Problém s uživatelským profilem

Zpráva

mwp · #1 Příspěvek od **mwp** » 25 led 2011 22:48

Dobrý den,
prosím o kontrolu logu. Provedl jsem obnovení systému, protože po přihlášení uživatele se zobrazila pouze plocha bez ikon a nabídky Start. Ikony i nabídka Start se objevily až podlouhé době (asi po pěti minutách). Poprvé se tento problém objevil po přihlášení uživatele "S omezeným přístupem", po restartu měl stejný problém i účet správce. Po obnovení systému se zdá být vše v pořádku, jen Anvir Task Manager free zobrazuje ovladač, který má po každém restartu jiný název a chybí u něho verze, velikost a datum souboru, např.:
Stav Typ start Plná cesta
Running In Kernel spik.sys

Děkuji za Váš čas.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-01-24 20:28:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (8%) free of 19 GB
Total RAM: 1023 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:02, on 24.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\ctfmon.exe
E:\Program Files\System Mechanic 6\SMSystemAnalyzer.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
e:\Z Internetu\RSIT_HiJackThis\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Kwyshell MidpX BHO - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - E:\111\MidpX\JadInvoker\MidpInvoker.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: Kwyshell MidpX - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - E:\111\MidpX\JadInvoker\MidpInvoker.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe"
O4 - HKLM\..\Run: [ioloDelayModule] "E:\Program Files\System Mechanic 6\delay.exe"
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [ANIWZCS2Service] "C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] "C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe"
O4 - HKLM\..\Run: [WinFastDTV] "C:\Program Files\WinFast\WFDTV\DTVSchdl.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SMSystemAnalyzer] "E:\Program Files\System Mechanic 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [WinFast Schedule] "C:\Program Files\WinFast\WFDTV\WFWIZ.exe"
O4 - HKCU\..\Run: [QuickTime Task] "E:\Program Files\QTTask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: L Ile Noyee Drivers Auto Removal (pr2ajbeb) (pr2ajbeb) - Micro Application - C:\WINDOWS\system32\pr2ajbeb.exe
O23 - Service: Tortuga Two Treasures Drivers Auto Removal (pr2ajwqc) (pr2ajwqc) - Cenega Czech - C:\WINDOWS\system32\pr2ajwqc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 10606 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Install.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}]
Kwyshell MidpX - E:\111\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2007-05-16 269632]
{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - Kwyshell MidpX - E:\111\MidpX\JadInvoker\MidpInvoker.dll [2004-12-03 100864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"=C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2004-11-02 32768]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ioloDelayModule"=E:\Program Files\System Mechanic 6\delay.exe [2005-06-08 96256]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2008-02-21 453936]
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2007-01-19 49152]
"D-Link D-Link Wireless N DWA-140"=C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe [2007-03-14 1388544]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2010-04-07 79360]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"QuickTime Task"=E:\Program Files\QTTask.exe [2010-11-29 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-01-11 577536]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2011-01-23 340520]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SMSystemAnalyzer"=E:\Program Files\System Mechanic 6\SMSystemAnalyzer.exe [2006-12-20 557056]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-03-25 2924544]
"QuickTime Task"=E:\Program Files\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
E:\Hry\Steam\Steam.exe [2010-11-17 1242448]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoRecentDocsNetHood"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=351
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.js - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2011-01-23 15:47:07 ----D---- C:\Program Files\Kaspersky Lab
2011-01-23 15:47:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2011-01-23 15:46:49 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2011-01-23 15:31:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files
2011-01-23 13:34:21 ----D---- C:\Documents and Settings\Administrator\Data aplikací\AVG
2011-01-21 20:44:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2011-01-21 20:24:15 ----D---- C:\AVGTemp
2011-01-20 22:03:53 ----D---- C:\Documents and Settings\Administrator\Data aplikací\AVG10
2011-01-20 19:47:15 ----D---- C:\Program Files\MSSOAP
2011-01-20 19:47:02 ----D---- C:\Program Files\Webroot
2011-01-20 15:03:48 ----A---- C:\avenger.txt
2011-01-20 13:44:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-01-20 13:44:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-01-19 18:32:28 ----D---- C:\rsit
2011-01-19 13:37:55 ----D---- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
2011-01-19 13:19:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2011-01-15 15:28:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-13 21:53:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\OnLive App
2011-01-13 21:30:09 ----A---- C:\ioSpecial.ini
2011-01-13 18:16:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
2011-01-10 10:47:36 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
2011-01-10 10:13:03 ----A---- C:\WINDOWS\SWREG.exe
2011-01-10 10:13:02 ----A---- C:\WINDOWS\RSETPATH.exe
2011-01-10 10:12:57 ----A---- C:\WINDOWS\PEV.exe
2011-01-10 10:12:57 ----A---- C:\WINDOWS\NIRCMD.exe
2011-01-10 07:00:26 ----D---- C:\WINDOWS\system32\dumps
2011-01-09 20:58:18 ----A---- C:\WINDOWS\system32\javaws.exe
2011-01-09 20:58:18 ----A---- C:\WINDOWS\system32\javaw.exe
2011-01-09 20:58:18 ----A---- C:\WINDOWS\system32\java.exe
2011-01-09 20:39:42 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2011-01-09 20:35:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-01-09 19:38:56 ----D---- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
2011-01-09 19:37:18 ----A---- C:\WINDOWS\d.ini
2011-01-09 19:34:27 ----D---- C:\Program Files\Winamp Detect
2011-01-09 19:21:21 ----D---- C:\Program Files\Common Files\Java
2011-01-09 19:21:00 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-01-09 13:15:44 ----D---- C:\Program Files\WinPcap
2011-01-04 23:49:14 ----A---- C:\WINDOWS\system32\IJL_11.DLL
2011-01-02 09:07:05 ----D---- C:\Program Files\Codemasters
2011-01-01 15:24:57 ----N---- C:\WINDOWS\system32\spmsg2.dll
2011-01-01 15:24:49 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-01-01 15:22:17 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-01 15:22:13 ----D---- C:\Program Files\MSBuild

======List of files/folders modified in the last 1 months======

2011-01-24 20:29:01 ----D---- C:\WINDOWS\Prefetch
2011-01-24 20:29:00 ----D---- C:\Program Files\trend micro
2011-01-24 20:28:37 ----A---- C:\WINDOWS\wincmd.ini
2011-01-24 20:17:43 ----HD---- C:\WINDOWS\Temp
2011-01-24 20:16:46 ----SHD---- C:\WINDOWS\CSC
2011-01-24 20:16:44 ----D---- C:\WINDOWS\Minidump
2011-01-24 20:16:29 ----D---- C:\WINDOWS
2011-01-24 20:00:39 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-01-24 19:43:31 ----SHD---- C:\WINDOWS\Installer
2011-01-24 19:23:07 ----D---- C:\Program Files\HTC
2011-01-24 19:21:53 ----HD---- C:\WINDOWS\inf
2011-01-24 19:21:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-24 19:21:53 ----D---- C:\Program Files
2011-01-24 19:21:51 ----D---- C:\WINDOWS\system32\drivers
2011-01-24 19:21:51 ----D---- C:\WINDOWS\system32
2011-01-24 19:21:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-23 15:12:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-23 13:26:14 ----D---- C:\Program Files\AVG
2011-01-22 18:10:46 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-21 20:31:33 ----D---- C:\WINDOWS\system32\wbem
2011-01-20 21:18:19 ----D---- C:\WINDOWS\Tasks
2011-01-20 21:18:19 ----D---- C:\Documents and Settings
2011-01-20 20:09:57 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-20 19:47:49 ----A---- C:\WINDOWS\win.ini
2011-01-20 15:50:01 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-20 15:50:01 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TweakNow PowerPack 2009
2011-01-20 15:04:51 ----D---- C:\Avenger
2011-01-20 13:11:39 ----D---- C:\Program Files\ATI Technologies
2011-01-20 13:11:10 ----RSD---- C:\WINDOWS\assembly
2011-01-20 13:11:10 ----D---- C:\WINDOWS\WinSxS
2011-01-20 12:42:34 ----D---- C:\WINDOWS\system32\NtmsData
2011-01-20 12:29:13 ----D---- C:\WINDOWS\Registration
2011-01-20 10:12:41 ----D---- C:\Program Files\Zacek v1.1
2011-01-20 10:04:33 ----D---- C:\Program Files\nLite
2011-01-20 10:03:31 ----D---- C:\WINDOWS\java
2011-01-20 10:03:31 ----D---- C:\Program Files\MySpeed Personal Edition
2011-01-19 20:38:24 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-19 18:36:02 ----D---- C:\Program Files\SpeedFan
2011-01-18 23:30:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-01-17 23:03:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tablet
2011-01-17 22:08:49 ----SHD---- C:\RECYCLER
2011-01-15 17:34:51 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2011-01-15 15:27:32 ----D---- C:\WINDOWS\system32\config
2011-01-15 14:19:14 ----D---- C:\Program Files\UPM
2011-01-15 13:45:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Western Digital
2011-01-15 12:41:45 ----D---- C:\Program Files\Ultimate Process Manager
2011-01-13 21:59:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-13 21:57:46 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-13 21:52:13 ----RSD---- C:\WINDOWS\Fonts
2011-01-10 10:34:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-10 10:32:34 ----D---- C:\WINDOWS\system32\Macromed
2011-01-09 20:58:15 ----D---- C:\Program Files\Java
2011-01-09 20:27:22 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-09 20:22:02 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-01-09 19:37:54 ----D---- C:\Program Files\WinRAR
2011-01-09 19:37:19 ----D---- C:\Program Files\totalcmd
2011-01-09 19:34:39 ----D---- C:\Program Files\Winamp
2011-01-09 19:32:32 ----D---- C:\Program Files\SlySoft
2011-01-09 19:24:01 ----D---- C:\WINDOWS\system32\DirectX
2011-01-09 19:23:32 ----D---- C:\WINDOWS\Logs
2011-01-09 19:21:21 ----D---- C:\Program Files\Common Files
2011-01-09 19:20:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-09 19:11:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-01-09 18:19:24 ----D---- C:\tmp
2011-01-09 17:02:50 ----A---- C:\WINDOWS\SysMech6.INI
2011-01-09 16:58:53 ----D---- C:\Program Files\Mozilla Firefox
2011-01-07 12:53:11 ----D---- C:\Domaci ucetnictvi
2011-01-01 16:58:08 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-01 15:24:37 ----D---- C:\WINDOWS\system32\cs-cz

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 hotcore3;Hotcore helper; C:\WINDOWS\system32\DRIVERS\hotcore3.sys [2008-09-26 40496]
R0 klbg;Kaspersky Lab Boot Guard Driver; C:\WINDOWS\system32\drivers\klbg.sys [2009-10-14 36880]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2005-06-28 88960]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 pe3ajbeb;L Ile Noyee Environment Driver (pe3ajbeb); C:\WINDOWS\system32\drivers\pe3ajbeb.sys [2007-08-22 64632]
R0 pe3ajwqc;Tortuga Two Treasures Environment Driver (pe3ajwqc); C:\WINDOWS\system32\drivers\pe3ajwqc.sys [2007-04-16 65424]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 ps6ajwqc;Tortuga Two Treasures Synchronization Driver (ps6ajwqc); C:\WINDOWS\system32\drivers\ps6ajwqc.sys [2007-04-16 53144]
R0 ps7ajbeb;L Ile Noyee Synchronization Driver (ps7ajbeb); C:\WINDOWS\system32\drivers\ps7ajbeb.sys [2007-08-22 68736]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-08-11 59776]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2009-07-16 132224]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-15 715248]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2009-07-16 368480]
R0 timounter;Seagate DiscWizard Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2009-07-16 441760]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 kl1;Kl1; \??\C:\WINDOWS\system32\drivers\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2011-01-23 315408]
R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [2008-09-26 129824]
R1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [2008-09-26 32048]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R1 wfcxacap;WinFast TV PCI Audio Capture Driver; C:\WINDOWS\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-02-09 271360]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-02-09 18048]
R2 litsgt;litsgt; C:\WINDOWS\system32\DRIVERS\litsgt.sys [2009-01-12 137344]
R2 tansgt;tansgt; C:\WINDOWS\system32\DRIVERS\tansgt.sys [2009-01-12 12032]
R2 tifsfilter;Seagate DiscWizard FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-07-16 44384]
R2 wfcxatun;WinFast TV Analog Tuner Driver; C:\WINDOWS\system32\drivers\wfcxatun.sys [2007-09-19 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver; C:\WINDOWS\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-01-13 3844288]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2009-04-22 42552]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-09-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-13 12160]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2008-02-05 59960]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver; C:\WINDOWS\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver; C:\WINDOWS\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver; C:\WINDOWS\system32\drivers\wfcxxbar.sys [2007-09-19 10496]
S1 ATITool;ATITool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\ATITool.sys [2005-09-26 24064]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []
S3 HWACCESS;HWACCESS; \??\C:\WINDOWS\SYSTEM32\HWACCESS.SYS []
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-07-09 52096]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2007-03-13 476416]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]
S3 WINFLASH;WINFLASH; \??\E:\Tools\Bios DFI\Winflash192\WinFlash.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2011-01-23 340520]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2005-05-04 9150464]
R2 SgtSch2Svc;Seagate Scheduler2 Service; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [2008-06-24 431384]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-06-14 604488]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2007-01-19 49152]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 pr2ajwqc;Tortuga Two Treasures Drivers Auto Removal (pr2ajwqc); C:\WINDOWS\system32\pr2ajwqc.exe [2007-04-16 407184]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-01-17 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pr2ajbeb;L Ile Noyee Drivers Auto Removal (pr2ajbeb); C:\WINDOWS\system32\pr2ajbeb.exe [2007-08-22 411000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-06-14 361288]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 26 led 2011 06:42

Dobré ranko

Používáte Daemon nebo alcohol?

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

mwp · #3 Příspěvek od **mwp** » 26 led 2011 10:07

Dobré dopoledne,

Deamon Tools Lite jsem používal, nyní by měl být odinstalován.

Bohužel, odpověď i s logy má 132281 znaků. Mám logy rozdělit do více odpovědí nebo je zaslat jiným způsobem?

Děkuji.

#4 Příspěvek od **motji** » 26 led 2011 10:49

Rozdělte ho do více příspěvků

mwp · #5 Příspěvek od **mwp** » 26 led 2011 12:46

1. část
OTL Extras logfile created on: 26.1.2011 9:26:04 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = e:\Z Internetu\Řešení\001
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 608,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 1,46 Gb Free Space | 7,82% Space Free | Partition Type: NTFS
Drive E: | 279,45 Gb Total Space | 45,57 Gb Free Space | 16,31% Space Free | Partition Type: NTFS

Computer Name: QV59ZRI1U5 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{083F79E4-6FE9-46FB-A6C6-4F8862742947}" = ATI HYDRAVISION
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22CA391A-0589-403F-98AF-8030513E7C3A}" = Castle Strike
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = WinFast Codec-TS SDK
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CB05291-F546-458E-A796-B5BCF5A3CDC4}" = Studio 10
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1" = Ashampoo Home Designer1.0.0
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{493DD068-D1BC-4B86-955A-4BE9ECEA45EE}" = GameShadow
"{49993B6D-4D78-4A55-9390-15E63BCE83F6}" = AMD Power Monitor
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4FAA46FA-D8C1-488C-A979-83F41BB1E1DA}_is1" = Fritz 9
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AA22840-0A40-4CA4-8753-A91A1BEC652C}" = Rush for Berlin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B94C77C-6A7F-4297-BFB3-D5CD2FE6D20D}" = Cryostasis
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB445D0-CD91-47CC-B1A9-A654B4B261E4}" = AMD CPUInfo
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2B09E2-6B04-4960-B780-4B0CE90780EE}" = LightScribe 1.4.39.1
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D361950-BDB3-40CF-B57C-53F9F4E5048A}" = Cars Demo
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9701A4CC-C144-4482-9776-B64BF4A5343F}" = Resident Evil 3
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = WinFast De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9B2E05E8-C3C4-407F-8197-C17E9740F640}" = Ground Control II
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky internet security 2010
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA01BA34-88F7-436D-822A-35324727C4C1}" = O&O UnErase
"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 4.2.2
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = WinFast TT-SB SDK
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBF51613-ACF3-4B1C-86E8-AD15BB431037}" = Tribes Vengeance
"{BD7D5903-CACF-4974-979F-B2523B75E544}" = n-Track Studio 6
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C7DD94A8-F775-426C-B56C-8E555A59F9E2}" = Garmin Communicator Plugin
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link Wireless N DWA-140
"{D92CE464-8009-4324-9C41-62F27086B597}" = Port Royale
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBC1761A-0C31-43CA-A659-FBD3EC1D5C86}_is1" = City Life
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (PINNACLESYS)
"{E655FF26-A57F-4411-8468-47D153E699E9}" = Battlefield 2142 Server
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}" = Battlefield 2142
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2981339-823E-4C62-9C6F-6733BAEE9EF5}" = Paragon Hard Disk Manager 9.5 Special Edition
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F43D5CA6-1F22-436D-AF64-B254E7F1FC3D}" = IP Camera Adapter
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF1482CF-D19B-44DD-B887-9698CB51DFD5}" = Studio 10.8 Patch
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{Medieval Lords}" = Medieval Lords
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"AnVir Task Manager Free" = AnVir Task Manager Free
"Any Video Converter_is1" = Any Video Converter 2.7.8
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Astro Avenger 2_is1" = Astro Avenger 2
"ATI Display Driver" = ATI Display Driver
"Blender" = Blender (remove only)
"CCleaner" = CCleaner
"CoD 2 čeština_is1" = CoD 2 čeština 1.1
"CursorFX" = CursorFX
"DesetiPrsty" = DesetiPrsty 4.42
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"du82_is1" = Domácí účetnictví, v.8.2.2
"EasyLanguage_is1" = EasyLanguage
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"Foxit Reader" = Foxit Reader
"GameSpy Arcade" = GameSpy Arcade
"HF_ASISTENT" = Happy Foto HF Asistent (Jen odstranit)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"Inno Setup 5_is1" = Inno Setup verze 5.3.5
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{9B2E05E8-C3C4-407F-8197-C17E9740F640}" = Ground Control II
"InstallShield_{BBF51613-ACF3-4B1C-86E8-AD15BB431037}" = Tribes Vengeance
"InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky internet security 2010
"IrfanView" = IrfanView (remove only)
"JackNorm01_SinkingIsland_is1" = Sinking Island
"Kwyshell MidpX Emulator Package" = Kwyshell MidpX Emulator Package 1.3.1
"LANGMaster Zábavná ŠKOLA_is1" = LANGMaster Zábavná ŠKOLA
"Language Manager_is1" = Language Manager
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Miranda IM" = Miranda IM 0.8.1
"Motocross Madness 2" = Microsoft Motocross Madness 2
"Mount&Blade" = Mount&Blade
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"nLite_is1" = nLite 1.4.1
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PC Translator" = PC Translator
"Plane Arcade" = Plane Arcade
"Plato Video Converter_is1" = Plato Video Converter 5.68
"PSPad editor_is1" = PSPad editor
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Scorpions WinCheater 2.07 (s databází 110)_is1" = Scorpions WinCheater
"Scorpions WinCheater 2.07 (s databází 92)_is1" = Scorpions WinCheater
"SMail" = Seznam Pošťák
"SmartMaps Router - Evropa_is1" = SmartMaps Router - Evropa 1.6.4.6
"SmartPCRecorder" = Smart PC Recorder - by freebird
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Alík - Veselá matematika
"Sweet Home 3D_is1" = Sweet Home 3D version 2.1
"System Mechanic 6_is1" = iolo technologies' System Mechanic 6
"TmNations_is1" = TrackMania Nations ESWC 0.1.7.5
"Tortuga - Two Treasures_is1" = Tortuga - Two Treasures
"Totalcmd" = Total Commander (Remove or Repair)
"Volvo - The Game_is1" = Volvo - The Game
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Audio Recorder Professional_is1" = Windows Audio Recorder Professional 4.08
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WinX Free AVI to 3GP Converter_is1" = WinX Free AVI to 3GP Converter 4.0.8
"XP Codec Pack" = XP Codec Pack
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XviD" = XviD MPEG-4 Codec
"Zacek v1.1" = Zacek v1.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21.1.2011 15:31:43 | Computer Name = QV59ZRI1U5 | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET.MOF.

Error - 21.1.2011 15:31:46 | Computer Name = QV59ZRI1U5 | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF.

Error - 21.1.2011 15:31:46 | Computer Name = QV59ZRI1U5 | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\ASPNET.MOF.

Error - 21.1.2011 15:31:46 | Computer Name = QV59ZRI1U5 | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF.

Error - 21.1.2011 15:31:46 | Computer Name = QV59ZRI1U5 | Source = WinMgmt | ID = 4
Description = Při obnovování souboru úložiště se nepodařilo načíst soubor MOF C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS
COMMUNICATION FOUNDATION\SERVICEMODEL.MOF.

Error - 22.1.2011 12:30:53 | Computer Name = QV59ZRI1U5 | Source = Application Error | ID = 1000
Description = Chybující aplikace mcm2.exe, verze 20.13.4.2901, chybující modul ntdll.dll,
verze 5.1.2600.6007, adresa chyby 0x00019fca.

Error - 22.1.2011 12:53:03 | Computer Name = QV59ZRI1U5 | Source = Application Error | ID = 1000
Description = Chybující aplikace mcm2.exe, verze 20.13.4.2901, chybující modul ntdll.dll,
verze 5.1.2600.6007, adresa chyby 0x00019fca.

Error - 23.1.2011 8:10:55 | Computer Name = QV59ZRI1U5 | Source = MsiInstaller | ID = 10005
Description = Produkt: AVG 2011 -- Chyba 27050. CA_Error 27050: FWWiz: Příprava
defaultní konfigurace firewallu selhala: 0xE0010040

Error - 24.1.2011 14:41:14 | Computer Name = QV59ZRI1U5 | Source = MsiInstaller | ID = 11316
Description = Produkt: Rayman3 - Chyba 1316. Při pokusu o čtení ze souboru C:\WINDOWS\Installer\Rayman3.msi
došlo k síťové chybě.

Error - 24.1.2011 14:43:31 | Computer Name = QV59ZRI1U5 | Source = MsiInstaller | ID = 11316
Description = Product: CodeRED -- Error 1316.A network error occurred while attempting
to read from the file C:\WINDOWS\Installer\CodeRED.msi

[ System Events ]
Error - 15.1.2011 8:23:26 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:26:06 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:28:06 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:30:06 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:32:06 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:34:06 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:36:06 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:47:07 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:48:14 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

Error - 15.1.2011 8:50:07 | Computer Name = QV59ZRI1U5 | Source = Service Control Manager | ID = 7024
Description = Služba Správce vzdáleného přístupu ukončena s chybou 3221356592 (0xC0020030),
specifickou pro službu.

[ TuneUp Events ]
Error - 24.1.2011 10:54:08 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
OR REPLACE INTO StartMenuEntries (ProductID, AnalyzeTime, Outdated, NrOfEntries)
VALUES ('M32:InstallShield_{BBF51613-ACF3-4B1C-86E8-AD15BB431037}', '2011-01-24
15:54:07', '0', '3')

Error - 24.1.2011 10:54:09 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2011-01-24 15:54:09',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps

Error - 24.1.2011 14:40:37 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
OR REPLACE INTO StartMenuEntries (ProductID, AnalyzeTime, Outdated, NrOfEntries)
VALUES ('M32:InstallShield_{BBF51613-ACF3-4B1C-86E8-AD15BB431037}', '2011-01-24
19:40:08', '0', '3')

Error - 24.1.2011 14:40:39 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2011-01-24 19:40:39',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps

Error - 24.1.2011 16:17:55 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
OR REPLACE INTO StartMenuEntries (ProductID, AnalyzeTime, Outdated, NrOfEntries)
VALUES ('M32:InstallShield_{BBF51613-ACF3-4B1C-86E8-AD15BB431037}', '2011-01-24
21:17:38', '0', '3')

Error - 24.1.2011 16:17:56 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2011-01-24 21:17:56',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps

Error - 25.1.2011 15:39:17 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2011-01-25 20:39:17',
3, Resumed FROM ActiveApps;DELETE FROM ActiveApps

Error - 25.1.2011 16:07:36 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
OR REPLACE INTO StartMenuEntries (ProductID, AnalyzeTime, Outdated, NrOfEntries)
VALUES ('M32:InstallShield_{BBF51613-ACF3-4B1C-86E8-AD15BB431037}', '2011-01-25
21:07:14', '0', '3')

Error - 25.1.2011 16:07:38 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2011-01-25 21:07:38',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps

Error - 25.1.2011 17:43:52 | Computer Name = QV59ZRI1U5 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
OR REPLACE INTO StartMenuEntries (ProductID, AnalyzeTime, Outdated, NrOfEntries)
VALUES ('M32:InstallShield_{BBF51613-ACF3-4B1C-86E8-AD15BB431037}', '2011-01-25
22:43:51', '0', '3')
< End of report >

mwp · #6 Příspěvek od **mwp** » 26 led 2011 12:49

2. část
OTL logfile created on: 26.1.2011 9:26:04 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = e:\Z Internetu\Řešení\001
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 608,00 Mb Available Physical Memory | 59,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 18,63 Gb Total Space | 1,46 Gb Free Space | 7,82% Space Free | Partition Type: NTFS
Drive E: | 279,45 Gb Total Space | 45,57 Gb Free Space | 16,31% Space Free | Partition Type: NTFS

Computer Name: QV59ZRI1U5 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.26 08:40:50 | 000,602,624 | ---- | M] (OldTimer Tools) -- e:\Z Internetu\Řešení\001\OTL.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.06.14 10:47:55 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2010.04.07 17:07:12 | 000,079,360 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.06.24 18:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.14 17:29:20 | 001,388,544 | ---- | M] (D-Link) -- C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe
PRC - [2007.01.19 10:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2006.12.20 11:38:00 | 000,557,056 | ---- | M] () -- E:\Program Files\System Mechanic 6\SMSystemAnalyzer.exe
PRC - [2006.01.11 08:08:00 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005.05.04 00:04:28 | 009,150,464 | ---- | M] (Microsoft Corporation) -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
PRC - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004.11.02 19:24:46 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe

========== Modules (SafeList) ==========

MOD - [2011.01.26 08:40:50 | 000,602,624 | ---- | M] (OldTimer Tools) -- e:\Z Internetu\Řešení\001\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PnkBstrA)
SRV - [2011.01.23 15:59:22 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
SRV - [2010.09.05 13:11:06 | 000,214,864 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\PnkBstrB.xtr -- (PnkBstrB)
SRV - [2010.06.14 10:47:55 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.06.14 10:47:52 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.03.18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.17 08:54:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.11.16 11:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.06.24 18:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.08.22 17:31:31 | 000,411,000 | ---- | M] (Micro Application) [On_Demand | Stopped] -- C:\WINDOWS\System32\pr2ajbeb.exe -- (pr2ajbeb) L Ile Noyee Drivers Auto Removal (pr2ajbeb)
SRV - [2007.04.16 10:29:28 | 000,407,184 | ---- | M] (Cenega Czech) [Auto | Stopped] -- C:\WINDOWS\System32\pr2ajwqc.exe -- (pr2ajwqc) Tortuga Two Treasures Drivers Auto Removal (pr2ajwqc)
SRV - [2007.01.19 10:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2005.05.04 00:04:28 | 009,150,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe -- (MSSQL$PINNACLESYS)
SRV - [2005.05.03 21:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- E:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE -- (SQLAgent$PINNACLESYS)
SRV - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

========== Driver Services (SafeList) ==========

DRV - [2011.01.23 15:46:49 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010.04.14 15:02:24 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2010.02.11 08:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.12.21 20:39:14 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2009.12.21 20:39:12 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2009.10.14 20:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\klbg.sys -- (klbg)
DRV - [2009.10.02 18:39:44 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009.09.14 13:42:46 | 000,032,272 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009.09.01 14:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl1.sys -- (kl1)
DRV - [2009.07.16 01:11:32 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009.07.16 01:11:32 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009.07.16 01:11:24 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2009.07.16 01:11:15 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2009.04.22 13:32:20 | 000,042,552 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.02.09 17:09:17 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.02.09 17:09:17 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.01.12 17:18:17 | 000,137,344 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\litsgt.sys -- (litsgt)
DRV - [2009.01.12 17:18:17 | 000,012,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tansgt.sys -- (tansgt)
DRV - [2008.09.26 17:06:24 | 000,129,824 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2008.09.26 17:06:24 | 000,040,496 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2008.09.26 17:06:24 | 000,032,048 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.14 00:16:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.14 00:16:22 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.02.12 02:42:38 | 000,232,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VMM.sys -- (vmm)
DRV - [2008.02.05 00:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2008.01.15 19:24:36 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.09.19 13:37:58 | 000,031,744 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wfcxatun.sys -- (wfcxatun)
DRV - [2007.09.19 11:12:52 | 000,021,248 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfcxdtun.sys -- (wfcxdtun)
DRV - [2007.09.19 11:10:32 | 000,167,040 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wfcxvcap.sys -- (WFCXVCAP)
DRV - [2007.09.19 11:09:52 | 000,010,496 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfcxxbar.sys -- (wfcxxbar)
DRV - [2007.09.19 11:09:42 | 000,015,872 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfcxtcap.sys -- (wfcxtcap)
DRV - [2007.09.19 11:09:32 | 000,009,856 | ---- | M] (Leadtek Research Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\wfcxacap.sys -- (wfcxacap)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.08.22 17:31:01 | 000,064,632 | ---- | M] (Micro Application) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3ajbeb.sys -- (pe3ajbeb) L Ile Noyee Environment Driver (pe3ajbeb)
DRV - [2007.08.22 17:30:32 | 000,068,736 | ---- | M] (Micro Application) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps7ajbeb.sys -- (ps7ajbeb) L Ile Noyee Synchronization Driver (ps7ajbeb)
DRV - [2007.04.16 10:29:08 | 000,065,424 | ---- | M] (Cenega Czech) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3ajwqc.sys -- (pe3ajwqc) Tortuga Two Treasures Environment Driver (pe3ajwqc)
DRV - [2007.04.16 10:28:48 | 000,053,144 | ---- | M] (Cenega Czech) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps6ajwqc.sys -- (ps6ajwqc) Tortuga Two Treasures Synchronization Driver (ps6ajwqc)
DRV - [2007.03.13 11:35:56 | 000,476,416 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2007.01.12 09:54:50 | 000,010,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- E:\Tools\Bios DFI\Winflash192\WinFlash.sys -- (WINFLASH)
DRV - [2006.11.07 08:42:30 | 000,086,368 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200obex.sys -- (w200obex)
DRV - [2006.11.07 08:42:28 | 000,088,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mgmt.sys -- (w200mgmt) Sony Ericsson W200 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.07 08:42:24 | 000,097,056 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdm.sys -- (w200mdm)
DRV - [2006.11.07 08:42:22 | 000,009,328 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200mdfl.sys -- (w200mdfl)
DRV - [2006.11.07 08:42:16 | 000,061,504 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w200bus.sys -- (w200bus) Sony Ericsson W200 driver (WDM)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.08.11 14:47:13 | 000,059,776 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.07.05 13:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV - [2006.07.01 21:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2006.03.26 13:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.01.13 06:39:00 | 003,844,288 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.12.11 10:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.09.26 10:24:38 | 000,024,064 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2005.06.28 06:25:44 | 000,088,960 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2005.06.02 19:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.04.05 20:22:30 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.05 20:22:28 | 000,033,536 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.02.09 11:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2004.09.03 18:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.09.03 18:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.09 04:26:38 | 000,052,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2001.09.30 11:43:47 | 000,006,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\HWACCESS.SYS -- (HWACCESS)
DRV - [2001.08.17 20:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-682003330-2139871995-839522115-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-682003330-2139871995-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-682003330-2139871995-839522115-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.selectedEngine: "WebHledani"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.09 19:12:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.01.09 19:34:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2011.01.23 15:47:33 | 000,000,000 | ---D | M]

[2009.02.08 17:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2011.01.24 16:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lfxn1qvc.default\extensions
[2011.01.07 10:35:34 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lfxn1qvc.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.07.29 09:35:11 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lfxn1qvc.default\searchplugins\bigseekpro.xml
[2011.01.24 16:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.09 19:21:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.09 20:58:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.01.23 15:47:57 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LFXN1QVC.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}
[2011.01.09 19:20:39 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.02.19 22:08:51 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010.03.26 16:09:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.26 16:09:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.26 16:09:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.26 16:09:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.26 16:09:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.01.20 21:18:19 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - E:\111\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - E:\111\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-682003330-2139871995-839522115-500\..\Toolbar\ShellBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - E:\111\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O3 - HKU\S-1-5-21-682003330-2139871995-839522115-500\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-682003330-2139871995-839522115-500\..\Toolbar\WebBrowser: (Kwyshell MidpX) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - E:\111\MidpX\JadInvoker\MidpInvoker.dll (Kwyshell G.Corp)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\D-Link Wireless N DWA-140\AirNCFG.exe (D-Link)
O4 - HKLM..\Run: [ioloDelayModule] E:\Program Files\System Mechanic 6\delay.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [QuickTime Task] E:\Program Files\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SMail] C:\Program Files\Seznam\Postak\Postak.exe (Seznam.cz a.s.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-682003330-2139871995-839522115-500..\Run: [QuickTime Task] E:\Program Files\QTTask.exe (Apple Inc.)
O4 - HKU\S-1-5-21-682003330-2139871995-839522115-500..\Run: [SMSystemAnalyzer] E:\Program Files\System Mechanic 6\SMSystemAnalyzer.exe ()
O4 - HKU\S-1-5-21-682003330-2139871995-839522115-500..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 351
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-682003330-2139871995-839522115-500\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-682003330-2139871995-839522115-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O9 - Extra Button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.01.15 19:43:53 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{f813c79a-1d6b-11df-b62f-001cf08f056a}\Shell - "" = AutoRun
O33 - MountPoints2\{f813c79a-1d6b-11df-b62f-001cf08f056a}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (smrgdf e:\program files\system mechanic 6\) - File not found
O34 - HKLM BootExecute: (iolobtdfg c:\windows\system32) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.I263 - C:\WINDOWS\System32\i263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvid.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65315805348233216)

========== Files/Folders - Created Within 30 Days ==========

[2011.01.24 14:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Happy Foto
[2011.01.23 15:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2011.01.23 15:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
[2011.01.23 15:47:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Kaspersky internet security 2010
[2011.01.23 15:46:49 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011.01.23 15:42:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2011.01.23 15:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab Setup Files
[2011.01.23 13:34:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2011.01.23 13:26:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG PC Tuneup 2011
[2011.01.21 20:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2011.01.21 20:24:15 | 000,000,000 | ---D | C] -- C:\AVGTemp
[2011.01.20 22:03:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2011.01.20 19:47:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSSOAP
[2011.01.20 19:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\Webroot
[2011.01.20 13:44:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Spybot - Search & Destroy
[2011.01.20 13:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.01.20 13:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2011.01.19 18:32:28 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.19 13:37:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
[2011.01.19 13:19:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2011.01.13 21:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\OnLive App
[2011.01.13 18:16:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2011.01.10 10:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.01.10 10:13:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.01.10 10:13:02 | 000,041,219 | ---- | C] (Pinnacle Systems) -- C:\WINDOWS\RSETPATH.exe
[2011.01.10 10:12:57 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.01.10 07:00:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dumps
[2011.01.09 22:19:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\AVG Security Toolbar
[2011.01.09 20:58:18 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.01.09 20:58:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.01.09 20:58:18 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.01.09 20:39:42 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.01.09 20:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.01.09 19:38:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2011.01.09 19:34:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Winamp Detector Plug-in
[2011.01.09 19:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2011.01.09 19:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.01.09 19:21:00 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.01.09 19:21:00 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.01.09 19:12:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
[2011.01.09 13:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011.01.04 23:49:21 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSWINSCK.OCX
[2011.01.04 23:49:14 | 000,372,736 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\IJL_11.DLL
[2011.01.03 17:53:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Metin2
[2011.01.02 09:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2011.01.01 15:24:57 | 000,014,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg2.dll
[2011.01.01 15:22:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011.01.01 15:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2004.11.24 19:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.26 09:26:00 | 000,005,106 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.01.26 09:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.01.26 09:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2011.01.26 08:53:33 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2011.01.26 08:43:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.25 20:11:26 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2011.01.25 20:11:07 | 000,001,463 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\WinFast PVR2.lnk
[2011.01.24 20:16:29 | 160,583,680 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011.01.24 18:27:11 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{DB335B21-58BD-4A1A-B7B7-4E828E151598}
[2011.01.24 18:27:02 | 000,000,014 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{DB335B21-58BD-4A1A-B7B7-4E828E151598}
[2011.01.24 15:01:08 | 000,078,904 | -H-- | M] () -- C:\treeinfo.wc
[2011.01.23 15:59:20 | 000,114,243 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011.01.23 15:59:20 | 000,097,859 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011.01.23 15:46:49 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2011.01.23 15:38:21 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.23 13:26:17 | 000,000,830 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\AVG PC Tuneup 2011.lnk
[2011.01.23 11:26:16 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.22 18:10:46 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.01.20 21:18:19 | 000,000,737 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2011.01.20 13:44:28 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Spybot - Search & Destroy.lnk
[2011.01.20 13:34:38 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
[2011.01.19 20:38:47 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Microsoft Office Word 2007.lnk
[2011.01.15 16:51:55 | 001,473,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.13 21:30:09 | 000,000,096 | ---- | M] () -- C:\ioSpecial.ini
[2011.01.13 19:10:26 | 000,002,435 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\SeaTools for Windows.lnk
[2011.01.09 19:20:18 | 000,522,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.09 19:20:18 | 000,518,518 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.01.09 19:20:18 | 000,111,714 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.01.09 19:20:18 | 000,096,928 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.09 17:02:50 | 000,001,707 | ---- | M] () -- C:\WINDOWS\SysMech6.INI
[2011.01.09 15:45:46 | 007,479,296 | ---- | M] () -- C:\Documents and Settings\Administrator\ntuser.rhk
[2011.01.08 19:33:15 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2011.01.03 17:53:40 | 000,000,518 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Metin2.lnk
[2011.01.02 11:10:58 | 000,053,449 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\461504_silvestr-ve-svete-sydney.jpg
[2010.12.28 10:01:25 | 000,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdu.DAT
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.25 20:11:07 | 000,001,463 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\WinFast PVR2.lnk
[2011.01.23 15:47:51 | 000,114,243 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2011.01.23 15:47:51 | 000,097,859 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2011.01.23 13:26:17 | 000,000,830 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\AVG PC Tuneup 2011.lnk
[2011.01.20 13:44:28 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Spybot - Search & Destroy.lnk
[2011.01.13 21:30:09 | 000,000,096 | ---- | C] () -- C:\ioSpecial.ini
[2011.01.10 10:12:57 | 000,219,648 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.01.09 19:37:18 | 000,000,437 | ---- | C] () -- C:\WINDOWS\d.ini
[2011.01.03 17:53:40 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Metin2.lnk
[2011.01.02 11:10:58 | 000,053,449 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\461504_silvestr-ve-svete-sydney.jpg
[2011.01.01 15:22:42 | 000,148,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.10.18 17:05:48 | 000,000,057 | ---- | C] () -- C:\WINDOWS\SILCOM_P.INI
[2010.08.29 16:00:56 | 000,000,277 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.07.30 07:44:50 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.07.07 15:46:38 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\PnkBstrK.sys
[2010.04.20 20:25:53 | 000,390,492 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-682003330-2139871995-839522115-500-0.dat
[2010.04.20 20:25:53 | 000,260,298 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2010.04.14 15:02:24 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2010.03.23 19:15:32 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.03.23 19:15:32 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.03.23 19:15:32 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.03.05 22:29:07 | 000,016,057 | ---- | C] () -- C:\WINDOWS\System32\msw9nro1e.dll
[2010.03.05 19:44:13 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.03.05 19:44:13 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.03.05 19:43:59 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\$_hpcst$.hpc
[2010.01.27 22:04:49 | 000,016,456 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2010.01.27 22:04:48 | 000,011,088 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2009.10.26 21:33:47 | 000,000,026 | ---- | C] () -- C:\WINDOWS\DVDCreator.INI
[2009.09.20 11:10:27 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\ms59cro1d.dll
[2009.09.11 13:49:04 | 000,000,219 | ---- | C] () -- C:\WINDOWS\EurekaLog.ini
[2009.09.07 00:32:36 | 000,000,437 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.09.05 11:52:04 | 000,000,019 | ---- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\mdbu.bin
[2009.08.07 11:51:34 | 000,000,552 | ---- | C] () -- C:\WINDOWS\MELKER.INI
[2009.07.08 16:17:20 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009.06.22 17:04:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\galaxy.ini
[2009.05.29 18:06:11 | 000,002,194 | ---- | C] () -- C:\WINDOWS\SmartMapsEvropa.INI
[2009.05.14 21:17:47 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Tuner
[2009.05.14 21:17:47 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Administrator\Data aplikací\Treble Reduction
[2009.05.14 21:17:47 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdu.DAT
[2009.02.28 11:40:38 | 000,000,130 | ---- | C] () -- C:\WINDOWS\dartemup.ini
[2009.02.09 17:09:17 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.02.09 17:09:17 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.01.12 17:18:17 | 000,137,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\litsgt.sys
[2009.01.12 17:18:17 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\tansgt.sys
[2008.12.31 17:38:35 | 000,000,018 | ---- | C] () -- C:\WINDOWS\gfact.ini
[2008.09.12 15:56:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008.09.01 10:07:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PLAYDEMO.INI
[2008.07.24 14:20:48 | 000,000,080 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2008.07.20 12:07:52 | 004,107,582 | ---- | C] () -- C:\Program Files\back.bmp
[2008.07.03 17:43:41 | 000,001,707 | ---- | C] () -- C:\WINDOWS\SysMech6.INI
[2008.07.03 17:33:34 | 001,212,416 | ---- | C] () -- C:\WINDOWS\System32\Incinerator.dll
[2008.05.11 18:17:30 | 000,001,104 | ---- | C] () -- C:\Program Files\Dash Rendar.soe
[2008.03.12 21:43:04 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008.03.02 15:46:24 | 000,000,099 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2008.02.26 15:55:28 | 000,000,101 | ---- | C] () -- C:\WINDOWS\Pickwick pomeranc.ini
[2008.02.16 21:04:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\graphedt.INI
[2008.02.16 15:38:22 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2008.02.16 14:35:12 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2008.02.02 13:36:23 | 000,000,033 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.02.02 13:34:21 | 000,002,753 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.02.02 13:33:50 | 000,002,497 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.02.02 13:33:43 | 000,004,470 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.02.02 13:33:43 | 000,002,011 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.02.02 10:18:56 | 000,000,253 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.01.24 22:47:04 | 000,000,037 | ---- | C] () -- C:\WINDOWS\CONTEXT.INI
[2008.01.24 20:46:29 | 000,000,213 | ---- | C] () -- C:\WINDOWS\thtitanc.INI
[2008.01.15 20:37:30 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2008.01.15 20:37:29 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\DVResampleru.dll
[2008.01.15 19:51:43 | 000,194,248 | ---- | C] () -- C:\WINDOWS\System32\LTRFD13n.DLL
[2008.01.15 19:48:24 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\fusioncache.dat
[2008.01.15 19:36:56 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\macd32.dll
[2008.01.15 19:36:56 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2008.01.15 19:36:56 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\mamc32.dll
[2008.01.15 19:36:56 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\masd32.dll
[2008.01.15 19:36:56 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2008.01.15 19:24:36 | 000,715,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.01.06 11:23:02 | 000,000,561 | ---- | C] () -- C:\WINDOWS\Rollemup.ini
[2007.12.12 18:37:32 | 000,000,202 | ---- | C] () -- C:\WINDOWS\gfscore.ini
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.09.24 14:48:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2007.03.11 17:38:33 | 000,002,347 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.03.11 17:38:33 | 000,002,337 | ---- | C] () -- C:\WINDOWS\tmp2Level.ini
[2007.02.21 18:08:31 | 000,000,122 | ---- | C] () -- C:\WINDOWS\FSaver.ini
[2007.02.21 17:59:49 | 000,000,157 | ---- | C] () -- C:\WINDOWS\Pomeranc.ini
[2007.02.21 17:58:00 | 000,000,169 | ---- | C] () -- C:\WINDOWS\Visen.ini
[2007.02.21 17:56:54 | 000,000,142 | ---- | C] () -- C:\WINDOWS\Vanilka.ini
[2007.02.21 17:55:19 | 000,000,154 | ---- | C] () -- C:\WINDOWS\Jahoda.ini
[2007.02.21 17:53:11 | 000,000,157 | ---- | C] () -- C:\WINDOWS\Jablko.ini
[2007.02.21 17:49:48 | 000,000,157 | ---- | C] () -- C:\WINDOWS\Citron.ini
[2007.02.21 15:35:31 | 000,000,126 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2007.02.13 18:42:13 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2007.02.13 17:55:28 | 000,000,041 | ---- | C] () -- C:\WINDOWS\COMPEDIA.INI

mwp · #7 Příspěvek od **mwp** » 26 led 2011 12:52

Poslední 3. část
[2007.02.03 17:25:43 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.02.03 17:25:41 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.01.28 11:31:14 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.23 12:22:24 | 000,005,106 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.01.20 14:09:57 | 000,000,106 | ---- | C] () -- C:\WINDOWS\ALIK.INI
[2007.01.12 23:01:39 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2006.12.31 20:59:30 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.09.26 10:24:38 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys
[2005.07.29 19:38:24 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2005.02.05 15:29:17 | 000,286,208 | ---- | C] () -- C:\WINDOWS\System32\CNCS232.DLL
[2004.10.12 06:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2004.10.12 06:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2004.10.12 06:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2004.10.09 06:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2004.10.05 08:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2004.10.03 17:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2001.09.30 11:43:47 | 000,006,808 | ---- | C] () -- C:\WINDOWS\System32\HWACCESS.SYS
[2001.09.28 23:43:08 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2001.09.28 21:53:06 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2001.09.28 17:42:39 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== LOP Check ==========

[2009.07.18 14:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AltrixSoft
[2007.12.25 00:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ankh
[2010.09.27 20:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2009.03.19 13:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2011.01.23 13:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2011.01.20 22:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2008.12.21 20:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BinarySense
[2007.03.05 18:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ChessBase
[2008.01.15 19:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
[2009.11.26 12:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\f-secure
[2007.09.21 16:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ford Street Racing
[2010.02.19 17:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2011.01.10 10:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2010.05.10 20:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GARMIN
[2011.01.19 13:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
[2009.09.06 23:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Happy Foto
[2008.07.03 19:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LANGMaster
[2009.02.17 17:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2009.03.11 18:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Miranda
[2009.05.16 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nikon
[2009.08.03 18:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Obsidium
[2011.01.13 21:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OnLive App
[2010.03.05 19:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2010.03.05 19:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Samsung
[2010.07.17 09:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SuperEasy
[2008.09.12 19:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Teleca
[2011.01.13 18:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2010.03.23 15:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TrustPort
[2008.05.22 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2011.01.20 15:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TweakNow PowerPack 2009
[2010.08.22 18:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Uniblue
[2011.01.15 13:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Western Digital
[2009.12.22 20:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Zoner
[2010.03.23 14:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Agnitum
[2009.03.19 13:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.01.23 15:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2009.05.24 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Blender Foundation
[2009.05.14 21:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Comedy Noises
[2011.01.09 20:39:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.10.25 11:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EL
[2009.05.14 21:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2010.01.18 13:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\f-secure
[2009.11.26 11:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fssg
[2010.12.19 17:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
[2010.05.10 20:05:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GARMIN
[2010.09.05 17:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GroupPolicy
[2009.09.05 11:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HappyFoto
[2010.09.27 14:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LAG
[2009.05.23 15:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
[2008.07.18 19:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MEDIA TRADE
[2011.01.09 20:37:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.11.23 16:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nexon
[2009.10.09 13:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NexonEU
[2009.05.14 21:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2010.03.05 19:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.01.15 20:06:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2008.01.15 20:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
[2007.12.15 13:48:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.12.11 20:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Screentime
[2009.07.16 01:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Seagate
[2008.01.15 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
[2008.02.27 16:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SoftwareTime
[2011.01.17 23:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tablet
[2011.01.24 20:00:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.14 10:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2008.07.01 18:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2009.05.14 21:17:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2010.02.19 16:35:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2010.06.02 14:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WildTangent
[2010.06.14 10:46:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.06.28 15:03:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
[2009.06.26 16:45:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\Ace
[2009.07.19 08:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\AltrixSoft
[2010.05.11 15:46:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\Ascaron Entertainment
[2011.01.11 17:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\AVG10
[2009.10.13 15:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\Buena Vista Games
[2010.06.08 19:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\DAEMON Tools
[2009.11.08 20:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\DonationCoder
[2009.11.27 16:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\f-secure
[2010.07.05 15:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\FarmingSimulator2008
[2010.07.29 16:26:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\fizzy
[2009.07.12 07:06:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\Happy Foto
[2010.12.18 17:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\HTC
[2010.07.18 08:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\Mount&Blade
[2010.02.20 17:25:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Holky\Data aplikací\Western Digital
[2009.07.26 21:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\AltrixSoft
[2009.03.27 10:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\BinarySense
[2009.12.02 12:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\f-secure
[2009.07.12 23:18:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\Happy Foto
[2011.01.05 09:57:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\HTC
[2010.03.16 08:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Internet\Data aplikací\Western Digital
[2011.01.13 21:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\GameTracker
[2011.01.24 14:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Happy Foto
[2009.07.24 10:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\AltrixSoft
[2010.04.26 12:47:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Ascaron Entertainment
[2009.04.15 18:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Blender Foundation
[2009.02.26 08:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Buena Vista Games
[2010.06.08 18:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\DAEMON Tools
[2009.11.28 18:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\f-secure
[2009.02.14 15:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Ford Street Racing
[2009.11.03 19:25:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\gtk-2.0
[2010.12.19 16:32:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Happy Foto
[2010.12.11 20:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\HTC
[2009.03.11 21:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Miranda
[2010.06.12 16:17:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\PC Suite
[2009.05.13 16:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Spyware Terminator
[2009.02.07 11:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Teleca
[2010.12.30 12:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\TuneUp Software
[2010.06.13 10:45:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Utherverse
[2010.02.22 17:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Western Digital
[2009.11.01 16:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mamka\Data aplikací\Zoner
[2009.06.27 06:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Ace
[2009.07.18 20:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\AltrixSoft
[2007.12.24 21:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Ankh
[2010.01.27 16:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Apowersoft
[2010.04.25 14:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Ascaron Entertainment
[2009.05.25 19:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Ashampoo
[2008.11.30 15:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\BinarySense
[2009.05.24 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Blender Foundation
[2008.03.02 16:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\ChessBase
[2008.02.08 00:09:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\DAEMON Tools
[2009.03.13 14:43:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Disney Interactive Studios
[2009.10.05 14:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\DonationCoder
[2009.11.26 13:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\f-secure
[2010.07.05 07:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\FarmingSimulator2008
[2010.07.30 07:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\fizzy
[2007.11.06 19:10:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Ford Street Racing
[2010.07.22 12:55:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Foxit Software
[2010.10.21 13:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\GameTracker
[2009.07.15 14:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Happy Foto
[2010.12.12 08:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\HTC
[2008.07.12 13:43:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\LANGMaster
[2009.04.01 18:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Miranda
[2010.07.20 08:41:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Mount&Blade
[2010.04.17 16:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\n-Track Software Data
[2010.04.17 16:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\n-Track Studio6
[2009.05.15 15:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Nikon
[2010.10.18 05:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\OnLive App
[2010.06.12 16:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\PC Suite
[2007.12.15 13:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\PlayFirst
[2009.07.01 16:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\RenPy
[2010.08.15 15:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Sahmon Games
[2008.09.12 15:53:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Teleca
[2010.07.28 08:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Toolbar4
[2008.12.11 15:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\TuneUp Software
[2010.06.12 13:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Utherverse
[2010.02.20 09:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Western Digital
[2009.11.03 18:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavlik\Data aplikací\Zoner
[2011.01.26 09:00:00 | 000,000,502 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.03.23 18:50:52 | 000,000,380 | ---- | M] () -- C:\WINDOWS\Tasks\Install.job
[2011.01.26 09:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"SMSystemAnalyzer" = "E:\Program Files\System Mechanic 6\SMSystemAnalyzer.exe" -- [2006.12.20 11:38:00 | 000,557,056 | ---- | M] ()
"WinFast Schedule" = "C:\Program Files\WinFast\WFDTV\WFWIZ.exe" -- [2010.03.25 14:04:42 | 002,924,544 | ---- | M] (Leadtek Research Inc.)
"QuickTime Task" = "E:\Program Files\QTTask.exe" -atboottime -- [2010.11.29 17:38:18 | 000,421,888 | ---- | M] (Apple Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2008.01.15 20:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.12.11 11:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2009.07.18 14:25:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AltrixSoft
[2007.12.25 00:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ankh
[2010.09.27 20:29:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2008.07.08 15:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2010.05.09 17:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2009.03.19 13:44:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
[2010.05.01 10:24:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2011.01.23 13:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2011.01.20 22:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG10
[2008.12.21 20:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BinarySense
[2009.02.24 10:03:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CameraWindowDC
[2008.07.08 15:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CANON INC
[2007.03.05 18:00:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ChessBase
[2010.07.07 20:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\codeblocks
[2001.09.29 00:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
[2008.01.15 19:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
[2010.02.18 17:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DivX
[2009.11.26 12:42:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\f-secure
[2007.09.21 16:00:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ford Street Racing
[2010.02.19 17:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit
[2011.01.10 10:47:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2010.05.10 20:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GARMIN
[2011.01.19 13:43:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
[2009.09.06 23:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Happy Foto
[2007.02.18 14:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2001.09.28 16:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2008.01.15 20:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
[2008.07.03 19:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\LANGMaster
[2009.07.19 14:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2010.05.30 12:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2011.01.09 20:22:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2009.02.17 17:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2009.03.11 18:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Miranda
[2009.02.08 17:58:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2009.05.16 16:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nikon
[2009.08.03 18:42:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Obsidium
[2011.01.13 21:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OnLive App
[2010.03.05 19:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2007.01.12 18:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PSpad
[2010.03.05 19:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Samsung
[2010.12.18 19:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2009.08.02 16:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2008.09.12 19:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sony Ericsson
[2009.02.23 10:33:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2010.07.17 09:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\SuperEasy
[2008.09.12 19:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Teleca
[2011.01.13 18:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Toolbar4
[2010.03.23 15:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TrustPort
[2008.05.22 15:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2011.01.20 15:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TweakNow PowerPack 2009
[2010.08.22 18:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Uniblue
[2011.01.15 13:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Western Digital
[2011.01.15 17:34:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Winamp
[2011.01.09 19:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2009.12.22 20:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Zoner
[2009.02.24 15:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2010.03.05 18:49:07 | 000,335,872 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
[2007.02.28 21:44:02 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2009.07.16 01:06:40 | 000,011,264 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{98613C99-1399-416C-A07C-1EE1C585D872}\Icon98613C992.exe
[2010.08.18 18:17:14 | 000,335,872 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\ARPPRODUCTICON.exe
[2010.08.18 18:17:14 | 000,335,872 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{AA01BA34-88F7-436D-822A-35324727C4C1}\oo_unerase_9C3BE5C3A3C646DABE40B79DE57BC3BB.exe
[2001.09.28 22:52:16 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
[2009.07.02 15:21:22 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{F2981339-823E-4C62-9C6F-6733BAEE9EF5}\ARPPRODUCTICON.exe
[2009.07.02 15:21:22 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{F2981339-823E-4C62-9C6F-6733BAEE9EF5}\PHDM2009S_985F828E0E98429F9C05EF3BDE7568F7.exe
[2009.07.02 15:21:22 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{F2981339-823E-4C62-9C6F-6733BAEE9EF5}\RunProductName_985F828E0E98429F9C05EF3BDE7568F7.exe
[2010.03.05 22:11:26 | 089,280,248 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\Administrator\Data aplikací\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe

< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:atapi.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: CDROM.SYS >
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:cdrom.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2002.09.20 17:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp1.cab:hal.dll
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 21:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2004.08.03 22:00:14 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.09.20 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2008.04.25 12:36:51 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
[2008.04.25 12:36:51 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.25 12:36:51 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.17 05:58:59 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\dllcache\cache\netlogon.dll
[2008.04.17 05:58:59 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.17 05:58:59 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2005.06.28 06:25:44 | 000,088,960 | R--- | M] (NVIDIA Corporation) MD5=A1F88223528AADBB6374132BECBBDCC1 -- C:\WINDOWS\system32\drivers\nvatabus.sys
[2005.06.28 06:25:44 | 000,088,960 | R--- | M] (NVIDIA Corporation) MD5=A1F88223528AADBB6374132BECBBDCC1 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\nvatabus.sys
[2005.06.28 06:25:44 | 000,088,960 | R--- | M] (NVIDIA Corporation) MD5=A1F88223528AADBB6374132BECBBDCC1 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\nvatabus.sys
[2004.12.07 17:15:54 | 000,087,936 | ---- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\OemDir\nvatabus.sys
[2004.12.07 17:15:54 | 000,087,936 | ---- | M] (NVIDIA Corporation) MD5=E4F1F95A6BBBFBBFF9A713C6063AA2CB -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\nvatabus.sys

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB957579\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.01.15 19:24:36 | 000,715,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2001.09.28 17:41:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2001.09.28 17:41:07 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2001.09.28 17:41:07 | 000,413,696 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< %systemroot%\system32\drivers\*.sys /3 >
[2011.01.23 15:46:49 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\system32\drivers\klif.sys

< %systemroot%\system32\*.* /3 >
[2011.01.26 08:53:33 | 000,000,007 | ---- | M] () -- C:\WINDOWS\system32\ANIWZCSUSERNAME
[2011.01.24 18:27:02 | 000,000,014 | ---- | M] () -- C:\WINDOWS\system32\ANIWZCSUSERNAME{DB335B21-58BD-4A1A-B7B7-4E828E151598}
[2011.01.24 18:27:11 | 000,003,284 | ---- | M] () -- C:\WINDOWS\system32\ANIWZCS{DB335B21-58BD-4A1A-B7B7-4E828E151598}
[2011.01.23 15:38:21 | 000,002,504 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2011.01.25 20:11:26 | 000,000,002 | ---- | M] () -- C:\WINDOWS\system32\Dvbpws.dll
[2011.01.23 11:26:16 | 000,002,262 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 174 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8927A071
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2BE9FEFC
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD727397
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

< End of report >

#8 Příspěvek od **motji** » 26 led 2011 13:43

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKU\S-1-5-21-682003330-2139871995-839522115-500\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
[2010.07.29 09:35:11 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lfxn1qvc.default\searchplugins\bigseekpro.xml
@Alternate Data Stream - 174 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8927A071
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:2BE9FEFC
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AD727397
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

mwp · #9 Příspěvek od **mwp** » 26 led 2011 15:58

Zasílám log.
Děkuji

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_USERS\S-1-5-21-682003330-2139871995-839522115-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\lfxn1qvc.default\searchplugins\bigseekpro.xml moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:8927A071 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:2BE9FEFC deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:AD727397 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\SET3C.tmp moved successfully.
C:\WINDOWS\system32\SET3E.tmp moved successfully.
C:\WINDOWS\11AE680750D24F5982B32C3E695E94C2.TMP folder moved successfully.
C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP427.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Installer\MSIB.tmp moved successfully.
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 35973 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54704996 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56502 bytes

User: Holky
->Temp folder emptied: 9484020 bytes
->Temporary Internet Files folder emptied: 278347 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 51724322 bytes
->Flash cache emptied: 2993 bytes

User: Internet
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 51390665 bytes
->FireFox cache emptied: 49427552 bytes
->Flash cache emptied: 2123 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Mamka
->Temp folder emptied: 14318748 bytes
->Temporary Internet Files folder emptied: 7411023 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54553756 bytes
->Flash cache emptied: 1949 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 616267 bytes

User: Pavlik
->Temp folder emptied: 164726123 bytes
->Temporary Internet Files folder emptied: 245133 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55458769 bytes
->Flash cache emptied: 43933 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 296448 bytes

Total Files Cleaned = 491,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Holky
->Flash cache emptied: 0 bytes

User: Internet
->Flash cache emptied: 0 bytes

User: LocalService

User: Mamka
->Flash cache emptied: 0 bytes

User: NetworkService

User: Pavlik
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.20.6 log created on 01262011_150214

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

#10 Příspěvek od **motji** » 26 led 2011 16:45

Jaký tam máte ten soubor ted?
Já vidím jen [2008.01.15 19:24:36 | 000,715,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

mwp · #11 Příspěvek od **mwp** » 26 led 2011 18:28

Ovladač C:\WINDOWS\system32\drivers\sptd.sys běží. Ovladač "bez souboru" běží také a momentálně se jmenuje spwg.sys

Děkuji.

#12 Příspěvek od **motji** » 26 led 2011 19:13

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Ale myslím že ten druhý soubor patří také Daemonu.

mwp · #13 Příspěvek od **mwp** » 01 úno 2011 22:01

Dobrý večer,

po týdnu jsem konečně zpět. Trefila jste do černého. S ovladačem C:\WINDOWS\system32\drivers\sptd.sys zmizel i ten "bez souboru", který měnil své jméno.

Velmi Vám děkuji za pomoc a profesionalitu.

S přáním všeho nejlepšího

MWP

#14 Příspěvek od **motji** » 01 úno 2011 22:25

Ještě znovu spustte OTL, klikněte na tlačítko vyčisti, uklidí po sobě

Není zač

VIRY.CZ

Problém s uživatelským profilem

Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem

Re: Problém s uživatelským profilem