Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s javou a flash playerem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Problém s javou a flash playerem
Dobrý den, mám problém a protože jste mi už kdysi na Vašich stránkách pomohli, obracím se na Vás s důvěrou znovu. Systém Win XP Prof. SP 3, prohlížeč IE 8. Nejdou přehrávat některá videa v odkazích na Netu, požadují Flash player, který však nainstalován je. Nefungují odkazy na některé stránky, především různě loginy a pod. Prostě kliknu levým a místo přesměrování, dojde jen k přepsání stránky s oznámením vlevo dole na liště "hotovo", ale vše zůstane na původní stránce. Podle různých diskuzí na Netu jsem přeinstaloval Flash (aktuální verzi) a pokusil se přeinstalovat Javu, po mnoha pokusech se podařilo starou smazat, ale nová aktuální (jre-6u23-windows-i586.exe) nelze nainstalovat, instalace vždy selže a odešle mě na stránky Javy, kde řeší problémy s instalací (asi 15 bodů), vyzkoušel jsem všechny a nic. Ještě jsem zkusil i přeinstalaci IE. Např. na Vaší stránce mi nefugují smajlíky. Jak říkám, největší problém jsou videa a některé odkazy typu "přihlásit" "zobrazit" a nic se neděje. Problémy spustily, aniž bych zaznamenal nějakou příčinu, neprováděl jsem žádnou výraznější instalaci ani odinstalaci. Zkusil jsem výmazy registrů několika programy, vypnutí firewallu i antiviru, ale nic. Už vážně nevím, co s tím. Díky za odpověď.
Re: Problém s javou a flash playerem
Dobrý večer 
A obnovu systému k datu, kdy bylo vše v pořádku, jste nezkoušel?
A obnovu systému k datu, kdy bylo vše v pořádku, jste nezkoušel?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problém s javou a flash playerem
Nezkoušel. Vím, že něco takového existuje, ale nikdy jsem to nepoužil. Můžete mi poradit, kde to najdu a jak to provedu? Jde jen o to, že se mi nechce trávit 2 hodiny hledáním. Zatím i tak děkuji.
Re: Problém s javou a flash playerem
Start - spustit -do políčka zkopírujte
Kód: Vybrat vše
%SystemRoot%\System32\restore\rstrui.exe-vyberte bod obnovení
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problém s javou a flash playerem
No, tak další prekérka, nejde to vůbec spustit. Objeví se pouze prázdné bílé okno a neděje se vůbec nic. Zkoušel jsem vícekrát a pořád to samé.
Re: Problém s javou a flash playerem
A měl jste obnovu systému zapnutou?
Zkuste start - nápověda a odborná pomoc - vrátit změny v počítači pomocí obnovy systému.
Zkuste start - nápověda a odborná pomoc - vrátit změny v počítači pomocí obnovy systému.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problém s javou a flash playerem
Problém bude asi větší, než se zdál. Jestli jsem měl nebo neměl spuštěnou obnovu systému vážně netuším, nikdy jsem to nepotřeboval a po pravdě, žil jsem v domnění, že tahle funkce běží automaticky na pozadí systému a vůbec ji nelze vypnout. No, ale to podstatné, nejde spustit ani "Nápověda a odborná pomoc" a dokonce ani položka "Hledat", vždycky jen problikne monitor a nic. Ani jedna z věcí nefunguje. Tak nevím, jestli to nebude větší problém, než "jen" s Javou a Flash playerem. Snad se mi nebortí systém. O PC se starat umít, pochopitelně používám firewall, antivir (Avast) a při každém vypínání PC projíždím i registry (C Cleaner), mažu i cookies a historii Netu. Ještě nikdy mi systém na PC nespadl. Zatím děkuji a přeju hezký večer.
Re: Problém s javou a flash playerem
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problém s javou a flash playerem
Vkládám Vám ty logy, musím to dát na 2x, protože to obsahuje příliš mnoho znaků. Zatím děkuji.
OTL.TXT:
OTL logfile created on: 13.12.2010 18:39:15 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ales\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75,13 Gb Total Space | 11,88 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 5,74 Gb Free Space | 5,88% Space Free | Partition Type: NTFS
Drive F: | 292,97 Gb Total Space | 116,71 Gb Free Space | 39,84% Space Free | Partition Type: NTFS
Computer Name: DOMA-0909F16251 | User Name: Ales | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.13 18:37:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.06.25 17:38:22 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.11.09 01:23:41 | 000,026,624 | ---- | M] () -- C:\WINDOWS\OETRN.EXE
PRC - [2009.01.21 15:11:36 | 000,184,320 | ---- | M] () -- C:\Program Files\AMT Media Manager\AMTDeviceService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.11.15 15:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2007.06.26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
PRC - [2006.07.31 10:45:10 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.07.31 10:42:58 | 000,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ==========
MOD - [2010.12.13 18:37:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009.11.09 01:23:41 | 000,045,056 | ---- | M] () -- C:\WINDOWS\TRNOEH.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Služba Google Update (gupdate)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.13 06:11:54 | 003,401,016 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009.07.26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva281.sys -- (XDva281)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\sonypvs1.sys -- (sonypvs1)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\CX88TUNE.sys -- (CXTUNE)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cxavxbar.sys -- (CXAVXBAR)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cx88vid.sys -- (CX23880)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010.10.23 22:42:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.02.03 05:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.28 21:19:24 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.12.29 13:09:39 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.09.28 07:57:48 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.09.28 07:57:48 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.21 00:53:36 | 000,093,696 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.05.07 12:21:40 | 004,739,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.03 15:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.11.16 23:22:16 | 000,005,504 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\walvhid.sys -- (vhidmini)
DRV - [2007.09.25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007.08.07 01:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007.07.25 05:43:28 | 000,405,632 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Global/Global TV (Video)
DRV - [2005.09.23 21:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.08.24 14:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.01.06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004.03.08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2001.10.24 11:41:42 | 000,042,432 | ---- | M] (Digi International, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\digirlpt.sys -- (DIGIRPS)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[2010.01.25 00:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Mozilla\Extensions
[2009.01.21 20:05:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ales\Data aplikací\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
O1 HOSTS File: ([2010.06.03 16:32:21 | 000,000,223 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O2 - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AMTDeviceService] C:\Program Files\AMT Media Manager\AMTDeviceService.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE ()
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 267
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108855
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: DiaryOne: Save full text - C:\Program Files\DiaryOne\Script\fullcatcher.htm ()
O8 - Extra context menu item: DiaryOne: Save selected text - C:\Program Files\DiaryOne\Script\catcher.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 7007082390 (WUWebControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.200 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Ales\Data aplikací\lbisov.exe) - C:\Documents and Settings\Ales\Data aplikací\lbisov.exe File not found
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Ales\Data aplikací\ozzfhv.exe) - C:\Documents and Settings\Ales\Data aplikací\ozzfhv.exe File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\cbssreg: DllName - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ales\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ales\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.08 22:18:51 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{15db4fc7-a03e-11dd-9777-001fd085ac5d}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe -- File not found
O33 - MountPoints2\{15db4fc7-a03e-11dd-9777-001fd085ac5d}\Shell\open\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe -- File not found
O33 - MountPoints2\{2d09cd57-c4c9-11de-9a49-001fd085ac5d}\Shell - "" = Autorun
O33 - MountPoints2\{2d09cd57-c4c9-11de-9a49-001fd085ac5d}\Shell\verb\command - "" = C:\WINDOWS\explorer.exe -- [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{3748bf8e-deef-11df-9d06-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{3748bf8e-deef-11df-9d06-001fd085ac5d}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{8bcaf4ce-c6e1-11de-9a52-001fd085ac5d}\Shell - "" = Autorun
O33 - MountPoints2\{8bcaf4ce-c6e1-11de-9a52-001fd085ac5d}\Shell\verb\command - "" = C:\WINDOWS\explorer.exe -- [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{936435d2-f4ad-11de-9ac4-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{936435d2-f4ad-11de-9ac4-001fd085ac5d}\Shell\AutoRun\command - "" = G:\MediaManager.exe -- File not found
O33 - MountPoints2\{936435d7-f4ad-11de-9ac4-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{936435d7-f4ad-11de-9ac4-001fd085ac5d}\Shell\AutoRun\command - "" = I:\MediaManager.exe -- File not found
O33 - MountPoints2\{bfc2436e-c41d-11de-9a45-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{bfc2436e-c41d-11de-9a45-001fd085ac5d}\Shell\AutoRun\command - "" = G:\Install.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Eautorun.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Installer.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\MediaManager.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027075282206720)
========== Files/Folders - Created Within 30 Days ==========
[2010.12.13 18:37:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
[2010.12.12 20:59:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ales\Recent
[2010.12.12 16:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2010.12.12 15:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2010.12.09 22:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.09 21:59:01 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.12.09 21:59:00 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.12.09 21:59:00 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.12.09 21:58:59 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.12.09 21:58:58 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.12.09 21:58:58 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.12.09 21:58:58 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.12.09 21:58:18 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.12.09 21:58:17 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.12.09 21:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.12.09 21:18:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.12.09 19:33:02 | 002,827,728 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player_ax.exe
[2010.12.09 18:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2010.12.09 18:58:25 | 014,989,328 | ---- | C] (Sun Microsystems, Inc. ) -- C:\Documents and Settings\Ales\Plocha\jre-1_5_0-windows-i586.exe
[2010.12.09 18:52:52 | 016,561,952 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Ales\Plocha\jre-6u23-windows-i586.exe
[2010.12.09 18:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinASO
[2010.12.09 18:43:01 | 006,027,712 | ---- | C] (X.M.Y International LLC ) -- C:\Documents and Settings\Ales\Plocha\regopt42.exe
[2010.12.09 18:15:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.12.09 17:39:07 | 002,790,864 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player.exe
[2010.12.05 17:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\DiaryOne
[2010.12.05 17:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\TrayCalendar
[2010.12.05 17:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\Chaos Data
[2010.12.05 17:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Chaos Software
[2010.12.05 17:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\Chaos Software
[2010.12.05 15:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\My Organizer Documents
[2010.12.05 15:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\Konrad Papala
[2010.12.05 15:23:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\EasyAgenda
[2010.12.05 14:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\ZJSoftware
[2010.12.05 14:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\ZJSoftware
[2010.12.05 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\XemiComputers
[2010.12.05 11:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\ERGOM
[2010.12.05 11:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Business Objects
[2010.11.28 10:15:15 | 000,005,600 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WINASPI.DLL
[2010.11.28 10:15:15 | 000,004,672 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WOWPOST.EXE
[2010.11.27 14:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\Electronic Arts
[2010.11.27 01:06:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fireluke
[2008.11.17 11:44:56 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.sys
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.13 18:37:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
[2010.12.13 18:33:09 | 000,001,681 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.12.13 18:13:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.13 17:16:29 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.13 17:16:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.12 19:26:37 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.12 18:18:52 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.12 18:18:52 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Ales\default.pls
[2010.12.12 15:28:37 | 000,002,067 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.12.12 02:36:09 | 000,138,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.12 02:36:04 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.12.12 00:28:47 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2010.12.10 19:53:05 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\Ales\Data aplikací\myMPQ.ini
[2010.12.10 14:46:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.09 22:05:03 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.12.09 22:04:44 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.12.09 20:54:12 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.09 20:54:12 | 000,432,278 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.12.09 20:54:12 | 000,079,242 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.12.09 20:54:12 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.09 19:33:06 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player_ax.exe
[2010.12.09 18:58:25 | 014,989,328 | ---- | M] (Sun Microsystems, Inc. ) -- C:\Documents and Settings\Ales\Plocha\jre-1_5_0-windows-i586.exe
[2010.12.09 18:52:54 | 016,561,952 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Ales\Plocha\jre-6u23-windows-i586.exe
[2010.12.09 18:43:27 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\WinASO Registry Optimizer.lnk
[2010.12.09 18:43:07 | 006,027,712 | ---- | M] (X.M.Y International LLC ) -- C:\Documents and Settings\Ales\Plocha\regopt42.exe
[2010.12.09 17:39:11 | 002,790,864 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player.exe
[2010.12.08 22:27:07 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.12.07 18:40:45 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.05 17:39:00 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\DiaryOne.lnk
[2010.12.05 09:49:13 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\práce a nákupy.xls
[2010.12.05 08:44:25 | 000,290,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.05 01:19:51 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2010.12.04 21:56:34 | 000,010,856 | ---- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.12.03 19:57:25 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\Landi 2003 - jazykový kurz.lnk
[2010.12.03 19:47:17 | 000,004,215 | ---- | M] () -- C:\WINDOWS\ST6UNST.004
[2010.12.03 19:46:43 | 000,475,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010.12.03 19:46:41 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010.12.03 19:11:52 | 000,004,215 | ---- | M] () -- C:\WINDOWS\ST6UNST.003
[2010.12.03 18:47:11 | 000,004,329 | ---- | M] () -- C:\WINDOWS\ST6UNST.002
[2010.12.03 17:15:00 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.11.28 10:19:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.11.18 13:48:29 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.09 22:04:44 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.12.09 18:43:27 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Ales\Plocha\WinASO Registry Optimizer.lnk
[2010.12.05 17:39:00 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Ales\Plocha\DiaryOne.lnk
[2010.12.03 19:57:25 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\Ales\Plocha\Landi 2003 - jazykový kurz.lnk
[2010.12.03 19:46:41 | 000,004,215 | ---- | C] () -- C:\WINDOWS\ST6UNST.004
[2010.12.03 19:11:43 | 000,004,215 | ---- | C] () -- C:\WINDOWS\ST6UNST.003
[2010.12.03 18:46:02 | 004,875,633 | ---- | C] () -- C:\WINDOWS\VBR6.CAB
[2010.12.03 18:46:02 | 000,004,329 | ---- | C] () -- C:\WINDOWS\ST6UNST.002
[2010.10.23 22:31:56 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.10.20 16:11:16 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\avdrn.dat
[2010.10.15 11:15:35 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2010.10.14 12:57:59 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2010.10.03 10:59:45 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\myMPQ.ini
[2010.09.21 22:29:30 | 000,001,172 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.09.21 22:29:29 | 000,000,183 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2010.08.04 10:31:21 | 000,569,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.07.23 12:29:45 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.07.23 12:29:44 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2010.06.23 20:31:45 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2010.06.23 20:31:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2010.03.12 21:55:55 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2010.03.08 04:13:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\docInfo
[2010.03.07 19:51:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010.03.07 19:48:14 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdw.DAT
[2010.03.07 19:48:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\vhosts
[2010.03.02 19:45:49 | 000,000,346 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2010.01.04 19:56:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2009.12.27 09:59:21 | 000,000,305 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.11.09 01:23:41 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2009.11.09 01:23:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2009.11.09 01:22:59 | 000,001,681 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2009.11.09 01:22:58 | 000,002,516 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.11.09 01:22:52 | 000,004,491 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.11.09 01:22:52 | 000,002,067 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2009.11.05 16:13:29 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.11.05 11:17:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2009.10.02 18:16:51 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\inst.exe
[2009.06.02 21:02:23 | 000,000,092 | ---- | C] () -- C:\WINDOWS\SILCOM_P.INI
[2009.03.21 09:53:02 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\591DB075D2.sys
[2009.03.13 20:53:59 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv9869p2now.sys
[2009.03.13 13:51:40 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\vso_ts_preview.xml
[2009.03.08 22:48:23 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\ViewerApp.dat
[2009.02.25 22:12:28 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2009.01.31 16:55:25 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.01.29 17:06:50 | 000,000,208 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.01.22 14:33:19 | 000,001,783 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.27 14:21:09 | 000,000,022 | ---- | C] () -- C:\WINDOWS\pspvc_path.ini
[2008.11.17 11:44:56 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.cat
[2008.11.17 11:44:56 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.inf
[2008.11.17 11:44:56 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.log
[2008.11.02 07:46:45 | 000,000,107 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.11.02 07:46:21 | 000,004,387 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.10.04 13:12:30 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\PnkBstrK.sys
[2008.10.03 18:14:03 | 000,010,856 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008.09.30 18:12:50 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.30 18:12:49 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.28 17:18:15 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008.09.28 07:57:48 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.09.28 07:57:48 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.09.27 22:38:31 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.09.27 19:53:21 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.05.02 19:04:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.05.02 03:33:57 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006.08.16 15:13:34 | 001,382,280 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
[2005.05.29 02:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2004.10.26 23:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004.08.17 16:49:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.06.27 20:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004.06.27 19:15:12 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010.05.01 18:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ace
[2010.10.31 13:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Azureus
[2009.01.21 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Broad Intelligence
[2010.12.05 17:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Chaos Software
[2008.10.22 14:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Command & Conquer 3 Tiberium Wars
[2010.10.23 22:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\DAEMON Tools Lite
[2009.02.08 15:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Desktopicon
[2010.09.21 22:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Disney Interactive Studios
[2010.02.25 22:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Docx2Rtf
[2010.07.23 12:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Download Helper
[2010.12.05 11:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ERGOM
[2009.03.13 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\GetRightToGo
[2008.11.02 07:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Happy Foto
[2009.06.05 06:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ICQ
[2010.12.05 15:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Konrad Papala
[2008.12.08 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Leadertech
[2010.03.07 19:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nikon
[2009.09.12 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nokia
[2010.02.25 22:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\NwDocx
[2009.01.30 23:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\PC Suite
[2010.06.26 23:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\proDAD
[2009.10.23 17:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sony
[2010.11.02 19:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\SPORE
[2010.01.27 19:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Teleca
[2010.12.05 17:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TrayCalendar
[2009.11.01 13:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TuneUp Software
[2010.05.29 21:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ubisoft
[2010.12.13 18:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\uTorrent
[2009.04.27 16:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\VitySoft
[2010.10.27 14:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Vso
[2010.12.05 13:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\XemiComputers
[2010.12.05 14:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ZJSoftware
[2010.10.24 11:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2009.06.05 20:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.26 09:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.12.05 17:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Chaos Software
[2009.07.05 20:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Chat Republic Games
[2009.03.25 17:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2010.10.23 22:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.24 09:52:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\DSS
[2010.01.01 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2010.03.07 19:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2010.05.29 11:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.02.18 16:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.04.19 21:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.05.29 10:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2008.11.07 11:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.26 23:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.06.23 20:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.06.20 13:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.12.12 15:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2010.10.18 17:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2010.04.13 14:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tablet
[2010.12.11 00:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.11.01 13:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.05.29 21:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.10.09 23:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2010.03.07 19:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2009.02.11 12:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.10.28 17:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009.10.28 11:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.12.03 17:15:00 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
OTL.TXT:
OTL logfile created on: 13.12.2010 18:39:15 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ales\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75,13 Gb Total Space | 11,88 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 5,74 Gb Free Space | 5,88% Space Free | Partition Type: NTFS
Drive F: | 292,97 Gb Total Space | 116,71 Gb Free Space | 39,84% Space Free | Partition Type: NTFS
Computer Name: DOMA-0909F16251 | User Name: Ales | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010.12.13 18:37:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.06.25 17:38:22 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.11.09 01:23:41 | 000,026,624 | ---- | M] () -- C:\WINDOWS\OETRN.EXE
PRC - [2009.01.21 15:11:36 | 000,184,320 | ---- | M] () -- C:\Program Files\AMT Media Manager\AMTDeviceService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.16 16:13:00 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2007.11.15 15:55:12 | 002,850,816 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2007.06.26 12:22:42 | 000,081,997 | ---- | M] () -- C:\Program Files\USB TV\EM28XX\BDARemote.exe
PRC - [2006.07.31 10:45:10 | 000,139,264 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006.07.31 10:42:58 | 000,876,544 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ==========
MOD - [2010.12.13 18:37:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009.11.09 01:23:41 | 000,045,056 | ---- | M] () -- C:\WINDOWS\TRNOEH.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate) Služba Google Update (gupdate)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.27 12:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.13 06:11:54 | 003,401,016 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009.07.26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- E:\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\XDva281.sys -- (XDva281)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\sonypvs1.sys -- (sonypvs1)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\CX88TUNE.sys -- (CXTUNE)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cxavxbar.sys -- (CXAVXBAR)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\cx88vid.sys -- (CX23880)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010.10.23 22:42:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.02.26 13:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 13:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 13:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 13:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 13:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 13:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.02.03 05:52:08 | 004,605,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.28 21:19:24 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.12.29 13:09:39 | 000,010,578 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.09.28 07:57:48 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.09.28 07:57:48 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.05.21 00:53:36 | 000,093,696 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.05.07 12:21:40 | 004,739,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.14 00:15:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.04.13 17:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.03 15:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.11.16 23:22:16 | 000,005,504 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\walvhid.sys -- (vhidmini)
DRV - [2007.09.25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007.08.07 01:15:07 | 000,033,052 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007.07.25 05:43:28 | 000,405,632 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Global/Global TV (Video)
DRV - [2005.09.23 21:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.08.24 14:55:48 | 000,066,560 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 15:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.01.06 16:55:38 | 000,009,446 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFDTV\WFIOCTL.sys -- (WFIOCTL)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2004.03.08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2001.10.24 11:41:42 | 000,042,432 | ---- | M] (Digi International, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\digirlpt.sys -- (DIGIRPS)
DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
IE - HKU\S-1-5-21-746137067-1292428093-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[2010.01.25 00:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Mozilla\Extensions
[2009.01.21 20:05:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ales\Data aplikací\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
O1 HOSTS File: ([2010.06.03 16:32:21 | 000,000,223 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O2 - BHO: (DownloadHelper Class) - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files\Common Files\Download Helper\DownloadHelper.dll (IE Download Helper)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AMTDeviceService] C:\Program Files\AMT Media Manager\AMTDeviceService.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [GEST] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE ()
O4 - HKU\S-1-5-21-746137067-1292428093-725345543-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BDARemote.lnk = C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 267
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108855
O7 - HKU\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: DiaryOne: Save full text - C:\Program Files\DiaryOne\Script\fullcatcher.htm ()
O8 - Extra context menu item: DiaryOne: Save selected text - C:\Program Files\DiaryOne\Script\catcher.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 7007082390 (WUWebControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.2.0.200 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Ales\Data aplikací\lbisov.exe) - C:\Documents and Settings\Ales\Data aplikací\lbisov.exe File not found
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Ales\Data aplikací\ozzfhv.exe) - C:\Documents and Settings\Ales\Data aplikací\ozzfhv.exe File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\cbssreg: DllName - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ales\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ales\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.08 22:18:51 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{15db4fc7-a03e-11dd-9777-001fd085ac5d}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe -- File not found
O33 - MountPoints2\{15db4fc7-a03e-11dd-9777-001fd085ac5d}\Shell\open\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe -- File not found
O33 - MountPoints2\{2d09cd57-c4c9-11de-9a49-001fd085ac5d}\Shell - "" = Autorun
O33 - MountPoints2\{2d09cd57-c4c9-11de-9a49-001fd085ac5d}\Shell\verb\command - "" = C:\WINDOWS\explorer.exe -- [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{3748bf8e-deef-11df-9d06-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{3748bf8e-deef-11df-9d06-001fd085ac5d}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{8bcaf4ce-c6e1-11de-9a52-001fd085ac5d}\Shell - "" = Autorun
O33 - MountPoints2\{8bcaf4ce-c6e1-11de-9a52-001fd085ac5d}\Shell\verb\command - "" = C:\WINDOWS\explorer.exe -- [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{936435d2-f4ad-11de-9ac4-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{936435d2-f4ad-11de-9ac4-001fd085ac5d}\Shell\AutoRun\command - "" = G:\MediaManager.exe -- File not found
O33 - MountPoints2\{936435d7-f4ad-11de-9ac4-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{936435d7-f4ad-11de-9ac4-001fd085ac5d}\Shell\AutoRun\command - "" = I:\MediaManager.exe -- File not found
O33 - MountPoints2\{bfc2436e-c41d-11de-9a45-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{bfc2436e-c41d-11de-9a45-001fd085ac5d}\Shell\AutoRun\command - "" = G:\Install.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Eautorun.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Installer.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\MediaManager.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027075282206720)
========== Files/Folders - Created Within 30 Days ==========
[2010.12.13 18:37:34 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
[2010.12.12 20:59:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ales\Recent
[2010.12.12 16:56:50 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2010.12.12 15:27:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2010.12.09 22:00:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.12.09 21:59:01 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.12.09 21:59:00 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.12.09 21:59:00 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.12.09 21:58:59 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.12.09 21:58:58 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.12.09 21:58:58 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.12.09 21:58:58 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.12.09 21:58:18 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.12.09 21:58:17 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.12.09 21:58:12 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.12.09 21:18:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.12.09 19:33:02 | 002,827,728 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player_ax.exe
[2010.12.09 18:59:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\{3248F0A6-6813-11D6-A77B-00B0D0150000}
[2010.12.09 18:58:25 | 014,989,328 | ---- | C] (Sun Microsystems, Inc. ) -- C:\Documents and Settings\Ales\Plocha\jre-1_5_0-windows-i586.exe
[2010.12.09 18:52:52 | 016,561,952 | ---- | C] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Ales\Plocha\jre-6u23-windows-i586.exe
[2010.12.09 18:43:26 | 000,000,000 | ---D | C] -- C:\Program Files\WinASO
[2010.12.09 18:43:01 | 006,027,712 | ---- | C] (X.M.Y International LLC ) -- C:\Documents and Settings\Ales\Plocha\regopt42.exe
[2010.12.09 18:15:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.12.09 17:39:07 | 002,790,864 | ---- | C] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player.exe
[2010.12.05 17:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\DiaryOne
[2010.12.05 17:26:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\TrayCalendar
[2010.12.05 17:23:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\Chaos Data
[2010.12.05 17:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Chaos Software
[2010.12.05 17:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\Chaos Software
[2010.12.05 15:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\My Organizer Documents
[2010.12.05 15:34:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\Konrad Papala
[2010.12.05 15:23:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\EasyAgenda
[2010.12.05 14:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Dokumenty\ZJSoftware
[2010.12.05 14:00:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\ZJSoftware
[2010.12.05 13:33:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\XemiComputers
[2010.12.05 11:55:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Data aplikací\ERGOM
[2010.12.05 11:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\Business Objects
[2010.11.28 10:15:15 | 000,005,600 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WINASPI.DLL
[2010.11.28 10:15:15 | 000,004,672 | ---- | C] (Adaptec) -- C:\WINDOWS\System\WOWPOST.EXE
[2010.11.27 14:18:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\Electronic Arts
[2010.11.27 01:06:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fireluke
[2008.11.17 11:44:56 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.sys
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.13 18:37:34 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ales\Plocha\OTL.exe
[2010.12.13 18:33:09 | 000,001,681 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.12.13 18:13:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.13 17:16:29 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.13 17:16:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.12 19:26:37 | 000,081,920 | ---- | M] () -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.12 18:18:52 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.12 18:18:52 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Ales\default.pls
[2010.12.12 15:28:37 | 000,002,067 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2010.12.12 02:36:09 | 000,138,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.12 02:36:04 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.12.12 00:28:47 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2010.12.10 19:53:05 | 000,000,565 | ---- | M] () -- C:\Documents and Settings\Ales\Data aplikací\myMPQ.ini
[2010.12.10 14:46:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.09 22:05:03 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.12.09 22:04:44 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.12.09 20:54:12 | 000,435,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.12.09 20:54:12 | 000,432,278 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.12.09 20:54:12 | 000,079,242 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.12.09 20:54:12 | 000,068,292 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.12.09 19:33:06 | 002,827,728 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player_ax.exe
[2010.12.09 18:58:25 | 014,989,328 | ---- | M] (Sun Microsystems, Inc. ) -- C:\Documents and Settings\Ales\Plocha\jre-1_5_0-windows-i586.exe
[2010.12.09 18:52:54 | 016,561,952 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Ales\Plocha\jre-6u23-windows-i586.exe
[2010.12.09 18:43:27 | 000,000,833 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\WinASO Registry Optimizer.lnk
[2010.12.09 18:43:07 | 006,027,712 | ---- | M] (X.M.Y International LLC ) -- C:\Documents and Settings\Ales\Plocha\regopt42.exe
[2010.12.09 17:39:11 | 002,790,864 | ---- | M] (Adobe Systems, Inc.) -- C:\Documents and Settings\Ales\Plocha\install_flash_player.exe
[2010.12.08 22:27:07 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.12.07 18:40:45 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.05 17:39:00 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\DiaryOne.lnk
[2010.12.05 09:49:13 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\práce a nákupy.xls
[2010.12.05 08:44:25 | 000,290,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.05 01:19:51 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2010.12.04 21:56:34 | 000,010,856 | ---- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010.12.03 19:57:25 | 000,000,584 | ---- | M] () -- C:\Documents and Settings\Ales\Plocha\Landi 2003 - jazykový kurz.lnk
[2010.12.03 19:47:17 | 000,004,215 | ---- | M] () -- C:\WINDOWS\ST6UNST.004
[2010.12.03 19:46:43 | 000,475,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010.12.03 19:46:41 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010.12.03 19:11:52 | 000,004,215 | ---- | M] () -- C:\WINDOWS\ST6UNST.003
[2010.12.03 18:47:11 | 000,004,329 | ---- | M] () -- C:\WINDOWS\ST6UNST.002
[2010.12.03 17:15:00 | 000,000,388 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.11.28 10:19:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2010.11.18 13:48:29 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[13 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.09 22:04:44 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.12.09 18:43:27 | 000,000,833 | ---- | C] () -- C:\Documents and Settings\Ales\Plocha\WinASO Registry Optimizer.lnk
[2010.12.05 17:39:00 | 000,000,630 | ---- | C] () -- C:\Documents and Settings\Ales\Plocha\DiaryOne.lnk
[2010.12.03 19:57:25 | 000,000,584 | ---- | C] () -- C:\Documents and Settings\Ales\Plocha\Landi 2003 - jazykový kurz.lnk
[2010.12.03 19:46:41 | 000,004,215 | ---- | C] () -- C:\WINDOWS\ST6UNST.004
[2010.12.03 19:11:43 | 000,004,215 | ---- | C] () -- C:\WINDOWS\ST6UNST.003
[2010.12.03 18:46:02 | 004,875,633 | ---- | C] () -- C:\WINDOWS\VBR6.CAB
[2010.12.03 18:46:02 | 000,004,329 | ---- | C] () -- C:\WINDOWS\ST6UNST.002
[2010.10.23 22:31:56 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.10.20 16:11:16 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\avdrn.dat
[2010.10.15 11:15:35 | 000,000,067 | ---- | C] () -- C:\WINDOWS\DVDRegionFree.INI
[2010.10.14 12:57:59 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2010.10.03 10:59:45 | 000,000,565 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\myMPQ.ini
[2010.09.21 22:29:30 | 000,001,172 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.09.21 22:29:29 | 000,000,183 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2010.08.04 10:31:21 | 000,569,896 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.07.23 12:29:45 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.07.23 12:29:44 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\NCMedia2.dll
[2010.06.23 20:31:45 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2010.06.23 20:31:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2010.03.12 21:55:55 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2010.03.08 04:13:39 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\docInfo
[2010.03.07 19:51:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010.03.07 19:48:14 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdw.DAT
[2010.03.07 19:48:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\vhosts
[2010.03.02 19:45:49 | 000,000,346 | ---- | C] () -- C:\WINDOWS\pdf2word.INI
[2010.01.04 19:56:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2009.12.27 09:59:21 | 000,000,305 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.11.09 01:23:41 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2009.11.09 01:23:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2009.11.09 01:22:59 | 000,001,681 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2009.11.09 01:22:58 | 000,002,516 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.11.09 01:22:52 | 000,004,491 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.11.09 01:22:52 | 000,002,067 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2009.11.05 16:13:29 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.11.05 11:17:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2009.10.02 18:16:51 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\inst.exe
[2009.06.02 21:02:23 | 000,000,092 | ---- | C] () -- C:\WINDOWS\SILCOM_P.INI
[2009.03.21 09:53:02 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\591DB075D2.sys
[2009.03.13 20:53:59 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv9869p2now.sys
[2009.03.13 13:51:40 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\vso_ts_preview.xml
[2009.03.08 22:48:23 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\ViewerApp.dat
[2009.02.25 22:12:28 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2009.01.31 16:55:25 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.01.29 17:06:50 | 000,000,208 | ---- | C] () -- C:\WINDOWS\level.ini
[2009.01.22 14:33:19 | 000,001,783 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.27 14:21:09 | 000,000,022 | ---- | C] () -- C:\WINDOWS\pspvc_path.ini
[2008.11.17 11:44:56 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.cat
[2008.11.17 11:44:56 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.inf
[2008.11.17 11:44:56 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\pcouffin.log
[2008.11.02 07:46:45 | 000,000,107 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.11.02 07:46:21 | 000,004,387 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.10.04 13:12:30 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Ales\Data aplikací\PnkBstrK.sys
[2008.10.03 18:14:03 | 000,010,856 | ---- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2008.09.30 18:12:50 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.09.30 18:12:49 | 000,081,920 | ---- | C] () -- C:\Documents and Settings\Ales\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.28 17:18:15 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008.09.28 07:57:48 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.09.28 07:57:48 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.09.27 22:38:31 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.09.27 19:53:21 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.05.02 19:04:19 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.05.02 03:33:57 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006.08.16 15:13:34 | 001,382,280 | ---- | C] () -- C:\WINDOWS\System32\fftw3.dll
[2005.05.29 02:45:43 | 000,647,168 | ---- | C] () -- C:\WINDOWS\System32\pqdvdb.dll
[2004.10.26 23:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004.08.17 16:49:16 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.06.27 20:49:42 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2004.06.27 19:15:12 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010.05.01 18:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ace
[2010.10.31 13:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Azureus
[2009.01.21 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Broad Intelligence
[2010.12.05 17:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Chaos Software
[2008.10.22 14:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Command & Conquer 3 Tiberium Wars
[2010.10.23 22:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\DAEMON Tools Lite
[2009.02.08 15:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Desktopicon
[2010.09.21 22:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Disney Interactive Studios
[2010.02.25 22:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Docx2Rtf
[2010.07.23 12:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Download Helper
[2010.12.05 11:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ERGOM
[2009.03.13 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\GetRightToGo
[2008.11.02 07:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Happy Foto
[2009.06.05 06:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ICQ
[2010.12.05 15:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Konrad Papala
[2008.12.08 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Leadertech
[2010.03.07 19:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nikon
[2009.09.12 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nokia
[2010.02.25 22:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\NwDocx
[2009.01.30 23:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\PC Suite
[2010.06.26 23:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\proDAD
[2009.10.23 17:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sony
[2010.11.02 19:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\SPORE
[2010.01.27 19:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Teleca
[2010.12.05 17:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TrayCalendar
[2009.11.01 13:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TuneUp Software
[2010.05.29 21:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ubisoft
[2010.12.13 18:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\uTorrent
[2009.04.27 16:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\VitySoft
[2010.10.27 14:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Vso
[2010.12.05 13:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\XemiComputers
[2010.12.05 14:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ZJSoftware
[2010.10.24 11:22:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2009.06.05 20:32:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Azureus
[2009.12.26 09:21:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BioWare
[2010.12.05 17:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Chaos Software
[2009.07.05 20:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Chat Republic Games
[2009.03.25 17:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2010.10.23 22:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.24 09:52:31 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\DSS
[2010.01.01 17:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2010.03.07 19:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2010.05.29 11:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.02.18 16:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
[2009.04.19 21:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.05.29 10:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2008.11.07 11:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.06.26 23:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.06.23 20:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.06.20 13:36:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
[2010.12.12 15:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2010.10.18 17:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2010.04.13 14:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tablet
[2010.12.11 00:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.11.01 13:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.05.29 21:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.10.09 23:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2010.03.07 19:48:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2009.02.11 12:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.10.28 17:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009.10.28 11:37:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010.12.03 17:15:00 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
Re: Problém s javou a flash playerem
2.část:
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.07.31 10:45:10 | 000,139,264 | ---- | M] (Nero AG)
"OEXPRESS" = C:\WINDOWS\OETRN.EXE -- [2009.11.09 01:23:41 | 000,026,624 | ---- | M] ()
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.06.25 17:38:22 | 000,039,408 | ---- | M] (Google Inc.)
< c:\windows\*.* /U >
[12 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.05.01 18:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ace
[2008.10.02 16:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Adobe
[2008.10.02 17:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\AdobeUM
[2008.10.01 16:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ahead
[2009.10.29 01:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Apple Computer
[2008.09.27 18:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ATI
[2010.10.31 13:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Azureus
[2009.01.21 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Broad Intelligence
[2010.12.05 17:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Chaos Software
[2008.10.22 14:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Command & Conquer 3 Tiberium Wars
[2010.10.23 22:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\DAEMON Tools Lite
[2009.02.08 15:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Desktopicon
[2010.09.21 22:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Disney Interactive Studios
[2008.09.30 18:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\DivX
[2010.02.25 22:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Docx2Rtf
[2010.07.23 12:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Download Helper
[2010.07.27 18:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\dvdcss
[2010.12.05 11:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ERGOM
[2009.03.13 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\GetRightToGo
[2009.05.15 21:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Google
[2008.12.29 13:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Hamachi
[2008.11.02 07:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Happy Foto
[2008.10.02 17:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Help
[2009.06.05 06:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ICQ
[2008.09.27 18:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Identities
[2008.09.27 18:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\InstallShield
[2010.12.05 15:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Konrad Papala
[2008.12.08 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Leadertech
[2008.09.30 18:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Macromedia
[2009.02.05 21:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Malwarebytes
[2010.09.24 10:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Media Player Classic
[2010.10.09 22:59:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ales\Data aplikací\Microsoft
[2010.01.25 00:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Mozilla
[2008.12.13 10:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nero
[2010.03.07 19:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nikon
[2009.09.12 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nokia
[2010.02.25 22:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\NwDocx
[2009.01.30 23:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\PC Suite
[2010.06.26 23:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\proDAD
[2008.10.03 21:43:31 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Ales\Data aplikací\SecuROM
[2010.11.18 18:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Skype
[2010.11.18 16:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\skypePM
[2009.10.23 17:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sony
[2009.12.24 12:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sony Ericsson
[2010.11.02 19:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\SPORE
[2009.04.27 16:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sun
[2009.03.04 14:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\SUPERAntiSpyware.com
[2008.12.23 23:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\teamspeak2
[2010.01.27 19:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Teleca
[2010.12.05 17:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TrayCalendar
[2009.11.01 13:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TuneUp Software
[2010.05.29 21:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ubisoft
[2010.12.13 18:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\uTorrent
[2009.04.27 16:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\VitySoft
[2010.10.27 14:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Vso
[2010.12.05 13:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\XemiComputers
[2010.12.05 14:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ZJSoftware
< %APPDATA%\*.exe /s >
[2009.10.28 15:11:47 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Ales\Data aplikací\inst.exe
[2008.02.13 11:30:06 | 000,088,576 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Documents and Settings\Ales\Data aplikací\Desktopicon\eBayShortcuts.exe
[2010.03.12 22:34:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{2FB2169F-04D8-FFC0-6A66-80EE652B93A5}\ARPPRODUCTICON.exe
[2009.10.28 23:28:25 | 000,001,150 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\ARPPRODUCTICON.exe
[2009.10.28 23:28:25 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\HUD.exe_84FB24B099734370B1077C38DDF20ABC.exe
[2009.10.28 23:28:25 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\NewShortcut1_84FB24B099734370B1077C38DDF20ABC.exe
[2009.10.28 23:28:25 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\UNINST_Uninstall_Gam_84FB24B099734370B1077C38DDF20ABC.exe
[2009.06.04 20:02:33 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.03 04:40:36 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.10.23 22:42:25 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.10.31 16:00:38 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.10.31 13:37:12 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2009.10.31 16:00:38 | 030,408,704 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.10.31 16:00:38 | 008,126,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.03 04:40:36 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2010.12.12 02:36:09 | 000,138,160 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
< %systemroot%\system32\*.* /3 >
[2010.12.12 00:28:47 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.ex0
[2010.12.12 02:36:04 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2010.12.12 02:36:04 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< >
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:21F11E8D
< End of report >
a tady je EXTRAS.TXT:
OTL Extras logfile created on: 13.12.2010 18:39:15 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ales\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75,13 Gb Total Space | 11,88 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 5,74 Gb Free Space | 5,88% Space Free | Partition Type: NTFS
Drive F: | 292,97 Gb Total Space | 116,71 Gb Free Space | 39,84% Space Free | Partition Type: NTFS
Computer Name: DOMA-0909F16251 | User Name: Ales | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{088C9BEE-CB92-5879-5E38-174426D1F8E6}" = ccc-core-preinstall
"{11439F51-B8D2-4736-9CDF-8889FEBE1029}" = Nero 7 Premium
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1A48AB8A-DA88-545F-9D3D-C481DC6C31A3}" = Catalyst Control Center Graphics Full Existing
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1D44C5C7-FCB6-8732-A960-3E3486661B02}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{212B3742-5B29-B7C3-3973-69EE036E574E}" = Catalyst Control Center Graphics Previews Common
"{257DEF70-A302-CF80-79FE-D8C72EB5E4D0}" = ccc-utility
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{2CF6349E-8A3F-B726-F59A-8703FC8885E8}" = Catalyst Control Center Graphics Light
"{2FB2169F-04D8-FFC0-6A66-80EE652B93A5}" = Catalyst Control Center InstallProxy
"{302126A2-BB96-5931-6249-CAACA2C89AA1}" = ccc-core-static
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4154BF17-EE1F-4F25-9696-2FF191FE0787}" = Organizér
"{428102E6-8A39-48B9-8389-847F5A44A600}" = MSXML 4.0
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54BB0384-1C33-488F-A95B-877E480D3EDC}" = MSXML 4.0
"{5B9EFDF8-AC4F-CA21-9A8C-7534D49E7EE9}" = Catalyst Control Center HydraVision Full
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FDD0A02-A328-BEF2-E2B4-A62965620D09}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.2.9.94
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{80AAD9DF-7E64-40D2-80D2-BECA41593EEB}" = AMT Media Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84FB24B0-9973-4370-B107-7C38DDF20ABC}" = Gamer HUD
"{855AA20A-CA81-7EF1-1936-AE4AA3DC4BEA}" = ccc-core-preinstall
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8AA3831E-91FF-40D1-A800-BB27077A7543}" = Strašpytlík Eso v akci
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93461FB1-59B0-4BF4-A302-537684CF4ED0}" = WinFast TV2000XP Global Driver
"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter a ohnivý pohár™
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{989EC86B-6D10-F330-54C6-352322D8D077}" = Catalyst Control Center Core Implementation
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BB86C70-E1EF-7457-46DC-0093B5269458}" = ATI Catalyst Install Manager
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9DF0D039-BAD2-254D-F54D-99537E86115B}" = CCC Help English
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9867BC9-0EAD-BAC6-C320-4FBC2E127643}" = Catalyst Control Center Core Implementation
"{ABB70F8E-B6BE-43F6-A9A9-46F21C5C22FE}" = Medal of Honor Airborne
"{AC1635BC-63CC-DF13-63BD-3C11B78EC40C}" = Catalyst Control Center Graphics Light
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8035D53-49FB-D8D1-1604-7CD016FE81B5}" = Catalyst Control Center Graphics Full New
"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BFF1715F-F0E5-4FDF-B2CC-FF5B7CC4733A}" = IE Download Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}" = Just Cause 1.00.0000
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E6B5D9-6737-AF3E-7BE5-7327DD6B6002}" = Catalyst Control Center Graphics Previews Common
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4C82E4B-CD9E-27ED-BC6A-E099DE3EC3ED}" = CCC Help English
"{E7231089-60AD-CD67-8CC0-B0F415E2A32A}" = Catalyst Control Center Graphics Full New
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Noční život
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"4U WMA MP3 Converter_is1" = 4U WMA MP3 Converter 5.6.0
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"69083DC58646DE46A09847A522A1CC487F918039" = Balíček ovladače systému Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Balíček ovladače systému Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"D050D7362D214723AD585B541FFB6C11" = DivX Content Uploader
"DiaryOne_is1" = DiaryOne 6.65
"Dostihy 3000 deluxe" = Dostihy 3000 deluxe 1.1
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab Platinum Custom_is1" = DVDFab Platinum 4.0.0.0 Beta Custom by Doc
"Free All to Image Jpg/Jpeg Bmp Tiff Png Converter_is1" = Free All to Image Jpg/Jpeg Bmp Tiff Png Converter 5.1
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameParkClient_is1" = GamePark
"HF_ASISTENT" = Happy Foto HF Asistent (Jen odstranit)
"ie8" = Windows Internet Explorer 8
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Landi 2003 - jazykový kurz" = Landi 2003 - jazykový kurz
"Medal of Honor Airborne" = Medal of Honor Airborne
"MediaCoder" = MediaCoder 0.6.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"PC Translator" = PC Translator
"Photo DVD Maker Professional" = Photo DVD Maker Professional 6.32
"Photo Filter Factory 8.1 : Image Processor 8.1" = Photo Filter Factory 8.1 : Image Processor 8.1
"PhotoFiltre" = PhotoFiltre
"Plants vs. Zombies" = Plants vs. Zombies
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RADVideo" = RAD Video Tools
"ScreenShots" = ScreenShots (pouze odebrat) - nedelej to!
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"The KMPlayer" = The KMPlayer (remove only)
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.1
"uTorrent" = µTorrent
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinASO Registry Optimizer 4.2_is1" = WinASO Registry Optimizer 4.2
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinXMedia DVD Ripper" = WinXMedia DVD Ripper 4.17
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid CZ 1.01_is1" = Xvid CZ 1.01
"XviD4PSP5" = XviD4PSP 5.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4.12.2010 22:38:59 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1435, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.12.2010 5:14:21 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.12.2010 8:45:37 | Computer Name = DOMA-0909F16251 | Source = MsiInstaller | ID = 11706
Description = Product: Organizér -- Error 1706.No valid source could be found for
product Organizér. The Windows Installer cannot continue.
Error - 5.12.2010 8:46:23 | Computer Name = DOMA-0909F16251 | Source = MsiInstaller | ID = 11706
Description = Product: Organizér -- Error 1706.No valid source could be found for
product Organizér. The Windows Installer cannot continue.
Error - 5.12.2010 12:41:42 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace DiaryOne.EXE, verze 2008.1.5.245, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 11.12.2010 20:11:16 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Sims2EP7.exe, verze 1.13.0.135, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 13.12.2010 1:40:24 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 1:40:24 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%3
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Video Capture. neuspěla při spuštění v
důsledku následující chyby: %%2
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Crossbar. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%3
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Video Capture. neuspěla při spuštění v
důsledku následující chyby: %%2
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Crossbar. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%3
< End of report >
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2006.07.31 10:45:10 | 000,139,264 | ---- | M] (Nero AG)
"OEXPRESS" = C:\WINDOWS\OETRN.EXE -- [2009.11.09 01:23:41 | 000,026,624 | ---- | M] ()
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.06.25 17:38:22 | 000,039,408 | ---- | M] (Google Inc.)
< c:\windows\*.* /U >
[12 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.05.01 18:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ace
[2008.10.02 16:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Adobe
[2008.10.02 17:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\AdobeUM
[2008.10.01 16:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ahead
[2009.10.29 01:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Apple Computer
[2008.09.27 18:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ATI
[2010.10.31 13:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Azureus
[2009.01.21 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Broad Intelligence
[2010.12.05 17:23:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Chaos Software
[2008.10.22 14:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Command & Conquer 3 Tiberium Wars
[2010.10.23 22:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\DAEMON Tools Lite
[2009.02.08 15:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Desktopicon
[2010.09.21 22:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Disney Interactive Studios
[2008.09.30 18:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\DivX
[2010.02.25 22:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Docx2Rtf
[2010.07.23 12:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Download Helper
[2010.07.27 18:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\dvdcss
[2010.12.05 11:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ERGOM
[2009.03.13 13:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\GetRightToGo
[2009.05.15 21:59:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Google
[2008.12.29 13:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Hamachi
[2008.11.02 07:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Happy Foto
[2008.10.02 17:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Help
[2009.06.05 06:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ICQ
[2008.09.27 18:05:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Identities
[2008.09.27 18:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\InstallShield
[2010.12.05 15:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Konrad Papala
[2008.12.08 23:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Leadertech
[2008.09.30 18:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Macromedia
[2009.02.05 21:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Malwarebytes
[2010.09.24 10:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Media Player Classic
[2010.10.09 22:59:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ales\Data aplikací\Microsoft
[2010.01.25 00:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Mozilla
[2008.12.13 10:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nero
[2010.03.07 19:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nikon
[2009.09.12 10:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Nokia
[2010.02.25 22:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\NwDocx
[2009.01.30 23:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\PC Suite
[2010.06.26 23:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\proDAD
[2008.10.03 21:43:31 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Ales\Data aplikací\SecuROM
[2010.11.18 18:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Skype
[2010.11.18 16:09:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\skypePM
[2009.10.23 17:13:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sony
[2009.12.24 12:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sony Ericsson
[2010.11.02 19:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\SPORE
[2009.04.27 16:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Sun
[2009.03.04 14:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\SUPERAntiSpyware.com
[2008.12.23 23:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\teamspeak2
[2010.01.27 19:31:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Teleca
[2010.12.05 17:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TrayCalendar
[2009.11.01 13:25:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\TuneUp Software
[2010.05.29 21:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Ubisoft
[2010.12.13 18:33:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\uTorrent
[2009.04.27 16:38:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\VitySoft
[2010.10.27 14:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\Vso
[2010.12.05 13:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\XemiComputers
[2010.12.05 14:00:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ales\Data aplikací\ZJSoftware
< %APPDATA%\*.exe /s >
[2009.10.28 15:11:47 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Ales\Data aplikací\inst.exe
[2008.02.13 11:30:06 | 000,088,576 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Documents and Settings\Ales\Data aplikací\Desktopicon\eBayShortcuts.exe
[2010.03.12 22:34:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{2FB2169F-04D8-FFC0-6A66-80EE652B93A5}\ARPPRODUCTICON.exe
[2009.10.28 23:28:25 | 000,001,150 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\ARPPRODUCTICON.exe
[2009.10.28 23:28:25 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\HUD.exe_84FB24B099734370B1077C38DDF20ABC.exe
[2009.10.28 23:28:25 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\NewShortcut1_84FB24B099734370B1077C38DDF20ABC.exe
[2009.10.28 23:28:25 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{84FB24B0-9973-4370-B107-7C38DDF20ABC}\UNINST_Uninstall_Gam_84FB24B099734370B1077C38DDF20ABC.exe
[2009.06.04 20:02:33 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Ales\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.03 04:40:36 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.10.23 22:42:25 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.10.31 16:00:38 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.10.31 13:37:12 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2009.10.31 16:00:38 | 030,408,704 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.10.31 16:00:38 | 008,126,464 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.03 04:40:36 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2010.12.12 02:36:09 | 000,138,160 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
< %systemroot%\system32\*.* /3 >
[2010.12.12 00:28:47 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.ex0
[2010.12.12 02:36:04 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2010.12.12 02:36:04 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[13 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< >
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:21F11E8D
< End of report >
a tady je EXTRAS.TXT:
OTL Extras logfile created on: 13.12.2010 18:39:15 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Ales\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 83,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 92,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 75,13 Gb Total Space | 11,88 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive E: | 97,65 Gb Total Space | 5,74 Gb Free Space | 5,88% Space Free | Partition Type: NTFS
Drive F: | 292,97 Gb Total Space | 116,71 Gb Free Space | 39,84% Space Free | Partition Type: NTFS
Computer Name: DOMA-0909F16251 | User Name: Ales | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"E:\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = E:\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{088C9BEE-CB92-5879-5E38-174426D1F8E6}" = ccc-core-preinstall
"{11439F51-B8D2-4736-9CDF-8889FEBE1029}" = Nero 7 Premium
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1A48AB8A-DA88-545F-9D3D-C481DC6C31A3}" = Catalyst Control Center Graphics Full Existing
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1D44C5C7-FCB6-8732-A960-3E3486661B02}" = Catalyst Control Center Graphics Full Existing
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{212B3742-5B29-B7C3-3973-69EE036E574E}" = Catalyst Control Center Graphics Previews Common
"{257DEF70-A302-CF80-79FE-D8C72EB5E4D0}" = ccc-utility
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 15
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{2CF6349E-8A3F-B726-F59A-8703FC8885E8}" = Catalyst Control Center Graphics Light
"{2FB2169F-04D8-FFC0-6A66-80EE652B93A5}" = Catalyst Control Center InstallProxy
"{302126A2-BB96-5931-6249-CAACA2C89AA1}" = ccc-core-static
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{4154BF17-EE1F-4F25-9696-2FF191FE0787}" = Organizér
"{428102E6-8A39-48B9-8389-847F5A44A600}" = MSXML 4.0
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54BB0384-1C33-488F-A95B-877E480D3EDC}" = MSXML 4.0
"{5B9EFDF8-AC4F-CA21-9A8C-7534D49E7EE9}" = Catalyst Control Center HydraVision Full
"{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6FDD0A02-A328-BEF2-E2B4-A62965620D09}" = ccc-utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.2.9.94
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{80AAD9DF-7E64-40D2-80D2-BECA41593EEB}" = AMT Media Manager
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84FB24B0-9973-4370-B107-7C38DDF20ABC}" = Gamer HUD
"{855AA20A-CA81-7EF1-1936-AE4AA3DC4BEA}" = ccc-core-preinstall
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8AA3831E-91FF-40D1-A800-BB27077A7543}" = Strašpytlík Eso v akci
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{93461FB1-59B0-4BF4-A302-537684CF4ED0}" = WinFast TV2000XP Global Driver
"{9799BD05-5F89-484C-008E-F50592F53440}" = Harry Potter a ohnivý pohár™
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{989EC86B-6D10-F330-54C6-352322D8D077}" = Catalyst Control Center Core Implementation
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BB86C70-E1EF-7457-46DC-0093B5269458}" = ATI Catalyst Install Manager
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9DF0D039-BAD2-254D-F54D-99537E86115B}" = CCC Help English
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9867BC9-0EAD-BAC6-C320-4FBC2E127643}" = Catalyst Control Center Core Implementation
"{ABB70F8E-B6BE-43F6-A9A9-46F21C5C22FE}" = Medal of Honor Airborne
"{AC1635BC-63CC-DF13-63BD-3C11B78EC40C}" = Catalyst Control Center Graphics Light
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8035D53-49FB-D8D1-1604-7CD016FE81B5}" = Catalyst Control Center Graphics Full New
"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BFF1715F-F0E5-4FDF-B2CC-FF5B7CC4733A}" = IE Download Helper
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}" = Just Cause 1.00.0000
"{CC419DDC-E0F0-4013-B25A-6FA036516F0D}" = Need for Speed™ ProStreet
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E6B5D9-6737-AF3E-7BE5-7327DD6B6002}" = Catalyst Control Center Graphics Previews Common
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4C82E4B-CD9E-27ED-BC6A-E099DE3EC3ED}" = CCC Help English
"{E7231089-60AD-CD67-8CC0-B0F415E2A32A}" = Catalyst Control Center Graphics Full New
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Noční život
"{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"4U WMA MP3 Converter_is1" = 4U WMA MP3 Converter 5.6.0
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"69083DC58646DE46A09847A522A1CC487F918039" = Balíček ovladače systému Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"9722CA1E8F72F362E93CBEC75A707FDABFC8D880" = Balíček ovladače systému Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"D050D7362D214723AD585B541FFB6C11" = DivX Content Uploader
"DiaryOne_is1" = DiaryOne 6.65
"Dostihy 3000 deluxe" = Dostihy 3000 deluxe 1.1
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab Platinum Custom_is1" = DVDFab Platinum 4.0.0.0 Beta Custom by Doc
"Free All to Image Jpg/Jpeg Bmp Tiff Png Converter_is1" = Free All to Image Jpg/Jpeg Bmp Tiff Png Converter 5.1
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GameParkClient_is1" = GamePark
"HF_ASISTENT" = Happy Foto HF Asistent (Jen odstranit)
"ie8" = Windows Internet Explorer 8
"InstallShield_{5EBAC9CB-97D7-44CD-A82D-4FCB37F582AC}" = World Racing 2
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Landi 2003 - jazykový kurz" = Landi 2003 - jazykový kurz
"Medal of Honor Airborne" = Medal of Honor Airborne
"MediaCoder" = MediaCoder 0.6.2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia PC Suite" = Nokia PC Suite
"PC Translator" = PC Translator
"Photo DVD Maker Professional" = Photo DVD Maker Professional 6.32
"Photo Filter Factory 8.1 : Image Processor 8.1" = Photo Filter Factory 8.1 : Image Processor 8.1
"PhotoFiltre" = PhotoFiltre
"Plants vs. Zombies" = Plants vs. Zombies
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"RADVideo" = RAD Video Tools
"ScreenShots" = ScreenShots (pouze odebrat) - nedelej to!
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"The KMPlayer" = The KMPlayer (remove only)
"Tomb Raider: Underworld" = Tomb Raider: Underworld 1.1
"uTorrent" = µTorrent
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinASO Registry Optimizer 4.2_is1" = WinASO Registry Optimizer 4.2
"WinAVI Video Converter_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinXMedia DVD Ripper" = WinXMedia DVD Ripper 4.17
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Xvid CZ 1.01_is1" = Xvid CZ 1.01
"XviD4PSP5" = XviD4PSP 5.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4.12.2010 22:38:59 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace KMPlayer.exe, verze 2.9.4.1435, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.12.2010 5:14:21 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.12.2010 8:45:37 | Computer Name = DOMA-0909F16251 | Source = MsiInstaller | ID = 11706
Description = Product: Organizér -- Error 1706.No valid source could be found for
product Organizér. The Windows Installer cannot continue.
Error - 5.12.2010 8:46:23 | Computer Name = DOMA-0909F16251 | Source = MsiInstaller | ID = 11706
Description = Product: Organizér -- Error 1706.No valid source could be found for
product Organizér. The Windows Installer cannot continue.
Error - 5.12.2010 12:41:42 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace DiaryOne.EXE, verze 2008.1.5.245, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 9.12.2010 12:44:00 | Computer Name = DOMA-0909F16251 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 11.12.2010 20:11:16 | Computer Name = DOMA-0909F16251 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Sims2EP7.exe, verze 1.13.0.135, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 13.12.2010 1:40:24 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 1:40:24 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%3
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Video Capture. neuspěla při spuštění v
důsledku následující chyby: %%2
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Crossbar. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 10:25:04 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%3
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Video Capture. neuspěla při spuštění v
důsledku následující chyby: %%2
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Crossbar. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%2
Error - 13.12.2010 12:17:42 | Computer Name = DOMA-0909F16251 | Source = Service Control Manager | ID = 7000
Description = Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku
následující chyby: %%3
< End of report >
Re: Problém s javou a flash playerem
Omlouvám se za zpoždění 
Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Otestujte na http://www.virustotal.com
C:\WINDOWS\System32\591DB075D2.sys
C:\WINDOWS\System32\affv9869p2now.sys
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače
Zapojte do pc všechny usb klíče, flashky...co používáte
Použijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci
-spusťte
-klikněte na volbu deletion , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt
Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 164 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:21F11E8D
O33 - MountPoints2\{15db4fc7-a03e-11dd-9777-001fd085ac5d}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe -- File not found
O33 - MountPoints2\{15db4fc7-a03e-11dd-9777-001fd085ac5d}\Shell\open\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\iuhi64.exe -- File not found
O33 - MountPoints2\{2d09cd57-c4c9-11de-9a49-001fd085ac5d}\Shell - "" = Autorun
O33 - MountPoints2\{2d09cd57-c4c9-11de-9a49-001fd085ac5d}\Shell\verb\command - "" = C:\WINDOWS\explorer.exe -- [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{3748bf8e-deef-11df-9d06-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{3748bf8e-deef-11df-9d06-001fd085ac5d}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{8bcaf4ce-c6e1-11de-9a52-001fd085ac5d}\Shell - "" = Autorun
O33 - MountPoints2\{8bcaf4ce-c6e1-11de-9a52-001fd085ac5d}\Shell\verb\command - "" = C:\WINDOWS\explorer.exe -- [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{936435d2-f4ad-11de-9ac4-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{936435d2-f4ad-11de-9ac4-001fd085ac5d}\Shell\AutoRun\command - "" = G:\MediaManager.exe -- File not found
O33 - MountPoints2\{936435d7-f4ad-11de-9ac4-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{936435d7-f4ad-11de-9ac4-001fd085ac5d}\Shell\AutoRun\command - "" = I:\MediaManager.exe -- File not found
O33 - MountPoints2\{bfc2436e-c41d-11de-9a45-001fd085ac5d}\Shell - "" = AutoRun
O33 - MountPoints2\{bfc2436e-c41d-11de-9a45-001fd085ac5d}\Shell\AutoRun\command - "" = G:\Install.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Eautorun.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Installer.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\MediaManager.exe -- File not found
O20 - Winlogon\Notify\cbssreg: DllName - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll - C:\Documents and Settings\All Users\Dokumenty\Settings\cbss.dll File not found
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Ales\Data aplikací\ozzfhv.exe) - C:\Documents and Settings\Ales\Data aplikací\ozzfhv.exe File not found
O20 - HKU\S-1-5-21-746137067-1292428093-725345543-1003 Winlogon: Shell - (C:\Documents and Settings\Ales\Data aplikací\lbisov.exe) - C:\Documents and Settings\Ales\Data aplikací\lbisov.exe File not found
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [GEST] File not found
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\Ales\Data aplikací\Desktopicon\eBayShortcuts.exe
C:\Documents and Settings\Ales\Data aplikací\inst.exe
:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Otestujte na http://www.virustotal.comC:\WINDOWS\System32\591DB075D2.sys
C:\WINDOWS\System32\affv9869p2now.sys
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače
Zapojte do pc všechny usb klíče, flashky...co používátePoužijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci-spusťte
-klikněte na volbu deletion , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problém s javou a flash playerem
Dobrý večer, vůbec nechápu, proč se mi omlouváte za zpoždění, já jsem rád, že se mi vůbec věnujete.
Takže tady to je postupně.
OTL log:
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Ales
->Temp folder emptied: 299838 bytes
->Temporary Internet Files folder emptied: 26370576 bytes
->Java cache emptied: 1896 bytes
->Flash cache emptied: 7559 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 2424269 bytes
User: NetworkService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: všichni
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 30191144 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 193290 bytes
Total Files Cleaned = 57,00 mb
[EMPTYFLASH]
User: Administrator
User: Ales
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: všichni
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12142010_182904
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Ales\Local Settings\Temp\Temporary Internet Files\Content.IE5\LA5K0IXL\consoles;net=ns;u=ns-76045230_1258846721,1153cde64e83dca,Miscellaneous,;;kw=;dcopt=ist;tile=1;ord1=804963;sz=728x90;contx=Miscellaneous;btg=;ord=1599727535856951[2] not found!
File\Folder C:\Documents and Settings\Ales\Local Settings\Temp\Temporary Internet Files\Content.IE5\LA5K0IXL\dechannel=ignpsp&network=fim&random=1258846626458§ion_id=1598§ion_id=1598&property=ign&articletype=story&ct=js&chann[1].com&year=2004&src=wrapper®insider=n&topic_id=748& not found!
File\Folder C:\Documents and Settings\Ales\Local Settings\Temp\Temporary Internet Files\Content.IE5\JOAGY65S\consoles;net=ns;u=ns-29462795_1258846725,1153cde64e83dca,Miscellaneous,;;kw=;tile=2;ord1=786350;sz=300x250,336x280;contx=Miscellaneous;btg=;ord=1599727535856951[2] not found!
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
MBAM log:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 5312
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14.12.2010 20:23:41
mbam-log-2010-12-14 (20-23-08).txt
Typ kontroly: Úplný test (C:\|E:\|F:\|)
Testované objekty: 309812
Uplynulý čas: 1 hodin, 4 minut, 26 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 6
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Adparatus (Adware.Adparatus) -> No action taken.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Worm.Palevo) -> Value: Shell -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\RP259\A0117660.exe (RiskWare.Tool.CK) -> No action taken.
c:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\rp265\a0118731.exe (Rootkit.TDSS) -> No action taken.
c:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\rp265\a0118732.exe (Rootkit.TDSS) -> No action taken.
c:\_OTL\movedfiles\12142010_182904\c_documents and settings\Ales\data aplikací\desktopicon\ebayshortcuts.exe (Adware.ADON) -> No action taken.
f:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\RP264\A0118446.dll (Riskware.Tool.CK) -> No action taken.
c:\documents and settings\Ales\data aplikací\avdrn.dat (Malware.Trace) -> No action taken.
Co se týká testu na http://www.virustotal.com
C:\WINDOWS\System32\591DB075D2.sys
C:\WINDOWS\System32\affv9869p2now.sys
NEFUNGUJE, zadám vše podle Vámi uvedeného postupu a neděje se nic, nevím, jestli to není právě jeden z projevů chyby, kterou řešíme, odkazy na některé stránky na webu, "tlačítka" typu "stahuj" "skenuj" apod. na webu prostě nefungují.
A poslední log z USBfixu je na dvakrát, zapomněl jsem na jeden USBflash disk, tak jsem ho udělal zvlášt. Celkem tam jsou dva externí HD (160 a 500 GB), MP3, foťák a výše uvedený flash disk:
[18/11/2010 - 19:53:47 | D ] J:\Brüno
[17/01/2010 - 14:17:35 | A | 1215684608] J:\Bílá masajka czdub.avi
[14/02/2010 - 23:04:07 | A | 733745682] J:\Chces me, chci te, komedie 2009 cz.avi
[17/11/2010 - 10:16:00 | D ] J:\Chocolate avi cztit
[05/12/2010 - 03:43:20 | D ] J:\Cimrman
[14/10/2006 - 07:15:58 | A | 753555862] J:\Do Hlubiny czdub.avi
[27/11/2010 - 00:30:06 | D ] J:\Dostihy a Sazky
[18/11/2010 - 19:57:51 | D ] J:\Eqilibrium
[18/11/2010 - 20:01:32 | D ] J:\Family Guy
[18/11/2010 - 18:55:04 | D ] J:\FUTURAMA
[15/11/2010 - 20:48:19 | D ] J:\Gothic 4 - RELOADED
[06/11/2010 - 23:19:18 | A | 873771646] J:\Habermannův mlýn.avi
[18/11/2010 - 18:58:17 | D ] J:\hanební parchanti V
[06/10/2009 - 00:28:46 | A | 1039160572] J:\Hlidac 47.avi
[04/09/2010 - 17:53:11 | A | 1005754368] J:\I love you Pilip Morris czdub.avi
[07/11/2010 - 00:23:08 | A | 734100406] J:\Kajínek --2010 -Cz V.avi
[21/10/2010 - 13:14:10 | A | 1465360384] J:\Katyň - válečný CZ dabing J..avi
[06/07/2010 - 20:05:22 | A | 1553740384] J:\Láska z Paříže cztit.mkv
[26/10/2010 - 16:30:14 | A | 733890560] J:\Machete cztit.avi
[17/10/2010 - 01:54:05 | A | 737140736] J:\Muži co zíraji na kozy cz.avi
[19/03/2010 - 17:43:12 | A | 731580416] J:\Navrh SUPER novinky 2009 cz dabing komedie.avi
[20/11/2010 - 09:43:51 | RSHD ] J:\neukrotiva
[19/03/2010 - 17:04:49 | A | 805862474] J:\Ninja Assassin novinky 2010 CZ.avi
[27/10/2010 - 18:19:06 | A | 907153408] J:\Odstřelovač - CZ super akční film 2010.avi
[01/11/2010 - 07:45:24 | A | 732676234] J:\Ozbrojeni a nebezpecni-2010-CZ dabing(akční,drama,speciální jednotky,novinky)_medanikus_.avi
[13/11/2010 - 18:19:20 | D ] J:\Pacific czdub (seriál 10 dílů)
[17/11/2010 - 10:19:12 | D ] J:\Planeta 51 avi cztit
[27/03/2010 - 22:10:34 | A | 742295872] J:\Posledni plavky.avi
[17/09/2010 - 15:46:14 | A | 1244912734] J:\Postradatelní cztit.avi
[13/04/2010 - 18:48:20 | A | 906672128] J:\Protektor.avi
[18/11/2010 - 18:59:29 | D ] J:\Případ nevěrné Kláry
[13/05/2010 - 14:57:44 | A | 910028612] J:\Případ číslo 39 czdub.avi
[17/11/2010 - 10:24:54 | D ] J:\Quid pro quo avi cztit
[14/12/2010 - 20:50:49 | SHD ] J:\RECYCLER
[26/10/2010 - 13:22:38 | A | 715897856] J:\Red cztit.avi
[19/09/2010 - 18:47:25 | A | 1040373676] J:\Robin Hood 2010 czdub.avi
[17/11/2010 - 10:25:25 | D ] J:\Ross Kemp v Afganistanu
[05/09/2010 - 09:51:39 | A | 735068160] J:\Salt cztit.avi
[13/11/2010 - 18:30:55 | D ] J:\STALKER Call Of Pripyat-Razor1911
[26/11/2010 - 08:58:35 | SHD ] J:\System Volume Information
[06/04/2010 - 19:50:45 | A | 1511181384] J:\Terminator 4 salvation CZ - Dabing(akční,sci-fi,dobrodružný,novinky)_medanikus_.avi
[06/07/2010 - 17:31:08 | A | 1703635231] J:\The Losers cztit.mkv
[20/11/2010 - 09:44:18 | ASH | 19456] J:\Thumbs.db
[18/11/2010 - 18:59:31 | D ] J:\Tobruk
[09/04/2010 - 21:00:25 | A | 734009344] J:\TOM A JERRY FILM.CZ.avi
[06/03/2010 - 18:55:33 | A | 891228160] J:\trainspotting-cz.avi
[18/08/2004 - 13:00:00 | RASH | 95034] J:\trz4.tmp
[04/03/2010 - 20:11:15 | A | 1203482624] J:\U mě dobrý 2008 ČR komedie 2008 avi.cz.avi
[18/11/2010 - 20:04:04 | D ] J:\Ultraviolet
[07/01/2010 - 13:04:56 | A | 735510946] J:\Veni.Vidi.Vici.2009.DVDRip.XviD.CZ.avi
[18/11/2010 - 18:31:29 | D ] J:\Yes Man v
[21/06/2010 - 18:24:39 | A | 736053248] J:\Zelená zóna cztit.avi
[24/01/2010 - 21:28:26 | A | 732917760] J:\Zeme ztracenych - 2009 - CZ.avi
[27/11/2010 - 00:02:47 | D ] J:\záloha 27.11. 2010
[18/11/2010 - 18:39:56 | D ] J:\ČERVENÝ TRPASLÍK
[05/07/2010 - 12:46:58 | A | 1024856064] J:\Čtvrtý druh czdub.avi
################## | Vaccin |
druhá část:
############################## | UsbFix 7.014 | [Deletion]
User: Ales (Administrator) # DOMA-0909F16251 [ ]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 20:56:53 | 14/12/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886757 [Enabled | Updated]
RAM -> 3326 Mb
C:\ (%systemdrive%) -> Fixed drive # 75 Gb (12 Mb free - 16%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 98 Gb (6 Mb free - 6%) [] # NTFS
F:\ -> Fixed drive # 293 Gb (117 Mb free - 40%) [] # NTFS
G:\ -> Removable drive # 2 Gb (2 Mb free - 91%) [ALEŠ] # FAT32
################## | Files # Infected Folders |
################## | Registry |
################## | Mountpoints2 |
################## | Listing |
[08/03/2009 - 22:18:51 | A | 50] C:\AUTOEXEC.BAT
[31/10/2009 - 15:10:23 | SH | 211] C:\boot.ini
[25/10/2001 - 15:00:00 | RASH | 4952] C:\Bootfont.bin
[27/09/2008 - 18:02:23 | A | 0] C:\CONFIG.SYS
[28/10/2009 - 22:09:59 | D ] C:\Documents and Settings
[12/03/2010 - 18:35:19 | SHD ] C:\found.000
[27/09/2008 - 18:17:58 | D ] C:\Intel
[27/09/2008 - 18:02:23 | RASH | 0] C:\IO.SYS
[27/09/2008 - 18:02:23 | RASH | 0] C:\MSDOS.SYS
[27/09/2008 - 22:35:11 | RHD ] C:\MSOCache
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[12/10/2008 - 06:35:24 | RASH | 250576] C:\ntldr
[14/12/2010 - 18:31:45 | ASH | 2145386496] C:\pagefile.sys
[14/12/2010 - 19:09:51 | RD ] C:\Program Files
[14/12/2010 - 20:57:19 | SHD ] C:\RECYCLER
[27/11/2010 - 01:26:24 | D ] C:\Shoty
[31/10/2009 - 15:18:33 | SHD ] C:\System Volume Information
[14/12/2010 - 20:57:19 | D ] C:\UsbFix
[14/12/2010 - 20:57:19 | A | 963] C:\UsbFix.txt
[14/12/2010 - 20:56:49 | D ] C:\WINDOWS
[14/12/2010 - 18:29:04 | D ] C:\_OTL
[27/12/2009 - 09:54:57 | D ] E:\Activision
[05/12/2010 - 03:29:08 | D ] E:\Dostihy 3000 Deluxe
[26/12/2009 - 22:48:02 | D ] E:\Dragon Age
[21/03/2010 - 10:34:36 | D ] E:\EA GAMES
[01/01/2010 - 17:30:54 | D ] E:\Mass Effect
[02/05/2010 - 13:47:44 | D ] E:\Metin2_CZ
[15/10/2010 - 23:00:56 | D ] E:\Nová složka
[17/12/2009 - 18:00:56 | D ] E:\poker
[14/12/2010 - 20:57:19 | SHD ] E:\RECYCLER
[01/11/2009 - 13:47:42 | D ] E:\Rockstar Games
[12/10/2008 - 11:55:19 | D ] E:\SACC - TDL
[14/12/2010 - 17:45:55 | D ] E:\Steam
[31/10/2009 - 15:32:33 | SHD ] E:\System Volume Information
[06/03/2009 - 15:13:38 | D ] E:\Ubisoft
[10/12/2010 - 22:28:24 | D ] E:\World of Warcraft
[15/08/2009 - 09:19:49 | D ] F:\3ac8c05beb01dd9794be50
[12/12/2010 - 19:17:36 | D ] F:\down
[03/12/2010 - 20:06:59 | D ] F:\hry instalace
[12/12/2010 - 19:28:48 | D ] F:\k dalšímu zpracování
[05/12/2010 - 09:28:15 | D ] F:\my Music
[14/12/2010 - 20:57:19 | SHD ] F:\RECYCLER
[31/10/2009 - 15:32:33 | SHD ] F:\System Volume Information
[22/08/2010 - 19:20:48 | A | 349184] G:\Rádiový provoz v anglickém jazyce.doc
[05/12/2010 - 01:07:02 | A | 1364480] G:\Docházka Vysloužil.xls
[06/04/2009 - 12:21:28 | A | 12096000] G:\Iveco.doc
[12/02/2004 - 11:27:24 | A | 442880] G:\Vedení provozu.ppt
[16/02/2004 - 08:43:58 | A | 511488] G:\Vedení rad. provozu v ANG.ppt
[02/12/2010 - 23:56:40 | A | 146656048] G:\Nightwork - Tepláky.avi
[08/12/2010 - 15:18:26 | A | 25088] G:\Organizér na rok 2011 komplet.doc
[14/12/2010 - 20:19:40 | A | 18432] G:\návrh.xls
[21/10/2010 - 08:25:50 | A | 1017282] G:\Vševojsk 4-2 2010.pdf
[20/09/2010 - 00:21:40 | SHD ] G:\Recycled
[12/09/2010 - 22:36:06 | D ] G:\autorun.inf
[03/12/2010 - 01:45:16 | A | 16957291] G:\OK Go - Here it goes again.mp4
[14/12/2010 - 13:34:56 | A | 27648] G:\Udělení volna za nepřetržitý výcvik.doc
[04/11/2010 - 09:18:40 | D ] G:\Radio communications
################## | Vaccin |
Zatím moc děkuji.
Takže tady to je postupně.
OTL log:
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Ales
->Temp folder emptied: 299838 bytes
->Temporary Internet Files folder emptied: 26370576 bytes
->Java cache emptied: 1896 bytes
->Flash cache emptied: 7559 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 2424269 bytes
User: NetworkService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: všichni
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 30191144 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 193290 bytes
Total Files Cleaned = 57,00 mb
[EMPTYFLASH]
User: Administrator
User: Ales
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: všichni
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12142010_182904
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Ales\Local Settings\Temp\Temporary Internet Files\Content.IE5\LA5K0IXL\consoles;net=ns;u=ns-76045230_1258846721,1153cde64e83dca,Miscellaneous,;;kw=;dcopt=ist;tile=1;ord1=804963;sz=728x90;contx=Miscellaneous;btg=;ord=1599727535856951[2] not found!
File\Folder C:\Documents and Settings\Ales\Local Settings\Temp\Temporary Internet Files\Content.IE5\LA5K0IXL\dechannel=ignpsp&network=fim&random=1258846626458§ion_id=1598§ion_id=1598&property=ign&articletype=story&ct=js&chann[1].com&year=2004&src=wrapper®insider=n&topic_id=748& not found!
File\Folder C:\Documents and Settings\Ales\Local Settings\Temp\Temporary Internet Files\Content.IE5\JOAGY65S\consoles;net=ns;u=ns-29462795_1258846725,1153cde64e83dca,Miscellaneous,;;kw=;tile=2;ord1=786350;sz=300x250,336x280;contx=Miscellaneous;btg=;ord=1599727535856951[2] not found!
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
MBAM log:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Verze databáze: 5312
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
14.12.2010 20:23:41
mbam-log-2010-12-14 (20-23-08).txt
Typ kontroly: Úplný test (C:\|E:\|F:\|)
Testované objekty: 309812
Uplynulý čas: 1 hodin, 4 minut, 26 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 6
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Adparatus (Adware.Adparatus) -> No action taken.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Worm.Palevo) -> Value: Shell -> No action taken.
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\RP259\A0117660.exe (RiskWare.Tool.CK) -> No action taken.
c:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\rp265\a0118731.exe (Rootkit.TDSS) -> No action taken.
c:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\rp265\a0118732.exe (Rootkit.TDSS) -> No action taken.
c:\_OTL\movedfiles\12142010_182904\c_documents and settings\Ales\data aplikací\desktopicon\ebayshortcuts.exe (Adware.ADON) -> No action taken.
f:\system volume information\_restore{9fe988a4-95b2-4b6f-b26d-7ce86412797c}\RP264\A0118446.dll (Riskware.Tool.CK) -> No action taken.
c:\documents and settings\Ales\data aplikací\avdrn.dat (Malware.Trace) -> No action taken.
Co se týká testu na http://www.virustotal.com
C:\WINDOWS\System32\591DB075D2.sys
C:\WINDOWS\System32\affv9869p2now.sys
NEFUNGUJE, zadám vše podle Vámi uvedeného postupu a neděje se nic, nevím, jestli to není právě jeden z projevů chyby, kterou řešíme, odkazy na některé stránky na webu, "tlačítka" typu "stahuj" "skenuj" apod. na webu prostě nefungují.
A poslední log z USBfixu je na dvakrát, zapomněl jsem na jeden USBflash disk, tak jsem ho udělal zvlášt. Celkem tam jsou dva externí HD (160 a 500 GB), MP3, foťák a výše uvedený flash disk:
[18/11/2010 - 19:53:47 | D ] J:\Brüno
[17/01/2010 - 14:17:35 | A | 1215684608] J:\Bílá masajka czdub.avi
[14/02/2010 - 23:04:07 | A | 733745682] J:\Chces me, chci te, komedie 2009 cz.avi
[17/11/2010 - 10:16:00 | D ] J:\Chocolate avi cztit
[05/12/2010 - 03:43:20 | D ] J:\Cimrman
[14/10/2006 - 07:15:58 | A | 753555862] J:\Do Hlubiny czdub.avi
[27/11/2010 - 00:30:06 | D ] J:\Dostihy a Sazky
[18/11/2010 - 19:57:51 | D ] J:\Eqilibrium
[18/11/2010 - 20:01:32 | D ] J:\Family Guy
[18/11/2010 - 18:55:04 | D ] J:\FUTURAMA
[15/11/2010 - 20:48:19 | D ] J:\Gothic 4 - RELOADED
[06/11/2010 - 23:19:18 | A | 873771646] J:\Habermannův mlýn.avi
[18/11/2010 - 18:58:17 | D ] J:\hanební parchanti V
[06/10/2009 - 00:28:46 | A | 1039160572] J:\Hlidac 47.avi
[04/09/2010 - 17:53:11 | A | 1005754368] J:\I love you Pilip Morris czdub.avi
[07/11/2010 - 00:23:08 | A | 734100406] J:\Kajínek --2010 -Cz V.avi
[21/10/2010 - 13:14:10 | A | 1465360384] J:\Katyň - válečný CZ dabing J..avi
[06/07/2010 - 20:05:22 | A | 1553740384] J:\Láska z Paříže cztit.mkv
[26/10/2010 - 16:30:14 | A | 733890560] J:\Machete cztit.avi
[17/10/2010 - 01:54:05 | A | 737140736] J:\Muži co zíraji na kozy cz.avi
[19/03/2010 - 17:43:12 | A | 731580416] J:\Navrh SUPER novinky 2009 cz dabing komedie.avi
[20/11/2010 - 09:43:51 | RSHD ] J:\neukrotiva
[19/03/2010 - 17:04:49 | A | 805862474] J:\Ninja Assassin novinky 2010 CZ.avi
[27/10/2010 - 18:19:06 | A | 907153408] J:\Odstřelovač - CZ super akční film 2010.avi
[01/11/2010 - 07:45:24 | A | 732676234] J:\Ozbrojeni a nebezpecni-2010-CZ dabing(akční,drama,speciální jednotky,novinky)_medanikus_.avi
[13/11/2010 - 18:19:20 | D ] J:\Pacific czdub (seriál 10 dílů)
[17/11/2010 - 10:19:12 | D ] J:\Planeta 51 avi cztit
[27/03/2010 - 22:10:34 | A | 742295872] J:\Posledni plavky.avi
[17/09/2010 - 15:46:14 | A | 1244912734] J:\Postradatelní cztit.avi
[13/04/2010 - 18:48:20 | A | 906672128] J:\Protektor.avi
[18/11/2010 - 18:59:29 | D ] J:\Případ nevěrné Kláry
[13/05/2010 - 14:57:44 | A | 910028612] J:\Případ číslo 39 czdub.avi
[17/11/2010 - 10:24:54 | D ] J:\Quid pro quo avi cztit
[14/12/2010 - 20:50:49 | SHD ] J:\RECYCLER
[26/10/2010 - 13:22:38 | A | 715897856] J:\Red cztit.avi
[19/09/2010 - 18:47:25 | A | 1040373676] J:\Robin Hood 2010 czdub.avi
[17/11/2010 - 10:25:25 | D ] J:\Ross Kemp v Afganistanu
[05/09/2010 - 09:51:39 | A | 735068160] J:\Salt cztit.avi
[13/11/2010 - 18:30:55 | D ] J:\STALKER Call Of Pripyat-Razor1911
[26/11/2010 - 08:58:35 | SHD ] J:\System Volume Information
[06/04/2010 - 19:50:45 | A | 1511181384] J:\Terminator 4 salvation CZ - Dabing(akční,sci-fi,dobrodružný,novinky)_medanikus_.avi
[06/07/2010 - 17:31:08 | A | 1703635231] J:\The Losers cztit.mkv
[20/11/2010 - 09:44:18 | ASH | 19456] J:\Thumbs.db
[18/11/2010 - 18:59:31 | D ] J:\Tobruk
[09/04/2010 - 21:00:25 | A | 734009344] J:\TOM A JERRY FILM.CZ.avi
[06/03/2010 - 18:55:33 | A | 891228160] J:\trainspotting-cz.avi
[18/08/2004 - 13:00:00 | RASH | 95034] J:\trz4.tmp
[04/03/2010 - 20:11:15 | A | 1203482624] J:\U mě dobrý 2008 ČR komedie 2008 avi.cz.avi
[18/11/2010 - 20:04:04 | D ] J:\Ultraviolet
[07/01/2010 - 13:04:56 | A | 735510946] J:\Veni.Vidi.Vici.2009.DVDRip.XviD.CZ.avi
[18/11/2010 - 18:31:29 | D ] J:\Yes Man v
[21/06/2010 - 18:24:39 | A | 736053248] J:\Zelená zóna cztit.avi
[24/01/2010 - 21:28:26 | A | 732917760] J:\Zeme ztracenych - 2009 - CZ.avi
[27/11/2010 - 00:02:47 | D ] J:\záloha 27.11. 2010
[18/11/2010 - 18:39:56 | D ] J:\ČERVENÝ TRPASLÍK
[05/07/2010 - 12:46:58 | A | 1024856064] J:\Čtvrtý druh czdub.avi
################## | Vaccin |
druhá část:
############################## | UsbFix 7.014 | [Deletion]
User: Ales (Administrator) # DOMA-0909F16251 [ ]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 20:56:53 | 14/12/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886757 [Enabled | Updated]
RAM -> 3326 Mb
C:\ (%systemdrive%) -> Fixed drive # 75 Gb (12 Mb free - 16%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 98 Gb (6 Mb free - 6%) [] # NTFS
F:\ -> Fixed drive # 293 Gb (117 Mb free - 40%) [] # NTFS
G:\ -> Removable drive # 2 Gb (2 Mb free - 91%) [ALEŠ] # FAT32
################## | Files # Infected Folders |
################## | Registry |
################## | Mountpoints2 |
################## | Listing |
[08/03/2009 - 22:18:51 | A | 50] C:\AUTOEXEC.BAT
[31/10/2009 - 15:10:23 | SH | 211] C:\boot.ini
[25/10/2001 - 15:00:00 | RASH | 4952] C:\Bootfont.bin
[27/09/2008 - 18:02:23 | A | 0] C:\CONFIG.SYS
[28/10/2009 - 22:09:59 | D ] C:\Documents and Settings
[12/03/2010 - 18:35:19 | SHD ] C:\found.000
[27/09/2008 - 18:17:58 | D ] C:\Intel
[27/09/2008 - 18:02:23 | RASH | 0] C:\IO.SYS
[27/09/2008 - 18:02:23 | RASH | 0] C:\MSDOS.SYS
[27/09/2008 - 22:35:11 | RHD ] C:\MSOCache
[03/08/2004 - 21:38:34 | RASH | 47564] C:\NTDETECT.COM
[12/10/2008 - 06:35:24 | RASH | 250576] C:\ntldr
[14/12/2010 - 18:31:45 | ASH | 2145386496] C:\pagefile.sys
[14/12/2010 - 19:09:51 | RD ] C:\Program Files
[14/12/2010 - 20:57:19 | SHD ] C:\RECYCLER
[27/11/2010 - 01:26:24 | D ] C:\Shoty
[31/10/2009 - 15:18:33 | SHD ] C:\System Volume Information
[14/12/2010 - 20:57:19 | D ] C:\UsbFix
[14/12/2010 - 20:57:19 | A | 963] C:\UsbFix.txt
[14/12/2010 - 20:56:49 | D ] C:\WINDOWS
[14/12/2010 - 18:29:04 | D ] C:\_OTL
[27/12/2009 - 09:54:57 | D ] E:\Activision
[05/12/2010 - 03:29:08 | D ] E:\Dostihy 3000 Deluxe
[26/12/2009 - 22:48:02 | D ] E:\Dragon Age
[21/03/2010 - 10:34:36 | D ] E:\EA GAMES
[01/01/2010 - 17:30:54 | D ] E:\Mass Effect
[02/05/2010 - 13:47:44 | D ] E:\Metin2_CZ
[15/10/2010 - 23:00:56 | D ] E:\Nová složka
[17/12/2009 - 18:00:56 | D ] E:\poker
[14/12/2010 - 20:57:19 | SHD ] E:\RECYCLER
[01/11/2009 - 13:47:42 | D ] E:\Rockstar Games
[12/10/2008 - 11:55:19 | D ] E:\SACC - TDL
[14/12/2010 - 17:45:55 | D ] E:\Steam
[31/10/2009 - 15:32:33 | SHD ] E:\System Volume Information
[06/03/2009 - 15:13:38 | D ] E:\Ubisoft
[10/12/2010 - 22:28:24 | D ] E:\World of Warcraft
[15/08/2009 - 09:19:49 | D ] F:\3ac8c05beb01dd9794be50
[12/12/2010 - 19:17:36 | D ] F:\down
[03/12/2010 - 20:06:59 | D ] F:\hry instalace
[12/12/2010 - 19:28:48 | D ] F:\k dalšímu zpracování
[05/12/2010 - 09:28:15 | D ] F:\my Music
[14/12/2010 - 20:57:19 | SHD ] F:\RECYCLER
[31/10/2009 - 15:32:33 | SHD ] F:\System Volume Information
[22/08/2010 - 19:20:48 | A | 349184] G:\Rádiový provoz v anglickém jazyce.doc
[05/12/2010 - 01:07:02 | A | 1364480] G:\Docházka Vysloužil.xls
[06/04/2009 - 12:21:28 | A | 12096000] G:\Iveco.doc
[12/02/2004 - 11:27:24 | A | 442880] G:\Vedení provozu.ppt
[16/02/2004 - 08:43:58 | A | 511488] G:\Vedení rad. provozu v ANG.ppt
[02/12/2010 - 23:56:40 | A | 146656048] G:\Nightwork - Tepláky.avi
[08/12/2010 - 15:18:26 | A | 25088] G:\Organizér na rok 2011 komplet.doc
[14/12/2010 - 20:19:40 | A | 18432] G:\návrh.xls
[21/10/2010 - 08:25:50 | A | 1017282] G:\Vševojsk 4-2 2010.pdf
[20/09/2010 - 00:21:40 | SHD ] G:\Recycled
[12/09/2010 - 22:36:06 | D ] G:\autorun.inf
[03/12/2010 - 01:45:16 | A | 16957291] G:\OK Go - Here it goes again.mp4
[14/12/2010 - 13:34:56 | A | 27648] G:\Udělení volna za nepřetržitý výcvik.doc
[04/11/2010 - 09:18:40 | D ] G:\Radio communications
################## | Vaccin |
Zatím moc děkuji.
Re: Problém s javou a flash playerem
Ten první log z usbfixu není celý. Máte to zavirované 
Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte combofix na žížala.com
Kdyby nešel stahnout, napište.
Spusťte combofix podle tohoto návoduhttp://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte combofix na žížala.com
Kdyby nešel stahnout, napište.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Problém s javou a flash playerem
Dobrý večer, takže jsem to krok za krokem spustil podle návodu a tady je log z Combofixu:
ComboFix 10-12-15.02 - Ales 15.12.2010 19:43:16.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2810 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ales\Plocha\žížala.com.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Ales\Data aplikací\Desktopicon
c:\documents and settings\Ales\Data aplikací\Desktopicon\config.ini
c:\documents and settings\All Users\Dokumenty\Settings
c:\windows\ST6UNST.000
c:\windows\system32\Dvbpws.dll
c:\windows\system32\Ijl11.dll
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-15 do 2010-12-15 )))))))))))))))))))))))))))))))
.
2010-12-14 19:46 . 2010-12-14 19:57 -------- d-----w- C:\UsbFix
2010-12-14 18:09 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-14 18:09 . 2010-12-14 18:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-14 18:09 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-14 17:29 . 2010-12-14 17:29 -------- d-----w- C:\_OTL
2010-12-12 15:56 . 2010-12-12 15:56 -------- d-----w- c:\program files\PopCap Games
2010-12-12 14:27 . 2010-12-12 14:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PopCap Games
2010-12-09 21:00 . 2010-12-12 19:58 -------- d-----w- c:\program files\CCleaner
2010-12-09 20:59 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-09 20:59 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-12-09 20:59 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-12-09 20:58 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-12-09 20:58 . 2010-09-07 15:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-12-09 20:58 . 2010-09-07 15:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-12-09 20:58 . 2010-09-07 15:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-12-09 20:58 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-12-09 20:58 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-12-09 20:58 . 2010-12-09 20:58 -------- d-----w- c:\program files\Alwil Software
2010-12-09 17:59 . 2010-12-09 17:59 -------- d-----w- c:\documents and settings\Ales\Local Settings\Data aplikací\{3248F0A6-6813-11D6-A77B-00B0D0150000}
2010-12-09 17:43 . 2010-12-09 17:43 -------- d-----w- c:\program files\WinASO
2010-12-09 17:15 . 2010-12-09 17:16 -------- dc-h--w- c:\windows\ie8
2010-12-05 16:38 . 2010-12-14 18:36 -------- d-----w- c:\program files\DiaryOne
2010-12-05 16:26 . 2010-12-05 16:26 -------- d-----w- c:\documents and settings\Ales\Data aplikací\TrayCalendar
2010-12-05 16:23 . 2010-12-05 16:23 -------- d-----w- c:\documents and settings\Ales\Data aplikací\Chaos Software
2010-12-05 16:23 . 2010-12-05 16:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Chaos Software
2010-12-05 14:34 . 2010-12-05 14:34 -------- d-----w- c:\documents and settings\Ales\Data aplikací\Konrad Papala
2010-12-05 13:00 . 2010-12-05 13:00 -------- d-----w- c:\documents and settings\Ales\Data aplikací\ZJSoftware
2010-12-05 12:33 . 2010-12-05 12:33 -------- d-----w- c:\documents and settings\Ales\Data aplikací\XemiComputers
2010-12-05 10:55 . 2010-12-05 10:55 -------- d-----w- c:\documents and settings\Ales\Data aplikací\ERGOM
2010-12-05 10:54 . 2010-12-05 10:54 -------- d-----w- c:\program files\Business Objects
2010-11-28 09:15 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\WINASPI.DLL
2010-11-28 09:15 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2010-11-27 13:18 . 2010-11-27 13:18 -------- d-----w- c:\documents and settings\Ales\Local Settings\Data aplikací\Electronic Arts
2010-11-27 00:06 . 2010-11-27 00:06 -------- d-----w- c:\program files\Fireluke
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-12 01:36 . 2009-11-05 15:13 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-12 01:36 . 2009-11-05 15:13 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-12 01:36 . 2009-03-01 19:00 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-12-11 23:28 . 2009-11-05 15:13 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2010-12-03 18:46 . 2009-06-01 21:01 475136 ------w- c:\windows\Setup1.exe
2010-12-03 18:46 . 2009-06-01 21:01 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-11-27 10:04 . 2009-11-05 15:13 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-23 21:42 . 2010-10-23 21:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-19 20:37 . 2008-10-04 12:12 22328 ----a-w- c:\documents and settings\Ales\Data aplikací\PnkBstrK.sys
2010-09-19 20:37 . 2010-05-27 18:38 2250024 ----a-w- c:\windows\system32\pbsvc.exe
2010-09-18 10:23 . 2004-08-17 13:49 974848 ------w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ------w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ------w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ------w- c:\windows\system32\mfc40u.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 139264]
"OEXPRESS"="c:\windows\OETRN.EXE" [2009-11-09 26624]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-25 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-11-15 2850816]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"AMTDeviceService"="c:\program files\AMT Media Manager\AMTDeviceService.exe" [2009-01-21 184320]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2009-10-28 81997]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"e:\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"e:\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.10.2010 22:31 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.12.2010 21:59 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.12.2010 21:59 17744]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [28.10.2009 16:35 9446]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (Video);c:\windows\system32\drivers\wfeaglxt.sys [2.10.2008 21:51 405632]
S2 gupdate;Služba Google Update (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\dragon age\bin_ship\daupdatersvc.service.exe [26.12.2009 9:01 25832]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\windows\system32\drivers\digirlpt.sys [28.11.2009 19:33 42432]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [29.5.2010 11:04 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [29.5.2010 11:04 8320]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 XDva281;XDva281;\??\c:\windows\system32\XDva281.sys --> c:\windows\system32\XDva281.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
IE: DiaryOne: Save full text - c:\program files\DiaryOne\Script\fullcatcher.htm
IE: DiaryOne: Save selected text - c:\program files\DiaryOne\Script\catcher.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B} - c:\program files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe
AddRemove-{8CFA9151-6404-409A-AF22-4632D04582FD} - c:\program files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe
AddRemove-{ABB70F8E-B6BE-43F6-A9A9-46F21C5C22FE} - c:\program files\InstallShield Installation Information\{ABB70F8E-B6BE-43F6-A9A9-46F21C5C22FE}\setup.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-15 19:45
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CFCE647-8B7D-FDC9-CAAA-30D2BBB939F8}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:16,14,7e,3e,f9,c1,ad,28,5d,8b,e1,53,15,00,07,91,b8,4b,cd,53,e9,a0,a5,
b6,5f,87,78,1e,17,e1,97,73,16,56,99,33,0a,26,34,8b,ca,16,8c,8d,37,6b,47,00,\
"??"=hex:25,37,22,6c,20,3a,78,8f,8b,c0,d1,01,fd,51,a6,28
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:0d,dd,55,5a,51,74,64,ed,b7,45,88,a9,d0,ad,e7,6f,26,80,8a,e0,f0,
fd,12,76,51,75,fb,5c,91,0a,5f,a1,dc,b4,f1,51,58,65,b6,70,e4,dd,5b,75,96,5a,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-12-15 19:47:06
ComboFix-quarantined-files.txt 2010-12-15 18:47
Před spuštěním: Volných bajtů: 12 380 266 496
Po spuštění: Volných bajtů: 12 333 686 784
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 443D71D1106ACC9B39014778EC1AF0E6
ComboFix 10-12-15.02 - Ales 15.12.2010 19:43:16.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2810 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ales\Plocha\žížala.com.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Ales\Data aplikací\Desktopicon
c:\documents and settings\Ales\Data aplikací\Desktopicon\config.ini
c:\documents and settings\All Users\Dokumenty\Settings
c:\windows\ST6UNST.000
c:\windows\system32\Dvbpws.dll
c:\windows\system32\Ijl11.dll
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-15 do 2010-12-15 )))))))))))))))))))))))))))))))
.
2010-12-14 19:46 . 2010-12-14 19:57 -------- d-----w- C:\UsbFix
2010-12-14 18:09 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-14 18:09 . 2010-12-14 18:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-14 18:09 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-14 17:29 . 2010-12-14 17:29 -------- d-----w- C:\_OTL
2010-12-12 15:56 . 2010-12-12 15:56 -------- d-----w- c:\program files\PopCap Games
2010-12-12 14:27 . 2010-12-12 14:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PopCap Games
2010-12-09 21:00 . 2010-12-12 19:58 -------- d-----w- c:\program files\CCleaner
2010-12-09 20:59 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-09 20:59 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-12-09 20:59 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-12-09 20:58 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-12-09 20:58 . 2010-09-07 15:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-12-09 20:58 . 2010-09-07 15:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-12-09 20:58 . 2010-09-07 15:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-12-09 20:58 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-12-09 20:58 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-12-09 20:58 . 2010-12-09 20:58 -------- d-----w- c:\program files\Alwil Software
2010-12-09 17:59 . 2010-12-09 17:59 -------- d-----w- c:\documents and settings\Ales\Local Settings\Data aplikací\{3248F0A6-6813-11D6-A77B-00B0D0150000}
2010-12-09 17:43 . 2010-12-09 17:43 -------- d-----w- c:\program files\WinASO
2010-12-09 17:15 . 2010-12-09 17:16 -------- dc-h--w- c:\windows\ie8
2010-12-05 16:38 . 2010-12-14 18:36 -------- d-----w- c:\program files\DiaryOne
2010-12-05 16:26 . 2010-12-05 16:26 -------- d-----w- c:\documents and settings\Ales\Data aplikací\TrayCalendar
2010-12-05 16:23 . 2010-12-05 16:23 -------- d-----w- c:\documents and settings\Ales\Data aplikací\Chaos Software
2010-12-05 16:23 . 2010-12-05 16:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Chaos Software
2010-12-05 14:34 . 2010-12-05 14:34 -------- d-----w- c:\documents and settings\Ales\Data aplikací\Konrad Papala
2010-12-05 13:00 . 2010-12-05 13:00 -------- d-----w- c:\documents and settings\Ales\Data aplikací\ZJSoftware
2010-12-05 12:33 . 2010-12-05 12:33 -------- d-----w- c:\documents and settings\Ales\Data aplikací\XemiComputers
2010-12-05 10:55 . 2010-12-05 10:55 -------- d-----w- c:\documents and settings\Ales\Data aplikací\ERGOM
2010-12-05 10:54 . 2010-12-05 10:54 -------- d-----w- c:\program files\Business Objects
2010-11-28 09:15 . 1999-09-10 11:06 5600 ----a-w- c:\windows\system\WINASPI.DLL
2010-11-28 09:15 . 1999-09-10 11:06 4672 ----a-w- c:\windows\system\WOWPOST.EXE
2010-11-27 13:18 . 2010-11-27 13:18 -------- d-----w- c:\documents and settings\Ales\Local Settings\Data aplikací\Electronic Arts
2010-11-27 00:06 . 2010-11-27 00:06 -------- d-----w- c:\program files\Fireluke
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-12 01:36 . 2009-11-05 15:13 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-12-12 01:36 . 2009-11-05 15:13 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-12-12 01:36 . 2009-03-01 19:00 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-12-11 23:28 . 2009-11-05 15:13 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2010-12-03 18:46 . 2009-06-01 21:01 475136 ------w- c:\windows\Setup1.exe
2010-12-03 18:46 . 2009-06-01 21:01 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-11-27 10:04 . 2009-11-05 15:13 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-23 21:42 . 2010-10-23 21:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-19 20:37 . 2008-10-04 12:12 22328 ----a-w- c:\documents and settings\Ales\Data aplikací\PnkBstrK.sys
2010-09-19 20:37 . 2010-05-27 18:38 2250024 ----a-w- c:\windows\system32\pbsvc.exe
2010-09-18 10:23 . 2004-08-17 13:49 974848 ------w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-17 13:49 974848 ------w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 14:00 954368 ------w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 14:00 953856 ------w- c:\windows\system32\mfc40u.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-07-31 139264]
"OEXPRESS"="c:\windows\OETRN.EXE" [2009-11-09 26624]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-25 39408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-11-15 2850816]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"AMTDeviceService"="c:\program files\AMT Media Manager\AMTDeviceService.exe" [2009-01-21 184320]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2009-10-28 81997]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"e:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"e:\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"e:\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.10.2010 22:31 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.12.2010 21:59 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.12.2010 21:59 17744]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [28.10.2009 16:35 9446]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (Video);c:\windows\system32\drivers\wfeaglxt.sys [2.10.2008 21:51 405632]
S2 gupdate;Služba Google Update (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\dragon age\bin_ship\daupdatersvc.service.exe [26.12.2009 9:01 25832]
S3 DIGIRPS;Ovladač Digi PortServer Driver;c:\windows\system32\drivers\digirlpt.sys [28.11.2009 19:33 42432]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [29.5.2010 11:04 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [29.5.2010 11:04 8320]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 XDva281;XDva281;\??\c:\windows\system32\XDva281.sys --> c:\windows\system32\XDva281.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
IE: DiaryOne: Save full text - c:\program files\DiaryOne\Script\fullcatcher.htm
IE: DiaryOne: Save selected text - c:\program files\DiaryOne\Script\catcher.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B} - c:\program files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe
AddRemove-{8CFA9151-6404-409A-AF22-4632D04582FD} - c:\program files\InstallShield Installation Information\{8CFA9151-6404-409A-AF22-4632D04582FD}\setup.exe
AddRemove-{ABB70F8E-B6BE-43F6-A9A9-46F21C5C22FE} - c:\program files\InstallShield Installation Information\{ABB70F8E-B6BE-43F6-A9A9-46F21C5C22FE}\setup.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-15 19:45
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0CFCE647-8B7D-FDC9-CAAA-30D2BBB939F8}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:16,14,7e,3e,f9,c1,ad,28,5d,8b,e1,53,15,00,07,91,b8,4b,cd,53,e9,a0,a5,
b6,5f,87,78,1e,17,e1,97,73,16,56,99,33,0a,26,34,8b,ca,16,8c,8d,37,6b,47,00,\
"??"=hex:25,37,22,6c,20,3a,78,8f,8b,c0,d1,01,fd,51,a6,28
[HKEY_USERS\S-1-5-21-746137067-1292428093-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:0d,dd,55,5a,51,74,64,ed,b7,45,88,a9,d0,ad,e7,6f,26,80,8a,e0,f0,
fd,12,76,51,75,fb,5c,91,0a,5f,a1,dc,b4,f1,51,58,65,b6,70,e4,dd,5b,75,96,5a,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-12-15 19:47:06
ComboFix-quarantined-files.txt 2010-12-15 18:47
Před spuštěním: Volných bajtů: 12 380 266 496
Po spuštění: Volných bajtů: 12 333 686 784
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 443D71D1106ACC9B39014778EC1AF0E6
Re: Problém s javou a flash playerem
Pokud nemáte, přesuňte Combofix na plochu-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
Driver::
XDva281
Collect::
c:\windows\system32\XDva281.sys
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Otestujte na www.virustotal.comc:\windows\system\WINASPI.DLL
c:\windows\system\WOWPOST.EXE
-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?