Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2011-02-11 11:55:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 74 GB (74%) free of 100 GB
Total RAM: 2047 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:55:39, on 11.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Antivirky na odstraneni\RSIT.exe
C:\Program Files\trend micro\Admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com/?aff=105
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [PVR Agent] C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: PEVSystemStart - Unknown owner - (no file)
--
End of file - 6935 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} -
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [2003-03-26 172032]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"DeviceDiscovery"=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2002-12-02 40960]
"PVR Agent"=C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe [2005-04-29 748032]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2003-12-04 406016]
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"00PCTFW"=C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe [2010-01-12 3168216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-07-14 1961984]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12853434]
[]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TV Remote Control.lnk - C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-02 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\StrongDC.exe"="D:\StrongDC.exe:*:Enabled:StrongDC++"
"D:\DC strong\StrongDC.exe"="D:\DC strong\StrongDC.exe:*:Enabled:StrongDC++"
"D:\STAHOVANI\DC strong\StrongDC.exe"="D:\STAHOVANI\DC strong\StrongDC.exe:*:Enabled:StrongDC++"
"D:\sdc230\StrongDC.exe"="D:\sdc230\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\SBCL_by_PLFF_TEAM-31.12.2009\SBCL v1.1b.exe"="D:\SBCL_by_PLFF_TEAM-31.12.2009\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b"
"D:\SBCL Open C+NHL 19 2E Irdeto 2 & SCt 13E\SBCL v1.1b.exe"="D:\SBCL Open C+NHL 19 2E Irdeto 2 & SCt 13E\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b"
"C:\Documents and Settings\Admin\Local Settings\Temp\7zO8B8.tmp\SBCL v1.0i.exe"="C:\Documents and Settings\Admin\Local Settings\Temp\7zO8B8.tmp\SBCL v1.0i.exe:*:Enabled:SBCL v1.0i"
"D:\sdc230\sdc240-32\StrongDC.exe"="D:\sdc230\sdc240-32\StrongDC.exe:*:Enabled:StrongDC++"
"D:\sdc230\StrongDC++\StrongDC.exe"="D:\sdc230\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
======List of files/folders created in the last 1 months======
2011-02-11 11:55:33 ----D---- C:\Program Files\trend micro
2011-02-11 11:55:26 ----D---- C:\rsit
2011-02-11 11:28:33 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2011-02-11 11:28:19 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2011-02-11 11:28:14 ----A---- C:\WINDOWS\system32\CNMLMAD.DLL
2011-02-11 11:25:59 ----A---- C:\WINDOWS\system32\CNHMCA.dll
2011-02-11 11:25:59 ----A---- C:\WINDOWS\system32\CNC5100U.dll
2011-02-11 11:25:59 ----A---- C:\WINDOWS\system32\CNC5100L.dll
2011-02-11 11:25:59 ----A---- C:\WINDOWS\system32\CNC5100I.dll
2011-02-11 11:25:59 ----A---- C:\WINDOWS\system32\CNC5100C.dll
2011-02-11 11:25:57 ----D---- C:\WINDOWS\LastGood
2011-02-10 08:42:42 ----D---- C:\Program Files\CCleaner
2011-02-09 20:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 20:20:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 20:20:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 20:19:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 20:18:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 20:18:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 20:17:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-01-26 13:44:54 ----D---- C:\Program Files\JDownloader
2011-01-23 09:35:18 ----D---- C:\Program Files\Mio Technology
2011-01-23 09:34:35 ----D---- C:\Program Files\Microsoft ActiveSync
2011-01-19 15:20:51 ----D---- C:\Program Files\MSECache
2011-01-14 08:34:42 ----D---- C:\Program Files\StrongDC++
2011-01-12 15:07:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
======List of files/folders modified in the last 1 months======
2011-02-11 11:55:33 ----RD---- C:\Program Files
2011-02-11 11:35:45 ----D---- C:\WINDOWS\temp
2011-02-11 11:28:45 ----HD---- C:\WINDOWS\inf
2011-02-11 11:28:33 ----D---- C:\WINDOWS\system32
2011-02-11 11:26:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-11 11:26:00 ----D---- C:\WINDOWS\Media
2011-02-11 11:25:59 ----D---- C:\WINDOWS\twain_32
2011-02-11 11:25:59 ----D---- C:\WINDOWS\system32\drivers
2011-02-11 11:25:57 ----D---- C:\WINDOWS
2011-02-11 11:24:11 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-11 11:00:49 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-02-11 07:42:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-11 07:38:56 ----D---- C:\WINDOWS\Prefetch
2011-02-10 14:01:04 ----D---- C:\Documents and Settings\Admin\Data aplikací\Skype
2011-02-10 13:27:15 ----D---- C:\Documents and Settings\Admin\Data aplikací\skypePM
2011-02-10 09:08:11 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-10 09:07:40 ----D---- C:\Documents and Settings\Admin\Data aplikací\Media Player Classic
2011-02-10 08:43:58 ----D---- C:\WINDOWS\Debug
2011-02-09 20:20:36 ----SHD---- C:\WINDOWS\Installer
2011-02-09 20:18:32 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-09 20:18:25 ----D---- C:\Program Files\Internet Explorer
2011-02-09 20:18:17 ----D---- C:\WINDOWS\ie8updates
2011-02-09 20:18:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-08 17:51:51 ----SD---- C:\WINDOWS\Tasks
2011-02-06 10:55:10 ----A---- C:\WINDOWS\wincmd.ini
2011-02-04 14:58:50 ----D---- C:\Program Files\Mozilla Firefox
2011-01-23 09:36:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-23 09:35:17 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-23 09:34:36 ----D---- C:\WINDOWS\Help
2011-01-23 09:34:35 ----D---- C:\WINDOWS\WinSxS
2011-01-23 09:34:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-19 15:44:49 ----D---- C:\Program Files\Microsoft Office
2011-01-19 15:21:31 ----SD---- C:\Documents and Settings\Admin\Data aplikací\Microsoft
2011-01-19 15:21:03 ----RSD---- C:\WINDOWS\Fonts
2011-01-13 09:47:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-11-06 82380]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 pctgntdi;pctgntdi; \??\C:\WINDOWS\system32\drivers\pctgntdi.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 PCTAppEvent;PCTAppEvent Driver; \??\C:\WINDOWS\system32\drivers\PCTAppEvent.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-12-04 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-02 4125696]
R3 Cap713x;Philips Cap713x Video Capture; C:\WINDOWS\system32\DRIVERS\Cap713x.sys [2005-05-04 686080]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys []
R3 pctNDIS;PC Tools Driver; C:\WINDOWS\system32\DRIVERS\pctNdis.sys [2010-01-07 58816]
R3 pctplfw;pctplfw; \??\C:\WINDOWS\system32\drivers\pctplfw.sys []
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-04-07 105088]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\esihdrv.sys []
S3 INFUSB;INFUSB; C:\WINDOWS\system32\drivers\infusb.sys [2003-11-03 11520]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-08 47360]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 snpstd;VideoCAM Messenger; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2004-06-25 331008]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-02 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 PCToolsFirewallPlus;PC Tools Firewall Plus; C:\Program Files\PC Tools Firewall Plus\FWService.exe [2009-11-09 818432]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-02 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-16 135664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
dekuji za kontrolu
Re: prosim o kontrolu logu
Dobrý večer 
Vy jste ted někdy použil combofix?
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Vy jste ted někdy použil combofix?
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5718
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12.2.2011 16:27:13
mbam-log-2011-02-12 (16-27-06).txt
Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 207495
Uplynulý čas: 21 minut, 56 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\system volume information\_restore{e86ba20e-f3cc-414e-bffa-13c9448224bb}\RP53\A0063145.exe (Malware.Packer.Gen) -> No action taken.
d:\system volume information\_restore{e86ba20e-f3cc-414e-bffa-13c9448224bb}\RP49\A0061804.exe (Malware.Packer.Gen) -> No action taken.
www.malwarebytes.org
Verze databáze: 5718
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12.2.2011 16:27:13
mbam-log-2011-02-12 (16-27-06).txt
Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 207495
Uplynulý čas: 21 minut, 56 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\system volume information\_restore{e86ba20e-f3cc-414e-bffa-13c9448224bb}\RP53\A0063145.exe (Malware.Packer.Gen) -> No action taken.
d:\system volume information\_restore{e86ba20e-f3cc-414e-bffa-13c9448224bb}\RP49\A0061804.exe (Malware.Packer.Gen) -> No action taken.
Re: prosim o kontrolu logu
V mbamu můžete smazat.
Vy jste ted někdy použil combofix?
Jaké máte s pc problémy?
Vy jste ted někdy použil combofix?
Jaké máte s pc problémy?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
nekdy se mi sekne a musim chvili pockat nez se rozbehne jinak celkem ok
Re: prosim o kontrolu logu
Furt jste mi neodpověděl na tuto otázku
Vy jste ted někdy použil combofix?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
ano kdysi pri prvnim logu
Re: prosim o kontrolu logu
Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
OTL logfile created on: 12.2.2011 17:29:10 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = D:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 70,85 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 176,07 Gb Free Space | 87,85% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 75,84 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Computer Name: NIEMCZYK-AB5D32 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.02.12 17:26:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.12.10 17:11:27 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.10 17:11:26 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2009.11.09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2009.07.26 14:58:21 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.17 05:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2005.04.29 17:00:58 | 000,748,032 | ---- | M] (MSI) -- C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe
PRC - [2004.07.22 13:04:30 | 000,057,344 | ---- | M] (Kworld Computer Co., Ltd.) -- C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
PRC - [2004.06.10 13:48:04 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe
PRC - [2002.12.17 11:40:22 | 000,049,152 | R--- | M] () -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
PRC - [2002.12.02 20:56:10 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
========== Modules (SafeList) ==========
MOD - [2011.02.12 17:26:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 08:51:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008.04.14 08:51:38 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.02.11 15:42:08 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.11.09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
========== Driver Services (SafeList) ==========
DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.01.13 08:59:28 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010.01.12 09:34:14 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010.01.07 12:40:26 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010.01.07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2009.11.23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009.07.02 18:49:32 | 004,125,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.11.06 12:03:25 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2008.04.14 00:16:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.14 00:16:22 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.14 00:16:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.07 16:06:48 | 000,105,088 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.05.04 09:32:32 | 000,686,080 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap713x.sys -- (Cap713x)
DRV - [2004.06.25 11:44:54 | 000,331,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2003.12.04 11:33:20 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.11.03 15:16:11 | 000,011,520 | R--- | M] (WB Electronic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\infusb.sys -- (INFUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.14 13:28:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.11 18:29:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.11 18:00:05 | 000,000,000 | ---D | M]
[2009.12.11 12:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2009.12.11 12:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.12 15:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\extensions
[2010.09.09 10:37:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.02.08 08:04:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\searchplugins\icqplugin-1.xml
[2008.11.18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\searchplugins\icqplugin.xml
[2011.02.12 15:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.14 06:09:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.11 08:23:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.12.09 11:29:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.26 10:30:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\P3AKUBLL.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2009.11.03 14:31:58 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.11.01 17:26:47 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.11.01 17:26:47 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.11.01 17:26:47 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.11.01 17:26:47 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.11.01 17:26:47 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.11.04 11:15:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe (HP)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PVR Agent] C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe (MSI)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-343818398-746137067-725345543-1004..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-343818398-746137067-725345543-1004..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TV Remote Control.lnk = C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe (Kworld Computer Co., Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (60812205720862720)
========== Files/Folders - Created Within 30 Days ==========
[2011.02.11 18:28:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.02.11 18:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.02.11 17:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.02.11 15:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2011.02.11 15:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.02.11 11:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon MG5100 series
[2011.02.11 11:28:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2011.02.11 11:28:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.02.11 11:28:14 | 000,290,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAD.DLL
[2011.02.11 11:25:59 | 001,335,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100C.dll
[2011.02.11 11:25:59 | 000,307,200 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100L.dll
[2011.02.11 11:25:59 | 000,114,688 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100I.dll
[2011.02.11 11:25:59 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100U.dll
[2011.02.11 11:25:59 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2011.02.10 08:44:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2011.02.10 08:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.02.10 08:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.26 13:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\JDownloader
[2011.01.26 13:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011.01.23 09:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\MioMore Desktop
[2011.01.23 09:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mio Technology
[2011.01.23 09:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2011.01.21 15:44:07 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011.01.19 15:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011.01.14 08:34:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Nabídka Start\Programy\StrongDC++
[2011.01.14 08:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\StrongDC++
[2009.02.24 09:13:56 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009.02.24 09:13:56 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009.02.24 09:13:56 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2008.11.08 16:42:29 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2011.02.12 17:18:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.12 17:00:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
[2011.02.12 16:48:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.12 16:48:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.02.11 18:29:10 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2011.02.11 18:19:14 | 003,533,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.11 14:48:23 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.02.11 14:32:35 | 000,002,708 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.02.10 13:27:08 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.02.10 08:47:51 | 000,015,466 | ---- | M] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20110210_084718.reg
[2011.02.10 08:42:43 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.02.08 09:36:23 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.04 14:42:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.26 13:45:01 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\JDownloader.lnk
[2011.01.23 09:38:20 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\$_hpcst$.hpc
[2011.01.23 09:35:40 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MioMore Desktop.lnk
[2011.01.21 15:44:07 | 008,466,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2011.01.21 15:44:07 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011.01.18 13:28:00 | 000,000,096 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2011.01.17 18:39:14 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.14 08:37:01 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Zástupce (2) - StrongDC.lnk
========== Files Created - No Company Name ==========
[2011.02.11 18:26:03 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2011.02.11 18:26:02 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
[2011.02.11 11:25:59 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\CNC1748D.TBL
[2011.02.10 08:47:35 | 000,015,466 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20110210_084718.reg
[2011.02.10 08:42:43 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.26 13:45:01 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\JDownloader.lnk
[2011.01.23 09:38:20 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\$_hpcst$.hpc
[2011.01.23 09:35:18 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MioMore Desktop.lnk
[2011.01.23 09:34:37 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft ActiveSync.lnk
[2011.01.14 08:37:01 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Zástupce (2) - StrongDC.lnk
[2010.11.20 17:08:09 | 000,000,149 | ---- | C] () -- C:\WINDOWS\polite.ini
[2010.10.19 14:51:19 | 000,841,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.11.05 16:31:05 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.11.05 16:31:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009.11.05 16:30:59 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.11.05 16:30:59 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.11.05 16:30:54 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.07.26 16:32:15 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2009.07.22 13:46:36 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.02.24 09:14:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009.02.24 09:14:00 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009.02.24 09:13:58 | 000,331,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009.01.28 14:13:37 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.01.27 18:08:09 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\FASTWiz.log
[2009.01.01 19:00:43 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.11.17 13:22:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.08 16:42:33 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2008.11.08 16:42:29 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2008.11.08 16:42:29 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2008.11.08 16:42:29 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2008.11.06 17:34:08 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv208325p1now.sys
[2008.11.06 16:25:54 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.06 16:03:43 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.11.06 12:48:43 | 000,002,708 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.11.06 12:33:23 | 000,002,986 | ---- | C] () -- C:\WINDOWS\TVP3XDrv.ini
[2008.11.06 12:02:14 | 000,007,347 | ---- | C] () -- C:\WINDOWS\hpdj5100.ini
[2008.11.06 12:01:43 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008.11.05 09:32:08 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.05 09:08:48 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.11.05 09:08:43 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2008.11.05 09:01:08 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.06.29 19:48:48 | 000,311,128 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2008.06.29 19:48:46 | 001,526,468 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008.05.26 21:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.12.22 14:40:06 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
========== LOP Check ==========
[2010.10.22 08:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ashampoo
[2009.11.19 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ConMet
[2008.11.08 17:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ESET
[2008.12.11 10:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2009.09.16 15:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\MetaProducts
[2010.11.05 15:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PCToolsFirewallPlus
[2009.12.11 12:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2008.11.06 15:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
[2010.07.02 11:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2010.12.14 13:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2009.07.26 15:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2009.07.22 13:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.09.16 10:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.07.02 12:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2011.02.11 11:28:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.11.04 10:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
[2009.11.19 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2008.11.08 17:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.02.11 15:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2008.12.11 09:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.11.08 15:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2008.11.08 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2011.02.11 17:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2010.10.22 11:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
[2011.02.12 16:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2008.11.08 14:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.01.17 13:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.02.13 10:20:10 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.06.10 14:30:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2010.07.02 10:55:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2011.02.12 17:00:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.07.14 21:35:42 | 001,961,984 | ---- | M] (Ahead Software AG)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.11 18:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2008.11.08 16:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ahead
[2010.10.22 08:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ashampoo
[2009.11.19 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ConMet
[2008.11.06 14:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DivX
[2008.11.08 17:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ESET
[2009.01.21 21:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Google
[2008.12.11 10:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2008.11.05 08:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2008.11.06 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2008.11.08 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2011.02.10 09:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Media Player Classic
[2009.09.16 15:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\MetaProducts
[2011.02.11 18:26:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2008.11.05 09:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2010.11.05 15:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PCToolsFirewallPlus
[2011.02.10 14:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Skype
[2011.02.10 13:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\skypePM
[2009.11.03 14:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2009.12.11 12:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2008.11.06 15:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
[2010.07.02 11:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2010.12.14 13:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2009.07.26 15:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2008.11.05 09:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.01.28 14:52:26 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2010.06.10 14:30:26 | 005,037,504 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Admin\Data aplikací\Uniblue\Registry Booster2\RB_Setup_6_10_2010.exe
[2010.08.04 14:18:50 | 005,125,664 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Admin\Data aplikací\Uniblue\RegistryBooster\_temp\ub.exe
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2009.07.26 14:58:21 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\explorer.exe
[2009.07.26 14:58:21 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\hal.dll
[2006.03.02 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9425B72F40257B45D45D24773273DAD0 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9425B72F40257B45D45D24773273DAD0 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=ACCF5A9A1FFAA490F33DBA1C632B95E1 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=ACCF5A9A1FFAA490F33DBA1C632B95E1 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.11.05 08:59:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.11.05 08:59:10 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.11.05 08:59:10 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.02.11 18:19:14 | 003,533,032 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.02.09 20:18:32 | 037,443,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C31F31E6
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:010ADD2C
< End of report >
OTL by OldTimer - Version 3.2.20.6 Folder = D:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 70,85 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 176,07 Gb Free Space | 87,85% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 75,84 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Computer Name: NIEMCZYK-AB5D32 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.02.12 17:26:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.12.10 17:11:27 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.10 17:11:26 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.01.12 11:41:00 | 003,168,216 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
PRC - [2009.11.09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) -- C:\Program Files\PC Tools Firewall Plus\FWService.exe
PRC - [2009.07.26 14:58:21 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.17 05:42:52 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006.11.13 13:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2005.04.29 17:00:58 | 000,748,032 | ---- | M] (MSI) -- C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe
PRC - [2004.07.22 13:04:30 | 000,057,344 | ---- | M] (Kworld Computer Co., Ltd.) -- C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
PRC - [2004.06.10 13:48:04 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe
PRC - [2002.12.17 11:40:22 | 000,049,152 | R--- | M] () -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
PRC - [2002.12.02 20:56:10 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
========== Modules (SafeList) ==========
MOD - [2011.02.12 17:26:09 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
MOD - [2011.01.13 09:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008.04.14 08:51:48 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008.04.14 08:51:38 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.02.11 15:42:08 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.11.09 11:20:14 | 000,818,432 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\PC Tools Firewall Plus\FWService.exe -- (PCToolsFirewallPlus)
========== Driver Services (SafeList) ==========
DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.01.13 08:59:28 | 000,115,216 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctplfw.sys -- (pctplfw)
DRV - [2010.01.12 09:34:14 | 000,070,664 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis-PacketFilter.sys -- (PCTFW-PacketFilter)
DRV - [2010.01.07 12:40:26 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2010.01.07 11:35:06 | 000,058,816 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pctNdis.sys -- (pctNDIS)
DRV - [2009.11.23 13:54:20 | 000,088,040 | ---- | M] (PC Tools) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PCTAppEvent.sys -- (PCTAppEvent)
DRV - [2009.07.02 18:49:32 | 004,125,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.11.06 12:03:25 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2008.04.14 00:16:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.14 00:16:22 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.14 00:16:10 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008.04.13 22:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.07 16:06:48 | 000,105,088 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.05.04 09:32:32 | 000,686,080 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap713x.sys -- (Cap713x)
DRV - [2004.06.25 11:44:54 | 000,331,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd)
DRV - [2003.12.04 11:33:20 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2003.11.03 15:16:11 | 000,011,520 | R--- | M] (WB Electronic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\infusb.sys -- (INFUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\URLSearchHook: {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-343818398-746137067-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.14 13:28:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.11 18:29:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.11 18:00:05 | 000,000,000 | ---D | M]
[2009.12.11 12:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2009.12.11 12:39:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.12 15:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\extensions
[2010.09.09 10:37:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.02.08 08:04:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\searchplugins\icqplugin-1.xml
[2008.11.18 13:56:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\p3akubll.default\searchplugins\icqplugin.xml
[2011.02.12 15:21:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.05.14 06:09:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.11 08:23:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.12.09 11:29:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.26 10:30:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\P3AKUBLL.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2009.11.03 14:31:58 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.11.01 17:26:47 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.11.01 17:26:47 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.11.01 17:26:47 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.11.01 17:26:47 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.11.01 17:26:47 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.11.04 11:15:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKU\S-1-5-21-343818398-746137067-725345543-1004\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [00PCTFW] C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe (PC Tools)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe (HP)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [PVR Agent] C:\Program Files\MSI\TV@Anywhere Plus\TVR\Scheduled.exe (MSI)
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-343818398-746137067-725345543-1004..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-343818398-746137067-725345543-1004..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TV Remote Control.lnk = C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe (Kworld Computer Co., Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.1
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (60812205720862720)
========== Files/Folders - Created Within 30 Days ==========
[2011.02.11 18:28:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.02.11 18:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.02.11 17:47:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.02.11 15:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2011.02.11 15:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.02.11 11:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Canon MG5100 series
[2011.02.11 11:28:33 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2011.02.11 11:28:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.02.11 11:28:14 | 000,290,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMAD.DLL
[2011.02.11 11:25:59 | 001,335,296 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100C.dll
[2011.02.11 11:25:59 | 000,307,200 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100L.dll
[2011.02.11 11:25:59 | 000,114,688 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100I.dll
[2011.02.11 11:25:59 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNC5100U.dll
[2011.02.11 11:25:59 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNHMCA.dll
[2011.02.10 08:44:37 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Admin\Recent
[2011.02.10 08:42:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2011.02.10 08:42:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.01.26 13:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\JDownloader
[2011.01.26 13:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader
[2011.01.23 09:35:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\MioMore Desktop
[2011.01.23 09:35:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mio Technology
[2011.01.23 09:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync
[2011.01.21 15:44:07 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011.01.19 15:20:51 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2011.01.14 08:34:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Nabídka Start\Programy\StrongDC++
[2011.01.14 08:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\StrongDC++
[2009.02.24 09:13:56 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009.02.24 09:13:56 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009.02.24 09:13:56 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2008.11.08 16:42:29 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2011.02.12 17:18:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.12 17:00:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
[2011.02.12 16:48:33 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.12 16:48:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.02.11 18:29:10 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2011.02.11 18:19:14 | 003,533,032 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.11 14:48:23 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.02.11 14:32:35 | 000,002,708 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.02.10 13:27:08 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.02.10 08:47:51 | 000,015,466 | ---- | M] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20110210_084718.reg
[2011.02.10 08:42:43 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.02.08 09:36:23 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.04 14:42:05 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.26 13:45:01 | 000,000,746 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\JDownloader.lnk
[2011.01.23 09:38:20 | 000,002,528 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\$_hpcst$.hpc
[2011.01.23 09:35:40 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MioMore Desktop.lnk
[2011.01.21 15:44:07 | 008,466,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2011.01.21 15:44:07 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shimgvw.dll
[2011.01.18 13:28:00 | 000,000,096 | ---- | M] () -- C:\Documents and Settings\Admin\default.pls
[2011.01.17 18:39:14 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.01.14 08:37:01 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Zástupce (2) - StrongDC.lnk
========== Files Created - No Company Name ==========
[2011.02.11 18:26:03 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader X.lnk
[2011.02.11 18:26:02 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader X.lnk
[2011.02.11 11:25:59 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\CNC1748D.TBL
[2011.02.10 08:47:35 | 000,015,466 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\cc_20110210_084718.reg
[2011.02.10 08:42:43 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2011.01.26 13:45:01 | 000,000,746 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\JDownloader.lnk
[2011.01.23 09:38:20 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\$_hpcst$.hpc
[2011.01.23 09:35:18 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MioMore Desktop.lnk
[2011.01.23 09:34:37 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft ActiveSync.lnk
[2011.01.14 08:37:01 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Zástupce (2) - StrongDC.lnk
[2010.11.20 17:08:09 | 000,000,149 | ---- | C] () -- C:\WINDOWS\polite.ini
[2010.10.19 14:51:19 | 000,841,048 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.11.05 16:31:05 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.11.05 16:31:04 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009.11.05 16:30:59 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.11.05 16:30:59 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.11.05 16:30:54 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.07.26 16:32:15 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2009.07.22 13:46:36 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.02.24 09:14:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009.02.24 09:14:00 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009.02.24 09:13:58 | 000,331,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009.01.28 14:13:37 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\vso_ts_preview.xml
[2009.01.27 18:08:09 | 000,000,082 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\FASTWiz.log
[2009.01.01 19:00:43 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.11.17 13:22:51 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.08 16:42:33 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.log
[2008.11.08 16:42:29 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2008.11.08 16:42:29 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.cat
[2008.11.08 16:42:29 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\pcouffin.inf
[2008.11.06 17:34:08 | 000,003,082 | ---- | C] () -- C:\WINDOWS\System32\affv208325p1now.sys
[2008.11.06 16:25:54 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.06 16:03:43 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.11.06 12:48:43 | 000,002,708 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.11.06 12:33:23 | 000,002,986 | ---- | C] () -- C:\WINDOWS\TVP3XDrv.ini
[2008.11.06 12:02:14 | 000,007,347 | ---- | C] () -- C:\WINDOWS\hpdj5100.ini
[2008.11.06 12:01:43 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2008.11.05 09:32:08 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.05 09:08:48 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2008.11.05 09:08:43 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2008.11.05 09:01:08 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.06.29 19:48:48 | 000,311,128 | ---- | C] () -- C:\WINDOWS\System32\libssl32.dll
[2008.06.29 19:48:46 | 001,526,468 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008.05.26 21:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 21:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 21:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.12.22 14:40:06 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
========== LOP Check ==========
[2010.10.22 08:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ashampoo
[2009.11.19 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ConMet
[2008.11.08 17:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ESET
[2008.12.11 10:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2009.09.16 15:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\MetaProducts
[2010.11.05 15:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PCToolsFirewallPlus
[2009.12.11 12:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2008.11.06 15:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
[2010.07.02 11:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2010.12.14 13:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2009.07.26 15:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2009.07.22 13:55:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.09.16 10:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.07.02 12:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2011.02.11 11:28:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2010.11.04 10:42:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
[2009.11.19 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2008.11.08 17:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2011.02.11 15:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2008.12.11 09:58:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.11.08 15:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MailFrontier
[2008.11.08 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2011.02.11 17:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2010.10.22 11:46:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
[2011.02.12 16:48:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2008.11.08 14:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.01.17 13:09:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2009.02.13 10:20:10 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2010.06.10 14:30:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2010.07.02 10:55:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2011.02.12 17:00:00 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"NBJ" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" -- [2005.07.14 21:35:42 | 001,961,984 | ---- | M] (Ahead Software AG)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.11 18:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2008.11.08 16:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ahead
[2010.10.22 08:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ashampoo
[2009.11.19 20:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ConMet
[2008.11.06 14:38:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DivX
[2008.11.08 17:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ESET
[2009.01.21 21:16:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Google
[2008.12.11 10:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2008.11.05 08:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2008.11.06 17:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2008.11.08 14:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2011.02.10 09:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Media Player Classic
[2009.09.16 15:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\MetaProducts
[2011.02.11 18:26:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2008.11.05 09:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2010.11.05 15:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PCToolsFirewallPlus
[2011.02.10 14:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Skype
[2011.02.10 13:27:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\skypePM
[2009.11.03 14:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2009.12.11 12:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Thunderbird
[2008.11.06 15:47:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TuneUp Software
[2010.07.02 11:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Uniblue
[2010.12.14 13:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Vso
[2009.07.26 15:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2008.11.05 09:20:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.01.28 14:52:26 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\inst.exe
[2010.06.10 14:30:26 | 005,037,504 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Admin\Data aplikací\Uniblue\Registry Booster2\RB_Setup_6_10_2010.exe
[2010.08.04 14:18:50 | 005,125,664 | ---- | M] (Uniblue Systems Ltd ) -- C:\Documents and Settings\Admin\Data aplikací\Uniblue\RegistryBooster\_temp\ub.exe
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2009.07.26 14:58:21 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\explorer.exe
[2009.07.26 14:58:21 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\hal.dll
[2006.03.02 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9425B72F40257B45D45D24773273DAD0 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9425B72F40257B45D45D24773273DAD0 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=ACCF5A9A1FFAA490F33DBA1C632B95E1 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=ACCF5A9A1FFAA490F33DBA1C632B95E1 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.11.05 08:59:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.11.05 08:59:10 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.11.05 08:59:10 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.02.11 18:19:14 | 003,533,032 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.02.09 20:18:32 | 037,443,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:C31F31E6
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:010ADD2C
< End of report >
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
OTL Extras logfile created on: 12.2.2011 17:29:10 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = D:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 70,85 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 176,07 Gb Free Space | 87,85% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 75,84 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Computer Name: NIEMCZYK-AB5D32 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\StrongDC.exe" = D:\StrongDC.exe:*:Enabled:StrongDC++
"D:\DC strong\StrongDC.exe" = D:\DC strong\StrongDC.exe:*:Enabled:StrongDC++
"D:\STAHOVANI\DC strong\StrongDC.exe" = D:\STAHOVANI\DC strong\StrongDC.exe:*:Enabled:StrongDC++
"D:\sdc230\StrongDC.exe" = D:\sdc230\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"D:\SBCL_by_PLFF_TEAM-31.12.2009\SBCL v1.1b.exe" = D:\SBCL_by_PLFF_TEAM-31.12.2009\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b
"D:\SBCL Open C+NHL 19 2E Irdeto 2 & SCt 13E\SBCL v1.1b.exe" = D:\SBCL Open C+NHL 19 2E Irdeto 2 & SCt 13E\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b
"C:\Documents and Settings\Admin\Local Settings\Temp\7zO8B8.tmp\SBCL v1.0i.exe" = C:\Documents and Settings\Admin\Local Settings\Temp\7zO8B8.tmp\SBCL v1.0i.exe:*:Enabled:SBCL v1.0i
"D:\sdc230\sdc240-32\StrongDC.exe" = D:\sdc230\sdc240-32\StrongDC.exe:*:Enabled:StrongDC++
"D:\sdc230\StrongDC++\StrongDC.exe" = D:\sdc230\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 23
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{477AB148-138C-46D2-820B-0DBFA744CEE8}" = TV@Anywhere Utilities
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B893587-00A8-4A4E-83F0-8AFA7BFC7C1A}" = TV@Anywhere Plus
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.107
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{862546CA-19C6-4D42-A6EB-352820682FA3}" = VideoCAM Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD6A498E-0FF5-49CE-A70C-2D342E68E709}" = MioMore Desktop
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}" = hp deskjet 5100
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"AVI FourCC CZ_is1" = AVI FourCC 1.0 CZ
"CCleaner" = CCleaner
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00
"Hollywood FX 5" = Pinnacle Hollywood FX 5
"hp print screen utility" = hp print screen utility
"ie8" = Windows Internet Explorer 8
"Infinity USB_is1" = Infinity USB 1.35
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full)
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI8624Drv" = MSI 8624 Video Capture
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = NeroVision Express 3
"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"StrongDC++" = StrongDC++ 2.41
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.1.2011 9:56:46 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:46:843] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:48 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:48:906] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:50 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:50:968] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:53 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:53:046] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:55 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:55:140] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:57 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:57:203] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:59 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:59:265] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:57:01 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:57:01:359] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 31.1.2011 6:01:10 | Computer Name = NIEMCZYK-AB5D32 | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.5721.5145, chybující modul
ntdll.dll, verze 5.1.2600.5755, adresa chyby 0x0001a5f3.
Error - 3.2.2011 5:47:01 | Computer Name = NIEMCZYK-AB5D32 | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8328.0, stamp 4c717ed1,
faulting module mso.dll, version 11.0.8329.0, stamp 4ca4ea46, debug? 0, fault address
0x0030607a.
[ System Events ]
Error - 9.2.2011 9:29:39 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:42 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:45 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:48 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:52 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:55 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:58 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:30:01 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:30:04 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 12.2.2011 11:03:38 | Computer Name = NIEMCZYK-AB5D32 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}
[ TuneUp Events ]
Error - 25.2.2009 4:57:02 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 25.2.2009 4:57:37 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 25.2.2009 4:57:42 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:16 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:36 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:41 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:46 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 7.7.2009 3:36:08 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 7.7.2009 3:36:33 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 7.7.2009 3:36:43 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
OTL by OldTimer - Version 3.2.20.6 Folder = D:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 70,85 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
Drive D: | 200,43 Gb Total Space | 176,07 Gb Free Space | 87,85% Space Free | Partition Type: NTFS
Drive F: | 111,78 Gb Total Space | 75,84 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Computer Name: NIEMCZYK-AB5D32 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-343818398-746137067-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\StrongDC.exe" = D:\StrongDC.exe:*:Enabled:StrongDC++
"D:\DC strong\StrongDC.exe" = D:\DC strong\StrongDC.exe:*:Enabled:StrongDC++
"D:\STAHOVANI\DC strong\StrongDC.exe" = D:\STAHOVANI\DC strong\StrongDC.exe:*:Enabled:StrongDC++
"D:\sdc230\StrongDC.exe" = D:\sdc230\StrongDC.exe:*:Enabled:StrongDC++ -- ()
"D:\SBCL_by_PLFF_TEAM-31.12.2009\SBCL v1.1b.exe" = D:\SBCL_by_PLFF_TEAM-31.12.2009\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b
"D:\SBCL Open C+NHL 19 2E Irdeto 2 & SCt 13E\SBCL v1.1b.exe" = D:\SBCL Open C+NHL 19 2E Irdeto 2 & SCt 13E\SBCL v1.1b.exe:*:Enabled:SBCL v1.1b
"C:\Documents and Settings\Admin\Local Settings\Temp\7zO8B8.tmp\SBCL v1.0i.exe" = C:\Documents and Settings\Admin\Local Settings\Temp\7zO8B8.tmp\SBCL v1.0i.exe:*:Enabled:SBCL v1.0i
"D:\sdc230\sdc240-32\StrongDC.exe" = D:\sdc230\sdc240-32\StrongDC.exe:*:Enabled:StrongDC++
"D:\sdc230\StrongDC++\StrongDC.exe" = D:\sdc230\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 23
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{477AB148-138C-46D2-820B-0DBFA744CEE8}" = TV@Anywhere Utilities
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5B893587-00A8-4A4E-83F0-8AFA7BFC7C1A}" = TV@Anywhere Plus
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.107
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{862546CA-19C6-4D42-A6EB-352820682FA3}" = VideoCAM Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Czech
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD6A498E-0FF5-49CE-A70C-2D342E68E709}" = MioMore Desktop
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E0828692-FD9D-459F-9312-C645C3CA6650}" = HP Photo and Imaging 2.0 - Deskjet Series
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}" = hp deskjet 5100
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer
"ATI Display Driver" = ATI Display Driver
"avast5" = avast! Free Antivirus
"AVI FourCC CZ_is1" = AVI FourCC 1.0 CZ
"CCleaner" = CCleaner
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy CD-DA Extractor 11" = Easy CD-DA Extractor 11
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.00
"Hollywood FX 5" = Pinnacle Hollywood FX 5
"hp print screen utility" = hp print screen utility
"ie8" = Windows Internet Explorer 8
"Infinity USB_is1" = Infinity USB 1.35
"JDownloader" = JDownloader
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full)
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI8624Drv" = MSI 8624 Video Capture
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NeroVision!UninstallKey" = NeroVision Express 3
"PC Tools Firewall Plus" = PC Tools Firewall Plus 6.0
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"StrongDC++" = StrongDC++ 2.41
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.1.2011 9:56:46 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:46:843] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:48 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:48:906] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:50 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:50:968] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:53 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:53:046] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:55 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:55:140] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:57 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:57:203] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:56:59 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:56:59:265] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 23.1.2011 9:57:01 | Computer Name = NIEMCZYK-AB5D32 | Source = DeviceLink | ID = 13
Description = [14:57:01:359] [TransAgentRapi] [ipaqdevice.dll] [MapDeviceConnect]
Device DLL error occurred [1460] [Daná operace se vrátila, protože vypršel časový
limit.]
Error - 31.1.2011 6:01:10 | Computer Name = NIEMCZYK-AB5D32 | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.5721.5145, chybující modul
ntdll.dll, verze 5.1.2600.5755, adresa chyby 0x0001a5f3.
Error - 3.2.2011 5:47:01 | Computer Name = NIEMCZYK-AB5D32 | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application winword.exe, version 11.0.8328.0, stamp 4c717ed1,
faulting module mso.dll, version 11.0.8329.0, stamp 4ca4ea46, debug? 0, fault address
0x0030607a.
[ System Events ]
Error - 9.2.2011 9:29:39 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:42 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:45 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:48 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:52 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:55 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:29:58 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:30:01 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 9.2.2011 9:30:04 | Computer Name = NIEMCZYK-AB5D32 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 12.2.2011 11:03:38 | Computer Name = NIEMCZYK-AB5D32 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}
[ TuneUp Events ]
Error - 25.2.2009 4:57:02 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 25.2.2009 4:57:37 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 25.2.2009 4:57:42 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:16 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:36 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:41 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 30.4.2009 3:26:46 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 7.7.2009 3:36:08 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 7.7.2009 3:36:33 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 7.7.2009 3:36:43 | Computer Name = NIEMCZYK-AB5D32 | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
Re: prosim o kontrolu logu
V logu už něco vidím, mrknu na to pak pořádně, ale něco se mi nezdá s diskem.
Kolik máte disků? Hledám pravděpodobně první disk oddíl D, ale prověřte raději všechny disky
stáhněte
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená
Kolik máte disků? Hledám pravděpodobně první disk oddíl D, ale prověřte raději všechny disky
stáhnětehttp://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
----------------------------------------------------------------------------
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2011/02/13 17:53:28
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVD-RAM GSA-H58N
+ Intel(R) 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA]
+ Primární kanál IDE (0)
- WDC WD3200AAKS-00B3A0
+ Sekundární kanál IDE (1)
- WDC WD1200JS-00MHB0
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200AAKS-00B3A0 : 320.0 GB [0-1-0, pd1]
(2) WDC WD1200JS-00MHB0 : 120.0 GB [1-2-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200AAKS-00B3A0
----------------------------------------------------------------------------
Model : WDC WD3200AAKS-00B3A0
Firmware : 01.03A01
Serial Number : WD-WCAT13803793
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 2463 hod.
Power On Count : 1409 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 152 151 _21 000000000D3F Čas na roztočení ploten
04 _99 _99 __0 000000000584 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _97 _97 __0 00000000099F Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000581 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000046 Počet vypnutí disku
C1 200 200 __0 000000000584 Počet cyklů načítání/vymazání
C2 109 _94 __0 000000000022 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 __1 __0 000000000F55 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 54
020: 31 33 38 30 33 37 39 33 00 00 80 00 00 32 30 31
030: 2E 30 33 41 30 31 57 44 43 20 57 44 33 32 30 30
040: 41 41 4B 53 2D 30 30 42 33 41 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 20 7F 00 1F 00 1F 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 AB E6 E9 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9F 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E A5
----------------------------------------------------------------------------
(2) WDC WD1200JS-00MHB0
----------------------------------------------------------------------------
Model : WDC WD1200JS-00MHB0
Firmware : 02.01C03
Serial Number : WD-WMANP1095878
Disk Size : 120.0 GB (8.4/120.0/120.0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 234441648
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 2400 hod.
Power On Count : 1376 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 203 200 _21 000000000B19 Čas na roztočení ploten
04 _99 _99 __0 000000000560 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _97 _97 __0 000000000960 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000560 Počet cyklů zapnutí zařízení
BE _64 _45 _45 000000000024 Teplota toku vzduchu
C2 111 _92 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 4E
020: 50 31 30 39 35 38 37 38 00 00 40 00 00 32 30 32
030: 2E 30 31 43 30 33 57 44 43 20 57 44 31 32 30 30
040: 4A 53 2D 30 30 4D 48 42 30 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 4B B0 0D F9 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 06 06 00 00 00 40 00 40
0A0: 00 FE 00 00 74 6B 7F 61 40 23 74 69 3C 41 40 23
0B0: 20 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 4B B0 0D F9 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 16 63 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8C A5
CrystalDiskInfo 3.10.0 (C) 2008-2010 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2011/02/13 17:53:28
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVD-RAM GSA-H58N
+ Intel(R) 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA]
+ Primární kanál IDE (0)
- WDC WD3200AAKS-00B3A0
+ Sekundární kanál IDE (1)
- WDC WD1200JS-00MHB0
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200AAKS-00B3A0 : 320.0 GB [0-1-0, pd1]
(2) WDC WD1200JS-00MHB0 : 120.0 GB [1-2-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200AAKS-00B3A0
----------------------------------------------------------------------------
Model : WDC WD3200AAKS-00B3A0
Firmware : 01.03A01
Serial Number : WD-WCAT13803793
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 2463 hod.
Power On Count : 1409 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 152 151 _21 000000000D3F Čas na roztočení ploten
04 _99 _99 __0 000000000584 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _97 _97 __0 00000000099F Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000581 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000046 Počet vypnutí disku
C1 200 200 __0 000000000584 Počet cyklů načítání/vymazání
C2 109 _94 __0 000000000022 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 __1 __0 000000000F55 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 43 41 54
020: 31 33 38 30 33 37 39 33 00 00 80 00 00 32 30 31
030: 2E 30 33 41 30 31 57 44 43 20 57 44 33 32 30 30
040: 41 41 4B 53 2D 30 30 42 33 41 30 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 01 FE 00 00 74 6B 7F 61 41 23 74 69 BC 41 41 23
0B0: 20 7F 00 1F 00 1F 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 50 01 4E E1 AB E6 E9 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 10
0F0: 40 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 9F 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 30 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 10 0E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1E A5
----------------------------------------------------------------------------
(2) WDC WD1200JS-00MHB0
----------------------------------------------------------------------------
Model : WDC WD1200JS-00MHB0
Firmware : 02.01C03
Serial Number : WD-WMANP1095878
Disk Size : 120.0 GB (8.4/120.0/120.0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 234441648
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 2400 hod.
Power On Count : 1376 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 203 200 _21 000000000B19 Čas na roztočení ploten
04 _99 _99 __0 000000000560 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _97 _97 __0 000000000960 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000560 Počet cyklů zapnutí zařízení
BE _64 _45 _45 000000000024 Teplota toku vzduchu
C2 111 _92 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 4E
020: 50 31 30 39 35 38 37 38 00 00 40 00 00 32 30 32
030: 2E 30 31 43 30 33 57 44 43 20 57 44 31 32 30 30
040: 4A 53 2D 30 30 4D 48 42 30 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 4B B0 0D F9 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 06 06 00 00 00 40 00 40
0A0: 00 FE 00 00 74 6B 7F 61 40 23 74 69 3C 41 40 23
0B0: 20 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 4B B0 0D F9 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 16 63 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8C A5
-
edvard1962
- Návštěvník
- Příspěvky: 47
- Registrován: 09 říj 2007 09:05
Re: prosim o kontrolu logu
žádna polička červeny vse zeleny Děkuji
Re: prosim o kontrolu logu
U tohoto disku (1) WDC WD3200AAKS-00B3A0 : 320.0 GB [0-1-0, pd1] zkuste vyměnit datový kabel.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?