumenty\spider.sav
[2010.06.08 07:21:17 | 000,000,127 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.06.02 20:38:51 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\drivers\hamachi.sys
[2010.06.02 16:57:29 | 000,000,701 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Launch Star Wars JK Jedi Academy.lnk
[2010.05.31 11:40:52 | 000,000,061 | -HS- | M] () -- C:\WINDOWS\cnerolf.dat
[2010.05.29 10:11:56 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\user\Plocha\Microsoft Office Word 2003.lnk

========== Files Created - No Company Name ==========

[2010.06.16 16:44:09 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\user\Plocha\EVEREST Home Edition.lnk
[2010.06.15 13:58:29 | 000,000,957 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MV RegClean 5.9.lnk
[2010.06.15 13:57:49 | 001,432,604 | ---- | C] () -- C:\Documents and Settings\user\Plocha\mvregclean59-br.zip
[2010.06.15 12:42:28 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.06.15 11:18:11 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.06.14 07:33:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.06.14 07:33:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.06.14 07:33:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.06.12 17:48:41 | 000,001,176 | ---- | C] () -- C:\Documents and Settings\user\Plocha\FS Global 2010 Homepage.lnk
[2010.06.12 15:06:49 | 000,001,787 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Microsoft Flight Simulator 2004.lnk
[2010.06.11 19:32:06 | 001,601,868 | ---- | C] () -- C:\Documents and Settings\user\Dokumenty\Crack.rar
[2010.06.02 16:57:21 | 000,000,701 | ---- | C] () -- C:\Documents and Settings\user\Plocha\Launch Star Wars JK Jedi Academy.lnk
[2010.05.31 11:40:52 | 000,000,061 | -HS- | C] () -- C:\WINDOWS\cnerolf.dat
[2010.05.30 20:34:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010.01.24 09:45:25 | 000,000,620 | ---- | C] () -- C:\WINDOWS\RegGenie.ini
[2010.01.17 17:52:45 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009.12.27 11:26:08 | 000,000,158 | ---- | C] () -- C:\WINDOWS\TSDataEx.ini
[2009.08.23 18:45:12 | 000,000,127 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.07.16 07:49:24 | 000,139,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.27 16:59:51 | 000,000,146 | ---- | C] () -- C:\WINDOWS\cavscan.INI
[2009.06.08 19:08:47 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009.05.20 14:45:42 | 000,000,374 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2009.04.01 14:08:00 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.03.10 11:13:59 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2009.01.27 10:01:15 | 000,000,055 | ---- | C] () -- C:\WINDOWS\cryvideotoavi.ini
[2008.12.27 10:59:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\oodcnt.INI
[2008.12.26 12:13:47 | 000,000,024 | ---- | C] () -- C:\WINDOWS\sysc_drv.ini
[2008.11.29 21:32:55 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wintab32.dll
[2008.10.18 00:27:43 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008.10.18 00:27:38 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.10.18 00:27:38 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.10.18 00:27:37 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.10.18 00:21:07 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.10.17 23:50:39 | 000,006,688 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2008.10.17 23:50:38 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll
[2008.10.17 23:33:54 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008.10.17 23:27:42 | 000,005,335 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.10.15 13:57:54 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\ktzlib80_1.2.3.dll
[2008.01.24 03:49:14 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\fs2cchk4.dll
[2007.06.19 09:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007.04.20 08:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.04.20 08:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2004.06.27 22:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll

========== LOP Check ==========

[2010.06.16 10:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Opera
[2010.03.30 09:13:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KONAMI
[2009.11.22 16:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2010.04.14 12:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.10.21 16:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\2K Sports
[2010.06.04 08:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Kerio
[2009.12.11 13:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Messenger
[2010.01.06 14:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Opera
[2009.11.10 22:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Sports Interactive
[2009.01.02 14:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Summer Athletics 2008
[2009.07.08 19:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\temp
[2010.06.15 12:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\uTorrent

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >
[2008.11.09 19:44:30 | 000,893,096 | ---- | M] (Piriform Ltd) -- C:\ccsetup213_slim.exe
[2004.07.09 04:08:36 | 000,472,576 | ---- | M] (Microsoft Corporation) -- C:\dxsetup.exe

< %ALLUSERSPROFILE%\Application Data\*. >
[2010.02.15 12:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.10.21 16:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\2K Sports
[2008.10.26 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Adobe
[2010.06.02 20:45:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Hamachi
[2008.11.22 20:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Help
[2008.10.17 23:20:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Identities
[2010.02.02 11:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\InstallShield
[2010.06.04 08:41:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Kerio
[2009.04.01 13:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Macromedia
[2009.08.03 16:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Malwarebytes
[2008.10.19 13:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Media Player Classic
[2009.12.11 13:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Messenger
[2010.06.11 18:22:15 | 000,000,000 | --SD | M] -- C:\Documents and Settings\user\Data aplikací\Microsoft
[2010.01.06 14:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Opera
[2009.10.02 14:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Real
[2009.06.08 18:50:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\user\Data aplikací\SecuROM
[2009.11.10 22:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Sports Interactive
[2009.01.02 14:45:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Summer Athletics 2008
[2008.10.19 14:22:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Sun
[2010.04.05 13:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\SUPERAntiSpyware.com
[2009.07.08 19:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\temp
[2010.06.15 12:53:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\uTorrent
[2009.01.27 10:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\vlc
[2008.10.26 07:36:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\WinRAR
[2009.05.12 13:24:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user\Data aplikací\Xfire

< %APPDATA%\*.exe /s >
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ClearMem.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ClickCleaner.exe
[2010.01.24 09:27:58 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ContextMenuManager.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\DesktopCleaner.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\DiskAnalyzer.exe
[2010.01.24 09:27:57 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\DuplicateFilesFinder.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\FileSecurity.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\FileSplitter.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\IconManager.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\IEManager.exe
[2010.01.24 09:27:57 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\JunkFileCleaner.exe
[2010.01.24 09:27:57 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\LiveUpdate.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\OptimizationWizard.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\PrivacyProtector.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ProcessManager.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RegistryCleaner.exe
[2010.01.24 09:27:58 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RegistryDefrag.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RepairCenter.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\RunShortcutCreator.exe
[2010.01.24 09:27:58 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\ServiceManager.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\Shutdown.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\StartupManager.exe
[2010.01.24 09:27:58 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\SystemFolder_msiexec.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\SystemInfo.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\Uninstaller.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\WallpaperChanger.exe
[2010.01.24 09:27:58 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{1043E281-B080-4947-9BD7-3F1D233BF6D2}\WinXP_Manager.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_124305e.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_12db153c.exe
[2010.01.24 08:28:07 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_154754de.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_16496df1.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_18be6784.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_26e91eb.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_294823.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_2cd672ae.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_39b32d12.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_428b26a6.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_440d491c.exe
[2010.01.24 08:28:07 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_45091238.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_4ae13d6c.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_4d064db7.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_5af141bb.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_644366bb.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_69525f90.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_701f5d03.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_74d4dc8.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_7a5a767d.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_7e87390c.exe
[2010.01.24 08:28:07 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_bb32ea6.exe
[2010.01.24 08:28:07 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\user\Data aplikací\Microsoft\Installer\{DE6A7775-D036-4216-AD8A-2ACBAC49F532}\_f3e99.exe


< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\agp440.sys
[2008.04.14 14:00:00 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=06EB0FF1FB2AADA601A08C3D2B47AE3D -- C:\WINDOWS\SoftwareDistribution\Download\24d1fd667c6a6d363e6ced5186970a96\sp2qfe\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=A67498EBA038C2BA4033A1DFEC2EBD4A -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=0B447DAF1EDECFF5ACD1AA74EE2E91BC -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=23AEE32646A4C5BCBA3128C5DFC8781D -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=63ECFA7C4411CF13B2D8EAE3304C6FA0 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.04.20 18:54:50 | 003,608,576 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.04.20 16:39:28 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2009.04.20 18:54:50 | 025,092,096 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.04.20 18:54:50 | 006,029,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.06.15 16:24:13 | 000,176,264 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.06.15 12:39:20 | 000,091,866 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.06.15 12:39:20 | 000,078,808 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.06.15 12:39:20 | 000,469,558 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.06.15 12:39:20 | 000,471,496 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.06.15 12:39:20 | 001,085,402 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.06.14 07:40:54 | 000,012,067 | ---- | M] () -- C:\WINDOWS\system32\SIntf16.dll
[2010.06.14 07:40:54 | 000,017,212 | ---- | M] () -- C:\WINDOWS\system32\SIntf32.dll
[2010.06.14 07:40:54 | 000,021,840 | ---- | M] () -- C:\WINDOWS\system32\SIntfNT.dll
[2010.06.15 12:49:18 | 000,656,788 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2010.06.16 12:03:08 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:63238B95
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#4 Příspěvek od brankar »

OTL Extras logfile created on: 16.6.2010 18:51:49 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\user\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,00 Mb Total Physical Memory | 236,00 Mb Available Physical Memory | 46,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 53,15 Gb Free Space | 35,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VLASTN-81FD8C78
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows -- (Ares Development Group)
"C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2010\fm.exe:*:Disabled:Football Manager 2010 -- (Sports Interactive)
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe" = C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Disabled:Microsoft Flight Simulator -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\opera.exe" = C:\Program Files\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009 -- (Konami Digital Entertainment Co., Ltd.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = CCC
"{06053AB3-B607-B752-3252-4A2EA9E9761E}" = CCC Help Dutch
"{083A7AA2-8871-42B0-8513-7428F44DFC38}" = MariusSoft Disk Scrubber
"{0A9C9BD5-8588-40D4-8A1A-860E3D2ED6EE}" = NBA 2K10
"{0B4A8658-43F1-50CA-AF30-C67E3AE2C9ED}" = CCC Help Greek
"{0CC61470-D776-2353-D5CB-C7BC20204863}" = CCC Help Finnish
"{0DEA94ED-915A-4834-A87E-388D012C8E02}" = Medal of Honor Allied Assault
"{0F55F69B-FB6C-5157-A5DC-B8AC58048A1A}" = ATI Catalyst Install Manager
"{1043E281-B080-4947-9BD7-3F1D233BF6D2}" = WinXP Manager
"{12655AB3-9285-A2F0-5BBC-C5C45E4D718C}" = CCC Help Czech
"{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}" = Star Wars Jedi Knight Jedi Academy
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{24700C01-3A72-29D4-001B-6EE6BF71EB5E}" = CCC Help Korean
"{26262388-95BF-58B0-CD46-A8F957BB67BF}" = Catalyst Control Center Graphics Full Existing
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{329376FB-FB6C-C587-F483-07E3418456F5}" = ccc-utility
"{33A38A8B-9E1E-BCBB-EA87-CE797EC75080}" = CCC Help Chinese Traditional
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369EEB32-64D1-F22A-1B2C-A3E81582E767}" = CCC Help Japanese
"{38AD6EA4-BBC1-4A95-B792-9950D48E2171}" = Kerio Visual C++ 2005 redistributable permanent package
"{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3
"{3FCD8F30-057D-C96F-AEF4-B0D77DE9730C}" = CCC Help Portuguese
"{46605BDE-7F82-DB0F-7906-3279A7E639BE}" = Catalyst Control Center Localization All
"{480A8E00-D808-7D79-977B-CEBBB3BEB409}" = CCC Help French
"{48C7FD10-D6AD-8EE0-2E8E-0480C4EEB1BD}" = Catalyst Control Center HydraVision Full
"{5CA7ABC3-5F89-3A1D-A113-046EA4C7FCEB}" = ccc-core-static
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F77AD48-BA04-F868-2D04-FC1BFF5E00BA}" = Catalyst Control Center Graphics Light
"{7104189A-C592-4A56-AC9E-7C0CA135DA3C}" = AGEIA PhysX v6.10.25
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{788907C5-C83B-9785-A1F0-67050017324E}" = CCC Help Spanish
"{7914BE1E-F186-4790-B8F4-9F63C52A41C1}" = Medal of Honor Allied Assault(tm) Spearhead
"{7F5F1767-88C6-CBFC-5DD3-D853343FD5AE}" = CCC Help German
"{84DE3702-3262-BE38-27E8-5ED423D803C6}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{95053B5A-42E0-830E-85BD-733FAFC28BA7}" = ccc-core-preinstall
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{9B40D533-4F38-893D-EE5A-17226104BBC2}" = Skins
"{9B63540D-D942-4C38-B42E-A48AE0145970}" = Virtua Tennis 3
"{9B94BE6F-7CA3-4C40-A266-62667FF746CC}" = Ovladače ATI
"{A08CB73B-5DEA-185D-5D98-2230004D75ED}" = CCC Help Danish
"{A22D91C3-E7BD-CBEE-7CDC-DE4C42FA27B7}" = CCC Help Hungarian
"{A2A5C34C-BD78-4505-9E57-AFCDF2FB926C}" = Autodesk DWF Writer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8DB611A-D80E-450D-85F6-3ACDD164BE31}" = Pro Evolution Soccer 2009
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD0DD974-ADC2-8C10-DFA6-C1203A6E5106}" = CCC Help Polish
"{B014F739-B305-5319-D996-6612BD60ED74}" = CCC Help Swedish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C570CAF4-D734-5412-C842-9AB150803074}" = Catalyst Control Center Core Implementation
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01F5B2C-2776-6C46-441C-E819C08DF4FF}" = CCC Help Turkish
"{D2FCA53F-F568-D08A-458F-F7C9769A30ED}" = CCC Help Norwegian
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D89B70AB-CF91-36A4-8658-FACA3AF6A654}" = Catalyst Control Center Graphics Previews Common
"{DE6A7775-D036-4216-AD8A-2ACBAC49F532}" = WinXP Manager
"{DF1274DC-02D4-B2D7-6197-5D24E1EF84B1}" = CCC Help Thai
"{E000D42E-5842-20A6-EEB1-6DED8C2746C5}" = CCC Help Italian
"{E7679B31-21F5-4AAE-1620-0DFACF702325}" = Catalyst Control Center Graphics Full New
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F83491F9-7CDF-46A7-9994-9E002CE5CE75}" = CCC Help Russian
"{F85B3B0A-E302-4B67-9220-6B57F075B311}" = ATI Catalyst Control Center
"{F8CCEF4F-6EEF-4B81-B70D-821E72451D93}" = Opera 9.61
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FD1B1980-8CAB-4474-89F8-1245AF657AD1}" = Harry Potter a Princ Dvojí Krve™
"{FDE409B1-1FF3-DC39-083E-C0F4ED496D5E}" = CCC Help English
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"18 Wheels of Steel Pedal to the Metal" = 18 Wheels of Steel Pedal to the Metal
"3D Driving-School" = 3D Driving-School
"7-Zip" = 7-Zip 4.65
"AbsoluteShield File Shredder_is1" = AbsoluteShield File Shredder
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Ares" = Ares 2.1.0
"ATI Display Driver" = ATI Display Driver (Omega 2.6.87)
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner (remove only)
"COMODO Internet Security" = COMODO Internet Security
"Creation Master 10_is1" = Creation Master 10 Release 10.1
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FarmingSimulator2009DE_is1" = Landwirtschafts-Simulator 2009
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Football Manager 2010" = Football Manager 2010
"Free Mp3/Wma/Ogg Converter_is1" = Free Mp3/Wma/Ogg Converter 4.0.1
"FS Global 2010" = FS Global 2010
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.8.5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Midtown Madness Demo" = Microsoft Midtown Madness Trial Version
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV RegClean 5.9_is1" = MV RegClean 5.9
"PowerISO" = PowerISO
"Radeon Omega Drivers for Windows 2k/XPv2.6.87" = Radeon Omega Drivers v2.6.87 Setup Files and Tools
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"Star Wars: Jedi Knight - Jedi Academy CZ" = Star Wars: Jedi Knight - Jedi Academy CZ
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1409082233-1580818891-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Messenger Update" = Messenger Update
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: spravce zařízení

#5 Příspěvek od motji »

Vy jste spouštěli combofix včera?

Zkuste obnovu systému k datu, než se v tom štoural a pak poprosím o nový log z OTL, bez skriptu. Něco pomažeme :) .

:arrow: Start - spustit
-do políčka zkopírujte

Kód: Vybrat vše

%SystemRoot%\System32\restore\rstrui.exe
-enter
-vyberte bod obnovení
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#6 Příspěvek od brankar »

combo fix skoušel prý syn obnovení systemu je jen na dnešek vše vypnul včera

jdu na ten otl nebo ho nemám dělat když neni bod obnovení
Naposledy upravil(a) brankar dne 16 čer 2010 20:50, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: spravce zařízení

#7 Příspěvek od motji »

Počkejte, bez obnovy systému otl nepotřebuji.
Log z combofixu by jste už asi nenašli?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#8 Příspěvek od brankar »

skusím to najit
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#9 Příspěvek od brankar »

mam smůlu nic
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: spravce zařízení

#10 Příspěvek od motji »

Co s Vámi?
Zkuste ty ovladače, co Vám chybí, přeinstalovat. A napište, zda se povedlo.
Pak ještě něco opravíme v OTL, neutíkejte mi :) .
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#11 Příspěvek od brankar »

to otl ted nebo až po ovladačích
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: spravce zařízení

#12 Příspěvek od motji »

Po ovladačích :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#13 Příspěvek od brankar »

tak zatím děkuji :wink:
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: spravce zařízení

#14 Příspěvek od motji »

Zatím není zač :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
brankar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 260
Registrován: 02 srp 2008 18:34

Re: spravce zařízení

#15 Příspěvek od brankar »

dobrý den motji tak nakonec to bylo vyply ve službach asi dostane syn po :boxed: jinak vše zobrazeno
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“