Prosím o kontrolu logu a děkuji
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubik at 2011-04-04 23:02:13
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 45 GB (19%) free of 238 GB
Total RAM: 2039 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:02:19, on 4.4.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Kubik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GoogleDownload] C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; Media Center PC 5.0; InfoPath.2; .NET CLR 3.0.30729)" -"http://www.1000her.cz/loading/loading.p ... &admedia=1"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10852 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe"
"C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
"C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
"C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" -Embedding
"C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2100 series#1278442673" -Startup
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{C0DFE87E-8143-484E-89F3-53B69B3CA2A8}
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe" SignatureUpdate -ScheduleJob -RestrictPrivileges -Reinvoke
"c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe" SignaturesUpdateService -ScheduleJob -UnmanagedUpdate
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
C:\Windows\system32\svchost.exe -k netsvcs
taskeng.exe {5169446E-5128-4D21-A882-3446A6361537}
taskeng.exe {ED97AC40-8444-4B97-B45E-C108CD7DEBDF}
taskeng.exe {B5DE9227-1A70-404B-8323-3C8267EF9DDE}
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:460 CREDAT:71937
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:460 CREDAT:203009
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe13_ Global\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_s-1-5-21-1107261835-2622062634-3731929966-100014_ Global\UsGthrCtrlFltPipeMssGthrPipe_s-1-5-21-1107261835-2622062634-3731929966-100014 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 684 688 696 65536 692
"C:\Users\Kubik\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Program Files (x86)\Power Video Converter\msdxm.ocx [2000-04-20 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 138264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 203800]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 168472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-26 15026056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-31 468408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2009-03-09 37888]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"Symantec PIF AlertEng"=C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2009-07-02 198160]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-10 932288]
"GoogleDownload"=C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe [2011-02-23 49225]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-04 22:49:03 ----D---- C:\Program Files\trend micro
2011-04-04 22:49:02 ----D---- C:\rsit
2011-04-04 21:41:53 ----D---- C:\Windows\Registration
2011-04-03 22:19:50 ----D---- C:\Users\Kubik\AppData\Roaming\MagicIndie
2011-04-03 19:41:06 ----D---- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
2011-03-31 18:29:58 ----D---- C:\Users\Kubik\AppData\Roaming\PlayPond
2011-03-31 18:28:33 ----D---- C:\Program Files (x86)\Mystery Legends Phantom of the Opera
2011-03-25 17:39:16 ----D---- C:\ProgramData\Venus DS
2011-03-24 14:11:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-24 14:11:23 ----A---- C:\Windows\system32\FntCache.dll
2011-03-24 14:11:22 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-03-24 14:11:22 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-03-24 14:11:22 ----A---- C:\Windows\system32\DWrite.dll
2011-03-22 17:19:22 ----D---- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\java.exe
2011-03-19 18:13:25 ----D---- C:\ProgramData\McAfee
2011-03-13 17:10:49 ----D---- C:\Users\Kubik\AppData\Roaming\margrave3_full
2011-03-12 15:35:47 ----D---- C:\Users\Kubik\AppData\Roaming\Elephant Games
2011-03-12 15:35:47 ----D---- C:\ProgramData\Elephant Games
2011-03-09 21:18:09 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 21:18:08 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-03-09 21:18:08 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-03-09 21:18:08 ----A---- C:\Windows\system32\mstsc.exe
2011-03-09 21:18:05 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-03-09 21:18:05 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-03-09 21:18:05 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 21:18:05 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 21:18:04 ----A---- C:\Windows\SYSWOW64\sbeio.dll
2011-03-09 21:18:04 ----A---- C:\Windows\system32\sbeio.dll
2011-03-05 10:27:31 ----D---- C:\BigFishGamesCache
======List of files/folders modified in the last 1 months======
2011-04-04 23:02:10 ----D---- C:\Windows\Temp
2011-04-04 22:57:35 ----D---- C:\Users\Kubik\AppData\Roaming\uTorrent
2011-04-04 22:55:38 ----D---- C:\Windows\system32\Tasks
2011-04-04 22:53:43 ----D---- C:\Windows\Prefetch
2011-04-04 22:53:14 ----D---- C:\games
2011-04-04 22:49:03 ----RD---- C:\Program Files
2011-04-04 22:48:52 ----D---- C:\Users\Kubik\AppData\Roaming\Skype
2011-04-04 22:38:06 ----D---- C:\Windows\System32
2011-04-04 22:38:06 ----D---- C:\Windows\inf
2011-04-04 22:38:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-04 22:28:02 ----D---- C:\Program Files (x86)\Games
2011-04-04 22:12:14 ----D---- C:\Windows\Minidump
2011-04-04 22:12:10 ----D---- C:\Windows
2011-04-04 21:42:59 ----D---- C:\Windows\system32\wbem
2011-04-04 20:36:37 ----D---- C:\Windows\system32\Msdtc
2011-04-04 20:27:21 ----D---- C:\Windows\system32\config
2011-04-04 20:27:09 ----D---- C:\Windows\Tasks
2011-04-04 20:27:09 ----D---- C:\Windows\system32\spool
2011-04-04 20:27:09 ----D---- C:\Windows\system32\catroot2
2011-04-04 20:27:09 ----D---- C:\Users\Kubik\AppData\Roaming\GHISLER
2011-04-04 20:27:08 ----RD---- C:\Program Files (x86)
2011-04-04 20:27:08 ----D---- C:\ProgramData\HP Product Assistant
2011-04-04 20:24:41 ----SHD---- C:\System Volume Information
2011-04-04 20:14:56 ----D---- C:\Users\Kubik\AppData\Roaming\skypePM
2011-04-04 19:06:04 ----AD---- C:\ProgramData\TEMP
2011-03-28 18:20:50 ----D---- C:\Users\Kubik\AppData\Roaming\Artogon
2011-03-27 19:35:04 ----D---- C:\Windows\system32\drivers
2011-03-27 15:37:11 ----SD---- C:\Users\Kubik\AppData\Roaming\Microsoft
2011-03-25 17:39:16 ----HD---- C:\ProgramData
2011-03-24 16:05:45 ----D---- C:\Windows\rescache
2011-03-24 15:48:51 ----D---- C:\Windows\SysWOW64
2011-03-24 15:13:31 ----D---- C:\Windows\winsxs
2011-03-24 15:12:49 ----D---- C:\Windows\system32\catroot
2011-03-19 22:23:17 ----D---- C:\Users\Kubik\AppData\Roaming\PrimoPDF
2011-03-19 18:16:16 ----SHD---- C:\Windows\Installer
2011-03-19 18:16:14 ----D---- C:\Program Files (x86)\Common Files
2011-03-19 18:15:28 ----D---- C:\Program Files (x86)\Java
2011-03-19 11:20:28 ----D---- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
2011-03-19 10:28:59 ----D---- C:\Program Files (x86)\MyPlayCity.com
2011-03-18 17:14:26 ----D---- C:\Users\Kubik\AppData\Roaming\SolSuite
2011-03-17 19:06:42 ----D---- C:\Users\Kubik\AppData\Roaming\PlayFirst
2011-03-17 19:06:42 ----D---- C:\ProgramData\PlayFirst
2011-03-13 19:53:48 ----D---- C:\Windows\Debug
2011-03-10 00:20:03 ----A---- C:\Windows\system32\mrt.exe
2011-03-10 00:19:53 ----D---- C:\ProgramData\Microsoft Help
2011-03-05 20:16:43 ----D---- C:\Users\Kubik\AppData\Roaming\Friday's games
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-03 834544]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-08-27 310728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-12 42696]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2008-02-11 7709056]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-11-29 28208]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-15 82816]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2006-10-03 51200]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 a1m0p906;a1m0p906; C:\Windows\system32\drivers\a1m0p906.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 145408]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 42496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd64.sys [2008-02-11 7709056]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 108544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
R3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-19 135664]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 LiveUpdate;LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim a pekny vecer preji 
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Tak tady jsou
Extras
OTL Extras logfile created on: 4.4.2011 23:18:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kubik\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 43,75 Gb Free Space | 18,79% Space Free | Partition Type: NTFS
Computer Name: KUBIK-PC | User Name: Kubik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = B4 03 26 3A D9 C5 C9 01 [binary data]
"VistaSp2" = 53 51 1F 71 E5 41 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A596120-0C87-4137-A99A-F77E87102B78}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{31B1E607-7DFA-4524-B139-88314C327CDD}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4682D570-E2F2-4B59-BEF4-CA5F5C27982E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4D082E76-3355-40C1-AA97-E0D624EDA6BD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{706B913D-3C96-4603-928B-EA7D22E85F4D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7C0FFDD3-B5FA-4F72-997C-24AF61A2F013}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9DEC52A0-18C6-4C15-B6FE-E69BCC4C4B68}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A48CA877-2616-46BE-B910-39174A3ABF35}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B619B84B-40EF-4DEC-840C-55C310F2503F}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{BEF28342-D209-4796-BE19-56FF7584372F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{C54E7A37-A28E-438F-AA80-8636DC217AD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{FEAF9250-09B8-4898-802B-5F5677991350}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"TCP Query User{4BA1A283-64F9-45B4-AB9B-CBF80A5058C6}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{5118ECA4-4604-4F08-BBC9-BAE3D059DBD9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{5E5D5FBF-D746-4E84-A176-F77193694F46}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{62F2AF26-97C4-4C4E-A24B-429AD5613B5D}C:\program files (x86)\gretech\gomplayer\gom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomplayer\gom.exe |
"TCP Query User{745AD0D9-CDF6-4867-A099-7A724F8C5480}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{BF9590A1-2E17-4403-B32D-08EF21CF2042}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FDA47113-1467-4680-B544-392D1202842B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{0982EC64-9950-4769-8A80-509E467D623F}C:\program files (x86)\gretech\gomplayer\gom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomplayer\gom.exe |
"UDP Query User{1A1B78CB-6526-4449-882E-85F8BC49B2D9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{1EC71ACD-C9D8-46AD-A85F-5963797ED3B8}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{68F8E007-8952-4511-B890-5C821CCBB036}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{73467609-EFF9-456F-ADDB-7160EA20E77D}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{BBC8576D-D241-4EF0-94F8-F09D37E43F66}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{CAC93855-DFF4-43EC-910E-6880FFE50762}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client CS-CZ Language Pack
"CCleaner" = CCleaner
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4186FEBC-F0CC-4185-A406-24292BC9877A}" = Nokia Software Updater
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47A0A80F-8DC0-43EB-B9B4-36FD86979DF7}" = Nokia Connectivity Cable Driver
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.3.139
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81B2907E-0F93-4217-8840-A217EF59A244}" = PC Connectivity Solution
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{892994D3-5963-4877-A8DB-629607E8E928}" = 602XML Filler
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3FD0CA9-884F-4525-97B8-0AE6179302E6}" = F2100
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B166816C-68B2-442B-8AAD-B093F5EB40EF}" = Sigma
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.3
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BE282C23-5484-47FF-B2C1-EBEA5C891029}" = Nero 8 Trial
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CDC7BEC8-D631-4e36-81D7-FC3689209AA6}" = F2100_Help
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BFGC" = Big Fish Games: Game Manager
"CD/DVD Data Recovery_is1" = CD/DVD Data Recovery version 1.11
"CDex" = CDex extraction audio
"Enigma" = Enigma
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FSCZ_is1" = FORM studio
"GOM Player" = GOM Player
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"GUMBOY: CRAZY ADVENTURES_is1" = GUMBOY: CRAZY ADVENTURES 1.24
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Mesto zabavy" = Mesto zabavy
"Mistr kuchař 2" = Mistr kuchař 2
"Mview_0" = Mview 9.16 "C:\Program Files (x86)\misys_vw\"
"NemKalk7_is1" = NemKalk 7.0
"Nokia PC Suite" = Nokia PC Suite
"Peggle Deluxe" = Peggle Deluxe
"Peggle Nights" = Peggle Nights
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RasterStitch_is1" = RasterStitch 1.61
"RealPlayer 6.0" = RealPlayer
"Scorpions WinCheater 2.07 (s databází 118)_is1" = Scorpions WinCheater
"Scorpions WinCheater 2.07 (pouze program)_is1" = Scorpions WinCheater
"Shockwave" = Shockwave
"SolSuite_is1" = SolSuite 2010 v10.7
"Totalcmd" = Total Commander (Remove or Repair)
"Win32 Game Wizard" = Win32 Game Wizard
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4.4.2011 16:58:50 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:51 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:51 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:53 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:53 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:53 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
[ OSession Events ]
Error - 15.11.2009 13:23:21 | Computer Name = Kubik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 16570
seconds with 60 seconds of active time. This session ended with a crash.
Error - 19.1.2010 13:03:02 | Computer Name = Kubik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1312
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 4.4.2011 16:24:52 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:24:52 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:24:52 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:27:36 | Computer Name = Kubik-PC | Source = Service Control Manager | ID = 7032
Description =
Error - 4.4.2011 16:27:36 | Computer Name = Kubik-PC | Source = Service Control Manager | ID = 7032
Description =
Error - 4.4.2011 16:38:06 | Computer Name = Kubik-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report >
Extras
OTL Extras logfile created on: 4.4.2011 23:18:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kubik\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 43,75 Gb Free Space | 18,79% Space Free | Partition Type: NTFS
Computer Name: KUBIK-PC | User Name: Kubik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = B4 03 26 3A D9 C5 C9 01 [binary data]
"VistaSp2" = 53 51 1F 71 E5 41 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A596120-0C87-4137-A99A-F77E87102B78}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{31B1E607-7DFA-4524-B139-88314C327CDD}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4682D570-E2F2-4B59-BEF4-CA5F5C27982E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{4D082E76-3355-40C1-AA97-E0D624EDA6BD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{706B913D-3C96-4603-928B-EA7D22E85F4D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7C0FFDD3-B5FA-4F72-997C-24AF61A2F013}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9DEC52A0-18C6-4C15-B6FE-E69BCC4C4B68}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A48CA877-2616-46BE-B910-39174A3ABF35}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B619B84B-40EF-4DEC-840C-55C310F2503F}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{BEF28342-D209-4796-BE19-56FF7584372F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{C54E7A37-A28E-438F-AA80-8636DC217AD0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{FEAF9250-09B8-4898-802B-5F5677991350}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"TCP Query User{4BA1A283-64F9-45B4-AB9B-CBF80A5058C6}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{5118ECA4-4604-4F08-BBC9-BAE3D059DBD9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{5E5D5FBF-D746-4E84-A176-F77193694F46}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{62F2AF26-97C4-4C4E-A24B-429AD5613B5D}C:\program files (x86)\gretech\gomplayer\gom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gretech\gomplayer\gom.exe |
"TCP Query User{745AD0D9-CDF6-4867-A099-7A724F8C5480}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{BF9590A1-2E17-4403-B32D-08EF21CF2042}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FDA47113-1467-4680-B544-392D1202842B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{0982EC64-9950-4769-8A80-509E467D623F}C:\program files (x86)\gretech\gomplayer\gom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gretech\gomplayer\gom.exe |
"UDP Query User{1A1B78CB-6526-4449-882E-85F8BC49B2D9}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{1EC71ACD-C9D8-46AD-A85F-5963797ED3B8}C:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{68F8E007-8952-4511-B890-5C821CCBB036}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{73467609-EFF9-456F-ADDB-7160EA20E77D}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{BBC8576D-D241-4EF0-94F8-F09D37E43F66}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{CAC93855-DFF4-43EC-910E-6880FFE50762}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}" = Microsoft Antimalware Service CS-CZ Language Pack
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client CS-CZ Language Pack
"CCleaner" = CCleaner
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3D39E775-DDDA-4327-B747-0BDC5F191331}" = Nokia PC Suite
"{4186FEBC-F0CC-4185-A406-24292BC9877A}" = Nokia Software Updater
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47A0A80F-8DC0-43EB-B9B4-36FD86979DF7}" = Nokia Connectivity Cable Driver
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.3.139
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81B2907E-0F93-4217-8840-A217EF59A244}" = PC Connectivity Solution
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{892994D3-5963-4877-A8DB-629607E8E928}" = 602XML Filler
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3FD0CA9-884F-4525-97B8-0AE6179302E6}" = F2100
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B166816C-68B2-442B-8AAD-B093F5EB40EF}" = Sigma
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.3
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BE282C23-5484-47FF-B2C1-EBEA5C891029}" = Nero 8 Trial
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CDC7BEC8-D631-4e36-81D7-FC3689209AA6}" = F2100_Help
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVS Media Player_is1" = AVS Media Player 3.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BFGC" = Big Fish Games: Game Manager
"CD/DVD Data Recovery_is1" = CD/DVD Data Recovery version 1.11
"CDex" = CDex extraction audio
"Enigma" = Enigma
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FSCZ_is1" = FORM studio
"GOM Player" = GOM Player
"GTR Evolution_1.1.1.2_is1" = GTR Evolution
"GUMBOY: CRAZY ADVENTURES_is1" = GUMBOY: CRAZY ADVENTURES 1.24
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Mesto zabavy" = Mesto zabavy
"Mistr kuchař 2" = Mistr kuchař 2
"Mview_0" = Mview 9.16 "C:\Program Files (x86)\misys_vw\"
"NemKalk7_is1" = NemKalk 7.0
"Nokia PC Suite" = Nokia PC Suite
"Peggle Deluxe" = Peggle Deluxe
"Peggle Nights" = Peggle Nights
"PrimoPDF" = PrimoPDF -- by Nitro PDF Software
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RasterStitch_is1" = RasterStitch 1.61
"RealPlayer 6.0" = RealPlayer
"Scorpions WinCheater 2.07 (s databází 118)_is1" = Scorpions WinCheater
"Scorpions WinCheater 2.07 (pouze program)_is1" = Scorpions WinCheater
"Shockwave" = Shockwave
"SolSuite_is1" = SolSuite 2010 v10.7
"Totalcmd" = Total Commander (Remove or Repair)
"Win32 Game Wizard" = Win32 Game Wizard
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 4.4.2011 16:58:50 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:51 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:51 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:52 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:53 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:53 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4.4.2011 16:58:53 | Computer Name = Kubik-PC | Source = Windows Search Service | ID = 3013
Description =
[ OSession Events ]
Error - 15.11.2009 13:23:21 | Computer Name = Kubik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 16570
seconds with 60 seconds of active time. This session ended with a crash.
Error - 19.1.2010 13:03:02 | Computer Name = Kubik-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1312
seconds with 240 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 4.4.2011 16:24:52 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:24:52 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:24:52 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%800 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:26:31 | Computer Name = Kubik-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.97.813.0 Zdroj aktualizace: %%851 Fáze aktualizace:
%%852 Zdrojová cesta: http://go.microsoft.com/fwlink/?LinkID= ... 752CCA7094
Typ
podpisu: %%801 Typ aktualizace: %%803 Uživatel: Kubik-PC\Kubik Aktuální verze stroje:
Předchozí verze stroje: 1.1.6502.0 Kód chyby: 0x80072f76 Popis chyby: Požadované
záhlaví nebylo nalezeno.
Error - 4.4.2011 16:27:36 | Computer Name = Kubik-PC | Source = Service Control Manager | ID = 7032
Description =
Error - 4.4.2011 16:27:36 | Computer Name = Kubik-PC | Source = Service Control Manager | ID = 7032
Description =
Error - 4.4.2011 16:38:06 | Computer Name = Kubik-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report >
Re: Kontrola logu
OTL
OTL logfile created on: 4.4.2011 23:18:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kubik\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 43,75 Gb Free Space | 18,79% Space Free | Partition Type: NTFS
Computer Name: KUBIK-PC | User Name: Kubik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.04.04 23:16:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
PRC - [2011.03.22 17:18:20 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
PRC - [2011.02.23 01:05:12 | 000,049,225 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
PRC - [2011.02.20 14:40:17 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.07.02 22:50:54 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.03.09 17:49:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2008.02.28 17:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
========== Modules (SafeList) ==========
MOD - [2011.04.04 23:16:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.11.11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2008.01.19 10:06:50 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007.09.26 16:23:48 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010.10.24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.08.27 18:50:05 | 000,310,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.02.26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.01.12 18:55:55 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.11.03 23:36:22 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.05.15 21:28:20 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.04.11 07:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008.11.29 07:19:28 | 000,028,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.02.11 19:48:28 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008.02.11 19:48:28 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (ialm)
DRV:64bit: - [2007.04.20 13:40:10 | 000,873,216 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2006.10.03 04:13:44 | 000,051,200 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2009.12.30 15:24:13 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2004.05.13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.08.24 20:54:50 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx (Microsoft Corporation)
O3 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GoogleDownload] C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} http://plugin.fileopen.com/current/FileOpen.CAB (FoInstaller Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kubik\Dokumenty\Michal\Obrázky\DSC00265a.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kubik\Dokumenty\Michal\Obrázky\DSC00265a.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.30 15:59:50 | 000,000,073 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e7e75a8f-1ebb-11e0-8e0b-001d92604ed1}\Shell\AutoRun\command - "" = H:\PMBP_Win.exe
O34 - HKLM BootExecute: (autocheck autochk /r \??\E:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\SysWow64\alf2cd.acm (NCT Company)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\SysWow64\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\SysWow64\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: vidc.mp42 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2011.04.04 23:16:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
[2011.04.04 22:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.04 22:49:02 | 000,000,000 | ---D | C] -- C:\rsit
[2011.04.04 21:41:53 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2011.04.03 22:19:50 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\MagicIndie
[2011.04.03 19:41:06 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
[2011.03.31 18:29:58 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\PlayPond
[2011.03.31 18:28:48 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Legends Phantom of the Opera
[2011.03.31 18:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mystery Legends Phantom of the Opera
[2011.03.29 20:34:17 | 000,000,000 | ---D | C] -- C:\Users\Kubik\Desktop\thumbnails
[2011.03.29 20:34:17 | 000,000,000 | ---D | C] -- C:\Users\Kubik\Desktop\summary
[2010.04.14 13:26:20 | 256,958,203 | ---- | C] (Games ) -- C:\Users\Kubik\AppData\Roaming\TSFollowGhosts.exe
[2009.05.15 21:28:20 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Kubik\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.04.04 23:16:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
[2011.04.04 23:00:07 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2011.04.04 23:00:03 | 000,000,242 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2011.04.04 22:56:39 | 000,832,273 | ---- | M] () -- C:\Users\Kubik\Desktop\RSITx64.exe
[2011.04.04 22:48:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.04 22:38:06 | 001,424,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.04 22:38:06 | 000,609,332 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.04.04 22:38:06 | 000,597,898 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.04 22:38:06 | 000,118,912 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.04.04 22:38:06 | 000,104,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.04 22:26:41 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.04 22:12:52 | 000,003,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 22:12:52 | 000,003,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 22:12:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.04 22:12:12 | 2138,431,488 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.04 22:12:10 | 429,487,637 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.04 17:21:12 | 000,000,000 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\AVSMediaPlayer.m3u
[2011.03.31 20:57:03 | 000,002,613 | ---- | M] () -- C:\Users\Kubik\Desktop\Microsoft Office Excel 2007.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.04 22:56:38 | 000,832,273 | ---- | C] () -- C:\Users\Kubik\Desktop\RSITx64.exe
[2011.04.04 21:59:23 | 429,487,637 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.03.29 20:34:17 | 000,069,116 | ---- | C] () -- C:\Users\Kubik\Desktop\form.fo
[2011.02.24 19:25:21 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.02.23 01:05:12 | 000,049,225 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
[2011.02.12 20:49:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.02.01 23:31:51 | 001,420,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.25 20:29:40 | 000,019,599 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010.07.10 18:50:05 | 000,000,042 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.07.09 19:55:11 | 000,000,157 | ---- | C] () -- C:\Windows\disney.ini
[2010.04.14 13:32:36 | 000,000,041 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\url.bat
[2010.03.02 17:21:34 | 000,002,935 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010.02.19 19:45:39 | 000,000,066 | ---- | C] () -- C:\Windows\Power Video Converter.INI
[2010.02.15 22:05:14 | 000,000,000 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\AVSMediaPlayer.m3u
[2010.01.12 18:55:48 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.01.12 18:55:48 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.12.26 15:12:23 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2009.09.13 14:49:46 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.09.13 14:48:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.09.13 14:46:59 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.31 03:58:42 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009.07.02 22:53:28 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.07.02 22:51:46 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.06.29 00:06:14 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.05.27 22:46:45 | 000,000,680 | ---- | C] () -- C:\Users\Kubik\AppData\Local\d3d9caps.dat
[2009.05.19 22:14:33 | 000,158,119 | ---- | C] () -- C:\Windows\hpoins14.dat
[2009.05.15 21:30:14 | 000,000,668 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\vso_ts_preview.xml
[2009.05.15 21:28:20 | 000,099,384 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\inst.exe
[2009.05.15 21:28:20 | 000,007,859 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\pcouffin.cat
[2009.05.15 21:28:20 | 000,001,167 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\pcouffin.inf
[2009.05.10 16:54:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.05.03 16:03:51 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini
[2009.04.27 23:13:14 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009.04.23 15:04:23 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2009.04.15 19:03:19 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.14 18:19:18 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.04.14 17:47:49 | 000,030,208 | ---- | C] () -- C:\Users\Kubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.06 01:07:34 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2010.10.08 22:42:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\602XML
[2011.03.28 18:20:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Artogon
[2011.02.20 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Big Fish Games
[2009.11.06 18:52:59 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\DAEMON Tools Lite
[2010.07.09 19:55:32 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Disney Interactive
[2011.03.12 15:35:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Elephant Games
[2011.03.03 20:19:34 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Enigma
[2011.03.19 11:20:28 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
[2009.04.19 21:11:01 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FileOpen
[2011.02.06 16:43:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FloodLightGames
[2010.04.02 14:36:56 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FlyWheelGames
[2011.03.05 20:16:43 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Friday's games
[2010.08.27 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Games
[2011.04.04 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\GHISLER
[2011.02.24 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Ghost Ship Studios
[2011.04.03 19:41:06 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
[2011.01.09 12:06:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle
[2011.01.09 11:07:52 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle FaceCreator
[2009.08.19 23:28:11 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ICQ
[2010.01.12 19:17:30 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Kastner software
[2010.02.13 12:18:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MA
[2010.08.27 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic Academy
[2011.01.13 23:05:57 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic3
[2011.04.03 22:19:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MagicIndie
[2011.02.11 19:37:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MAI
[2011.03.13 19:50:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\margrave3_full
[2011.01.10 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Meridian93
[2011.01.09 23:00:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Merscom
[2010.11.21 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Nokia
[2010.11.21 22:05:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PC Suite
[2011.03.17 19:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayFirst
[2011.03.31 18:29:58 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayPond
[2010.07.10 10:08:36 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1001
[2010.07.10 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1005eni
[2011.03.19 22:23:17 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PrimoPDF
[2010.02.14 00:08:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Princess Isabella
[2010.09.27 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ProtectDISC
[2010.04.06 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Scholastic
[2010.12.14 20:42:39 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Shape games
[2011.03.18 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\SolSuite
[2010.02.12 17:01:16 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\TimeMachine
[2011.04.04 23:17:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\uTorrent
[2011.01.09 12:44:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\V-Games
[2011.03.22 17:19:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
[2010.02.14 14:26:49 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vso
[2011.02.13 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Špidla Data Processing, s.r.o
[2011.04.04 22:25:34 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.04 23:00:07 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2011.04.04 23:00:03 | 000,000,242 | -H-- | M] () -- C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 09:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.02.28 17:07:58 | 001,828,136 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.01.26 18:05:34 | 015,026,056 | R--- | M] (Skype Technologies S.A.)
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.04.26 17:37:14 | 004,448,366 | ---- | M] (Macrovision Corporation) -- C:\Eye 310_v4.21.0.000.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.10.08 22:42:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\602XML
[2011.01.05 20:53:46 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Adobe
[2011.03.28 18:20:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Artogon
[2011.02.20 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Big Fish Games
[2009.11.06 18:52:59 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\DAEMON Tools Lite
[2010.07.09 19:55:32 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Disney Interactive
[2011.03.12 15:35:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Elephant Games
[2011.03.03 20:19:34 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Enigma
[2011.03.19 11:20:28 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
[2009.04.19 21:11:01 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FileOpen
[2011.02.06 16:43:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FloodLightGames
[2010.04.02 14:36:56 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FlyWheelGames
[2011.03.05 20:16:43 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Friday's games
[2010.08.27 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Games
[2011.04.04 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\GHISLER
[2011.02.24 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Ghost Ship Studios
[2009.05.01 16:20:25 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Google
[2009.07.02 23:18:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\GRETECH
[2011.04.03 19:41:06 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
[2011.01.09 12:06:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle
[2011.01.09 11:07:52 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle FaceCreator
[2009.05.19 22:20:07 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\HP
[2009.08.19 23:28:11 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ICQ
[2009.04.14 17:40:18 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Identities
[2010.01.12 19:17:30 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Kastner software
[2010.02.13 12:18:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MA
[2009.05.01 16:01:13 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Macromedia
[2010.08.27 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic Academy
[2011.01.13 23:05:57 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic3
[2011.04.03 22:19:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MagicIndie
[2011.02.11 19:37:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MAI
[2011.03.13 19:50:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\margrave3_full
[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Media Center Programs
[2011.01.10 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Meridian93
[2011.01.09 23:00:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Merscom
[2011.03.27 15:37:11 | 000,000,000 | --SD | M] -- C:\Users\Kubik\AppData\Roaming\Microsoft
[2009.07.27 14:26:33 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Mozilla
[2009.06.29 00:06:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Nero
[2010.11.21 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Nokia
[2010.11.21 22:05:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PC Suite
[2011.03.17 19:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayFirst
[2011.03.31 18:29:58 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayPond
[2010.07.10 10:08:36 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1001
[2010.07.10 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1005eni
[2011.03.19 22:23:17 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PrimoPDF
[2010.02.14 00:08:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Princess Isabella
[2010.09.27 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ProtectDISC
[2009.11.24 16:56:16 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Real
[2010.04.06 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Scholastic
[2010.12.14 20:42:39 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Shape games
[2011.04.04 23:14:38 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Skype
[2011.04.04 20:14:56 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\skypePM
[2011.03.18 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\SolSuite
[2009.05.29 15:49:44 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Symantec
[2010.02.12 17:01:16 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\TimeMachine
[2011.04.04 23:17:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\uTorrent
[2011.01.09 12:44:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\V-Games
[2011.03.22 17:19:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
[2010.02.14 14:26:49 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vso
[2010.10.05 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Winamp
[2009.05.19 21:18:49 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\WinRAR
[2011.02.13 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2011.02.23 01:05:12 | 000,049,225 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
[2009.05.15 21:28:20 | 000,099,384 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\inst.exe
[2010.04.14 13:26:20 | 256,958,203 | ---- | M] (Games ) -- C:\Users\Kubik\AppData\Roaming\TSFollowGhosts.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010.10.29 18:42:18 | 000,032,768 | R--- | M] () -- C:\Users\Kubik\AppData\Roaming\Microsoft\Installer\{B166816C-68B2-442B-8AAD-B093F5EB40EF}\_FE6A21C074FA_4781_9264_434A1EE731C1.exe
[2010.03.01 20:31:11 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.06.29 22:12:52 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010.09.19 13:48:56 | 000,452,104 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.12\setup.exe
[2010.12.15 12:39:10 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.27 22:09:52 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.14\setup.exe
< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 14:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2008.01.19 10:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.19 10:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.14 18:39:40 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys
[2008.01.19 10:07:46 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009.01.07 00:36:10 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009.01.07 00:36:10 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009.04.14 18:39:41 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys
[2009.01.07 00:36:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows.old\Windows\System32\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 13:15:40 | 000,730,112 | ---- | M] (Microsoft Corporation) MD5=B56DB371DC4C6F791B2708EAA4814BB7 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_3bdbc6d17d338351\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
[2010.11.07 11:46:09 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Users\Kubik\Dokumenty\D\I386\AUTOCHK.EXE
[2010.11.07 11:46:09 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Windows.old\Documents and Settings\Kubik\Dokumenty\D\I386\AUTOCHK.EXE
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.19 10:00:03 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows.old\Windows\System32\drivers\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows.old\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2008.01.19 08:29:04 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\SysNative\cryptsvc.dll
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 10:01:10 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2006.11.02 13:16:52 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=4B48CC76EBFE97314EA64C3BDA983623 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_cfe772ec5641ae4b\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows.old\Windows\System32\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.01.07 00:34:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.14 18:50:23 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2009.01.07 00:34:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows.old\Windows\explorer.exe
[2009.01.07 00:34:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.14 18:50:22 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009.04.14 18:50:23 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009.01.07 00:34:50 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.14 18:50:21 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2006.11.02 13:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2009.01.07 01:07:22 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009.04.14 18:47:54 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_b61f6f46696c67ab\explorer.exe
[2009.04.14 18:50:22 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2009.04.14 18:47:53 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=819D88EC82C2C44B556DC32ED22044DE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_ac3dc19d4e3a6405\explorer.exe
[2009.04.14 18:50:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.01.07 01:07:21 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.14 18:47:53 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_b6926bef829b2600\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2009.04.14 18:50:21 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009.01.07 00:34:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2009.04.14 18:50:23 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.19 10:00:15 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2009.04.14 18:47:53 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=FCBF8AC1855EF986CDEC2387760F71C6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_abcac4f4350ba5b0\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\SysNative\hal.dll
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.19 09:42:34 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows.old\Windows\System32\hal.dll
[2008.01.19 10:11:22 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 10:11:31 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 13:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C -- C:\Windows\SysNative\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2008.01.19 10:07:46 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.19 10:07:46 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows.old\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2006.11.02 14:01:10 | 000,021,096 | ---- | M] (Microsoft Corporation) MD5=D3BB520B31F28C1A065CD058E762EE73 -- C:\Windows\SysNative\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 17:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.04.18 03:06:24 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2009.04.18 03:06:25 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2009.04.18 03:06:25 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2009.04.18 03:06:25 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\SysNative\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 13:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.04.18 03:06:27 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2006.11.02 13:15:57 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=7B6AA93EEE1F354B3A4AC2ADE5EE334E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_0032644a183d9898\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 16:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\System32\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2009.04.18 03:06:27 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
< MD5 for: NDIS.SYS >
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 10:12:09 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows.old\Windows\System32\drivers\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2006.11.02 13:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.01.19 10:03:01 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old\Windows\System32\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
[2006.11.02 13:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 10:10:12 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows.old\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 13:50:24 | 000,112,744 | ---- | M] (NVIDIA Corporation) MD5=840EEB44DC49317A6161961F7682CD99 -- C:\Windows\SysNative\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows.old\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 14:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows\SysNative\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[2008.01.19 10:08:50 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old\Windows\System32\scecli.dll
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2006.11.02 13:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2008.01.19 10:03:55 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< MD5 for: SMSS.EXE >
[2006.11.02 13:16:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=362C49C769D938B1FB6648D240BF5C76 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_06228184d4a4001c\smss.exe
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows.old\Windows\System32\smss.exe
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2008.01.19 10:00:39 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\SysNative\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2006.11.02 13:16:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6B30067D55E10E4DEBDC842FB1911479 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_0fa33328c0c01e47\svchost.exe
[2008.01.19 10:00:40 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008.01.19 10:00:40 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
OTL logfile created on: 4.4.2011 23:18:01 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kubik\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 43,75 Gb Free Space | 18,79% Space Free | Partition Type: NTFS
Computer Name: KUBIK-PC | User Name: Kubik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.04.04 23:16:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
PRC - [2011.03.22 17:18:20 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
PRC - [2011.02.23 01:05:12 | 000,049,225 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
PRC - [2011.02.20 14:40:17 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.07.02 22:50:54 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.03.09 17:49:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2008.02.28 17:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe
========== Modules (SafeList) ==========
MOD - [2011.04.04 23:16:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.11.11 15:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 15:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2008.01.19 10:06:50 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007.09.26 16:23:48 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010.10.24 22:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.08.27 18:50:05 | 000,310,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.02.26 13:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010.02.26 13:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010.02.26 13:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010.02.26 13:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.01.12 18:55:55 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.11.03 23:36:22 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.05.15 21:28:20 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.04.11 07:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2008.11.29 07:19:28 | 000,028,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.02.11 19:48:28 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008.02.11 19:48:28 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (ialm)
DRV:64bit: - [2007.04.20 13:40:10 | 000,873,216 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2006.10.03 04:13:44 | 000,051,200 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2006.09.18 23:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2009.12.30 15:24:13 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2004.05.13 15:00:04 | 000,111,808 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.05.13 13:19:36 | 000,079,488 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.08.24 20:54:50 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (@msdxmLC.dll,-1@1033,&Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx (Microsoft Corporation)
O3 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [GoogleDownload] C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\Run: [PC Suite Tray] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000..\RunOnce: [Shockwave Updater] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} http://plugin.fileopen.com/current/FileOpen.CAB (FoInstaller Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Kubik\Dokumenty\Michal\Obrázky\DSC00265a.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kubik\Dokumenty\Michal\Obrázky\DSC00265a.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.30 15:59:50 | 000,000,073 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e7e75a8f-1ebb-11e0-8e0b-001d92604ed1}\Shell\AutoRun\command - "" = H:\PMBP_Win.exe
O34 - HKLM BootExecute: (autocheck autochk /r \??\E:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\Windows\SysWow64\alf2cd.acm (NCT Company)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\Windows\SysWow64\Scg726.acm (SHARP Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\SysWow64\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\Windows\SysWow64\mcdvd_32.dll (MainConcept)
Drivers32: vidc.mp42 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mp43 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.mpg4 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 7 Days ==========
[2011.04.04 23:16:01 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
[2011.04.04 22:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.04.04 22:49:02 | 000,000,000 | ---D | C] -- C:\rsit
[2011.04.04 21:41:53 | 000,000,000 | ---D | C] -- C:\Windows\Registration
[2011.04.03 22:19:50 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\MagicIndie
[2011.04.03 19:41:06 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
[2011.03.31 18:29:58 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\PlayPond
[2011.03.31 18:28:48 | 000,000,000 | ---D | C] -- C:\Users\Kubik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Legends Phantom of the Opera
[2011.03.31 18:28:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mystery Legends Phantom of the Opera
[2011.03.29 20:34:17 | 000,000,000 | ---D | C] -- C:\Users\Kubik\Desktop\thumbnails
[2011.03.29 20:34:17 | 000,000,000 | ---D | C] -- C:\Users\Kubik\Desktop\summary
[2010.04.14 13:26:20 | 256,958,203 | ---- | C] (Games ) -- C:\Users\Kubik\AppData\Roaming\TSFollowGhosts.exe
[2009.05.15 21:28:20 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Kubik\AppData\Roaming\pcouffin.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.04.04 23:16:11 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kubik\Desktop\OTL.exe
[2011.04.04 23:00:07 | 000,000,290 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2011.04.04 23:00:03 | 000,000,242 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2011.04.04 22:56:39 | 000,832,273 | ---- | M] () -- C:\Users\Kubik\Desktop\RSITx64.exe
[2011.04.04 22:48:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.04 22:38:06 | 001,424,786 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.04 22:38:06 | 000,609,332 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.04.04 22:38:06 | 000,597,898 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.04 22:38:06 | 000,118,912 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.04.04 22:38:06 | 000,104,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.04 22:26:41 | 000,000,946 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.04 22:12:52 | 000,003,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 22:12:52 | 000,003,952 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.04 22:12:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.04 22:12:12 | 2138,431,488 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.04 22:12:10 | 429,487,637 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.04 17:21:12 | 000,000,000 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\AVSMediaPlayer.m3u
[2011.03.31 20:57:03 | 000,002,613 | ---- | M] () -- C:\Users\Kubik\Desktop\Microsoft Office Excel 2007.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.04 22:56:38 | 000,832,273 | ---- | C] () -- C:\Users\Kubik\Desktop\RSITx64.exe
[2011.04.04 21:59:23 | 429,487,637 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.03.29 20:34:17 | 000,069,116 | ---- | C] () -- C:\Users\Kubik\Desktop\form.fo
[2011.02.24 19:25:21 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.02.23 01:05:12 | 000,049,225 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
[2011.02.12 20:49:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.02.01 23:31:51 | 001,420,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.25 20:29:40 | 000,019,599 | ---- | C] () -- C:\Windows\hpqins13.dat
[2010.07.10 18:50:05 | 000,000,042 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.07.09 19:55:11 | 000,000,157 | ---- | C] () -- C:\Windows\disney.ini
[2010.04.14 13:32:36 | 000,000,041 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\url.bat
[2010.03.02 17:21:34 | 000,002,935 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010.02.19 19:45:39 | 000,000,066 | ---- | C] () -- C:\Windows\Power Video Converter.INI
[2010.02.15 22:05:14 | 000,000,000 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\AVSMediaPlayer.m3u
[2010.01.12 18:55:48 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.01.12 18:55:48 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.12.26 15:12:23 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2009.09.13 14:49:46 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.09.13 14:48:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.09.13 14:46:59 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.31 03:58:42 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2009.07.02 22:53:28 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.07.02 22:51:46 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009.06.29 00:06:14 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.05.27 22:46:45 | 000,000,680 | ---- | C] () -- C:\Users\Kubik\AppData\Local\d3d9caps.dat
[2009.05.19 22:14:33 | 000,158,119 | ---- | C] () -- C:\Windows\hpoins14.dat
[2009.05.15 21:30:14 | 000,000,668 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\vso_ts_preview.xml
[2009.05.15 21:28:20 | 000,099,384 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\inst.exe
[2009.05.15 21:28:20 | 000,007,859 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\pcouffin.cat
[2009.05.15 21:28:20 | 000,001,167 | ---- | C] () -- C:\Users\Kubik\AppData\Roaming\pcouffin.inf
[2009.05.10 16:54:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.05.03 16:03:51 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini
[2009.04.27 23:13:14 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009.04.23 15:04:23 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2009.04.15 19:03:19 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.14 18:19:18 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2009.04.14 17:47:49 | 000,030,208 | ---- | C] () -- C:\Users\Kubik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.06.06 01:07:34 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
========== LOP Check ==========
[2010.10.08 22:42:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\602XML
[2011.03.28 18:20:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Artogon
[2011.02.20 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Big Fish Games
[2009.11.06 18:52:59 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\DAEMON Tools Lite
[2010.07.09 19:55:32 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Disney Interactive
[2011.03.12 15:35:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Elephant Games
[2011.03.03 20:19:34 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Enigma
[2011.03.19 11:20:28 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
[2009.04.19 21:11:01 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FileOpen
[2011.02.06 16:43:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FloodLightGames
[2010.04.02 14:36:56 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FlyWheelGames
[2011.03.05 20:16:43 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Friday's games
[2010.08.27 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Games
[2011.04.04 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\GHISLER
[2011.02.24 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Ghost Ship Studios
[2011.04.03 19:41:06 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
[2011.01.09 12:06:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle
[2011.01.09 11:07:52 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle FaceCreator
[2009.08.19 23:28:11 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ICQ
[2010.01.12 19:17:30 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Kastner software
[2010.02.13 12:18:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MA
[2010.08.27 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic Academy
[2011.01.13 23:05:57 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic3
[2011.04.03 22:19:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MagicIndie
[2011.02.11 19:37:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MAI
[2011.03.13 19:50:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\margrave3_full
[2011.01.10 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Meridian93
[2011.01.09 23:00:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Merscom
[2010.11.21 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Nokia
[2010.11.21 22:05:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PC Suite
[2011.03.17 19:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayFirst
[2011.03.31 18:29:58 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayPond
[2010.07.10 10:08:36 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1001
[2010.07.10 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1005eni
[2011.03.19 22:23:17 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PrimoPDF
[2010.02.14 00:08:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Princess Isabella
[2010.09.27 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ProtectDISC
[2010.04.06 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Scholastic
[2010.12.14 20:42:39 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Shape games
[2011.03.18 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\SolSuite
[2010.02.12 17:01:16 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\TimeMachine
[2011.04.04 23:17:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\uTorrent
[2011.01.09 12:44:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\V-Games
[2011.03.22 17:19:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
[2010.02.14 14:26:49 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vso
[2011.02.13 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Špidla Data Processing, s.r.o
[2011.04.04 22:25:34 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.04 23:00:07 | 000,000,290 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2011.04.04 23:00:03 | 000,000,242 | -H-- | M] () -- C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 09:10:53 | 001,555,968 | ---- | M] (Microsoft Corporation)
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.02.28 17:07:58 | 001,828,136 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"PC Suite Tray" = "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.01.26 18:05:34 | 015,026,056 | R--- | M] (Skype Technologies S.A.)
< c:\windows\*.* /U >
[2 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.04.26 17:37:14 | 004,448,366 | ---- | M] (Macrovision Corporation) -- C:\Eye 310_v4.21.0.000.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.10.08 22:42:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\602XML
[2011.01.05 20:53:46 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Adobe
[2011.03.28 18:20:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Artogon
[2011.02.20 17:32:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Big Fish Games
[2009.11.06 18:52:59 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\DAEMON Tools Lite
[2010.07.09 19:55:32 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Disney Interactive
[2011.03.12 15:35:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Elephant Games
[2011.03.03 20:19:34 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Enigma
[2011.03.19 11:20:28 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
[2009.04.19 21:11:01 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FileOpen
[2011.02.06 16:43:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FloodLightGames
[2010.04.02 14:36:56 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\FlyWheelGames
[2011.03.05 20:16:43 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Friday's games
[2010.08.27 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Games
[2011.04.04 20:27:09 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\GHISLER
[2011.02.24 19:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Ghost Ship Studios
[2009.05.01 16:20:25 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Google
[2009.07.02 23:18:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\GRETECH
[2011.04.03 19:41:06 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
[2011.01.09 12:06:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle
[2011.01.09 11:07:52 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Hoyle FaceCreator
[2009.05.19 22:20:07 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\HP
[2009.08.19 23:28:11 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ICQ
[2009.04.14 17:40:18 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Identities
[2010.01.12 19:17:30 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Kastner software
[2010.02.13 12:18:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MA
[2009.05.01 16:01:13 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Macromedia
[2010.08.27 18:30:03 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic Academy
[2011.01.13 23:05:57 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Magic3
[2011.04.03 22:19:50 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MagicIndie
[2011.02.11 19:37:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\MAI
[2011.03.13 19:50:05 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\margrave3_full
[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Media Center Programs
[2011.01.10 20:23:45 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Meridian93
[2011.01.09 23:00:31 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Merscom
[2011.03.27 15:37:11 | 000,000,000 | --SD | M] -- C:\Users\Kubik\AppData\Roaming\Microsoft
[2009.07.27 14:26:33 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Mozilla
[2009.06.29 00:06:47 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Nero
[2010.11.21 22:06:40 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Nokia
[2010.11.21 22:05:54 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PC Suite
[2011.03.17 19:06:42 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayFirst
[2011.03.31 18:29:58 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PlayPond
[2010.07.10 10:08:36 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1001
[2010.07.10 18:50:38 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PopCapv1005eni
[2011.03.19 22:23:17 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\PrimoPDF
[2010.02.14 00:08:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Princess Isabella
[2010.09.27 10:54:14 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\ProtectDISC
[2009.11.24 16:56:16 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Real
[2010.04.06 17:36:08 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Scholastic
[2010.12.14 20:42:39 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Shape games
[2011.04.04 23:14:38 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Skype
[2011.04.04 20:14:56 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\skypePM
[2011.03.18 17:14:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\SolSuite
[2009.05.29 15:49:44 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Symantec
[2010.02.12 17:01:16 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\TimeMachine
[2011.04.04 23:17:37 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\uTorrent
[2011.01.09 12:44:26 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\V-Games
[2011.03.22 17:19:22 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
[2010.02.14 14:26:49 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Vso
[2010.10.05 20:44:01 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Winamp
[2009.05.19 21:18:49 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\WinRAR
[2011.02.13 16:05:53 | 000,000,000 | ---D | M] -- C:\Users\Kubik\AppData\Roaming\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2011.02.23 01:05:12 | 000,049,225 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
[2009.05.15 21:28:20 | 000,099,384 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\inst.exe
[2010.04.14 13:26:20 | 256,958,203 | ---- | M] (Games ) -- C:\Users\Kubik\AppData\Roaming\TSFollowGhosts.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\Kubik\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2010.10.29 18:42:18 | 000,032,768 | R--- | M] () -- C:\Users\Kubik\AppData\Roaming\Microsoft\Installer\{B166816C-68B2-442B-8AAD-B093F5EB40EF}\_FE6A21C074FA_4781_9264_434A1EE731C1.exe
[2010.03.01 20:31:11 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.06.29 22:12:52 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2010.09.19 13:48:56 | 000,452,104 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.12\setup.exe
[2010.12.15 12:39:10 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.27 22:09:52 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Kubik\AppData\Roaming\Real\Update\setup3.14\setup.exe
< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 14:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2008.01.19 10:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.19 10:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.14 18:39:40 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys
[2008.01.19 10:07:46 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\System32\drivers\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009.01.07 00:36:10 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009.01.07 00:36:10 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009.04.14 18:39:41 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys
[2009.01.07 00:36:09 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows.old\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SysWOW64\autochk.exe
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows.old\Windows\System32\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2008.01.19 09:33:01 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 13:15:40 | 000,730,112 | ---- | M] (Microsoft Corporation) MD5=B56DB371DC4C6F791B2708EAA4814BB7 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_3bdbc6d17d338351\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
[2010.11.07 11:46:09 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Users\Kubik\Dokumenty\D\I386\AUTOCHK.EXE
[2010.11.07 11:46:09 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\Windows.old\Documents and Settings\Kubik\Dokumenty\D\I386\AUTOCHK.EXE
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\SysNative\autochk.exe
[2009.04.11 09:09:58 | 000,734,720 | ---- | M] (Microsoft Corporation) MD5=E24D4475713CB382A720D003BDDA9628 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_3ffe01d977405f71\autochk.exe
[2008.01.19 10:00:03 | 000,733,696 | ---- | M] (Microsoft Corporation) MD5=F74203F70337352EEABADAE16A05EAEA -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_3e1288cd7a1e9425\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows.old\Windows\System32\drivers\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 07:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows.old\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2008.01.19 08:29:04 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=3B2FB35363423ED60C8FBF15FC8680BD -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_bbc7f7665c24db80\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.04.11 07:34:39 | 000,079,872 | ---- | M] (Microsoft Corporation) MD5=C025AA69BE3D0D25C7A2E746EF6F94FC -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_bdb370725946a6cc\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\SysNative\cryptsvc.dll
[2009.04.11 09:11:14 | 000,166,912 | ---- | M] (Microsoft Corporation) MD5=18918613E63F387CDE4D95CA7D49DCF7 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_d409adf4504e8a6b\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 10:01:10 | 000,165,376 | ---- | M] (Microsoft Corporation) MD5=4374F784121D8B3BB466B03F5E5EBD33 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_d21e34e8532cbf1f\cryptsvc.dll
[2006.11.02 13:16:52 | 000,163,328 | ---- | M] (Microsoft Corporation) MD5=4B48CC76EBFE97314EA64C3BDA983623 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_cfe772ec5641ae4b\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows.old\Windows\System32\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2008.01.19 09:34:00 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.01.07 00:34:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.04.14 18:50:23 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2009.01.07 00:34:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows.old\Windows\explorer.exe
[2009.01.07 00:34:50 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.04.14 18:50:22 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2009.04.14 18:50:23 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2009.01.07 00:34:50 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.14 18:50:21 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2006.11.02 13:15:52 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=5D768BEB711FF67ADC8FAD4E2F6ABB02 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_ab9c809a352ecf21\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2009.01.07 01:07:22 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009.04.14 18:47:54 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_b61f6f46696c67ab\explorer.exe
[2009.04.14 18:50:22 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2009.04.14 18:47:53 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=819D88EC82C2C44B556DC32ED22044DE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_ac3dc19d4e3a6405\explorer.exe
[2009.04.14 18:50:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.01.07 01:07:21 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.14 18:47:53 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_b6926bef829b2600\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2009.04.14 18:50:21 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2009.01.07 00:34:51 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2009.04.14 18:50:23 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.19 10:00:15 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2009.04.14 18:47:53 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=FCBF8AC1855EF986CDEC2387760F71C6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_abcac4f4350ba5b0\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_b5f12aec698f911c\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: HAL.DLL >
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\SysNative\hal.dll
[2009.04.11 09:15:31 | 000,233,448 | ---- | M] (Microsoft Corporation) MD5=822EA80D8E91D1BD5F31954348842AAA -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6002.18005_none_612624babd6ea012\hal.dll
[2008.01.19 09:42:34 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows.old\Windows\System32\hal.dll
[2008.01.19 10:11:22 | 000,233,528 | ---- | M] (Microsoft Corporation) MD5=D63C785A6EF1A3DE684781698A0CC9AF -- C:\Windows\winsxs\amd64_hal.inf_31bf3856ad364e35_6.0.6001.18000_none_5f3aabaec04cd4c6\hal.dll
< MD5 for: IASTORV.SYS >
[2008.01.19 10:11:31 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows.old\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 13:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C -- C:\Windows\SysNative\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2008.01.19 10:07:46 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\isapnp.sys
[2008.01.19 10:07:46 | 000,023,608 | ---- | M] (Microsoft Corporation) MD5=0672BFCEDC6FC468A2B0500D81437F4F -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows.old\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 09:42:15 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows.old\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2006.11.02 14:01:10 | 000,021,096 | ---- | M] (Microsoft Corporation) MD5=D3BB520B31F28C1A065CD058E762EE73 -- C:\Windows\SysNative\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.06.15 15:21:28 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=02474FBCB00AA5C622E92F620DB9A041 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_02bcb9272e6ecc60\lsass.exe
[2009.09.10 17:22:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1104B18819392FEA12FB5F9E170E66B3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_00fbc3d9312b9991\lsass.exe
[2009.04.18 03:06:24 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1979F94B28107233315DD6220F2304DD -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_02ad19252e799f25\lsass.exe
[2009.04.18 03:06:25 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_026926461528a96c\lsass.exe
[2009.04.18 03:06:25 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_02635b98152c3e5e\lsass.exe
[2009.04.18 03:06:25 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=1B461E9F6DB0EF829B4369F47A24BBEC -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_04549f52124a74b8\lsass.exe
[2009.06.15 15:34:54 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=1E766E4C5BF9E230AD37A56BF7DB6C94 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_00d282d7314a3edc\lsass.exe
[2009.06.15 15:32:30 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=306E4503E083A498AE797FF59FA72839 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_00373bf8183ad660\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\SysNative\lsass.exe
[2009.06.15 15:15:02 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=40348DCEC0712ED42231C5F90A69A690 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_041a8e8e12769b11\lsass.exe
[2009.09.09 13:32:36 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=41FB90DF49F203672F459122EF1F13B1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_02effd0d2e47247b\lsass.exe
[2009.04.18 03:06:27 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=563B71CEF1D46A24C5980FA2988DB67F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_0101906d312801c6\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2006.11.02 13:15:57 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=7B6AA93EEE1F354B3A4AC2ADE5EE334E -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_0032644a183d9898\lsass.exe
[2009.06.15 15:26:45 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=80F4593E92FF960E4763380D3168E498 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_021f7b32155f99ff\lsass.exe
[2009.09.10 16:57:16 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=BBBCE2DACDCCD5EA60A50D0023AE2DE9 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_04c69d972b7a16dd\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\System32\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2009.04.18 03:06:27 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=E231BDBD7D69857EEFFDEB3A48A53824 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_006d4b9418124aab\lsass.exe
[2009.06.15 15:12:52 | 000,011,264 | ---- | M] (Microsoft Corporation) MD5=EBDAEE60E442BEA413E5D7CEDFB09463 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_04a52ba32b935432\lsass.exe
< MD5 for: NDIS.SYS >
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 10:12:09 | 000,739,384 | ---- | M] (Microsoft Corporation) MD5=2A2EE457AF36C5C9A6808C768BD3A12B -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_03e5c74ad46c7e4e\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\SysNative\drivers\ndis.sys
[2009.04.11 09:15:34 | 000,738,264 | ---- | M] (Microsoft Corporation) MD5=65950E07329FCEE8E6516B17C8D0ABB6 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_05d14056d18e499a\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows.old\Windows\System32\drivers\ndis.sys
[2008.01.19 09:43:31 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2006.11.02 13:52:20 | 000,641,128 | ---- | M] (Microsoft Corporation) MD5=CCA69C9493A13AF86DCF0AE272AFBB72 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_01af054ed7816d7a\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.01.19 10:03:01 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old\Windows\System32\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
[2006.11.02 13:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2008.01.19 10:10:12 | 000,128,056 | ---- | M] (NVIDIA Corporation) MD5=2C040B7ADA5B06F6FACADAC8514AA034 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 09:43:01 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows.old\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 13:50:24 | 000,112,744 | ---- | M] (NVIDIA Corporation) MD5=840EEB44DC49317A6161961F7682CD99 -- C:\Windows\SysNative\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows.old\Windows\System32\drivers\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2006.11.02 14:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows\SysNative\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows.old\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[2008.01.19 10:08:50 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old\Windows\System32\scecli.dll
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2006.11.02 13:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2008.01.19 10:03:55 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
< MD5 for: SMSS.EXE >
[2006.11.02 13:16:12 | 000,074,752 | ---- | M] (Microsoft Corporation) MD5=362C49C769D938B1FB6648D240BF5C76 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_06228184d4a4001c\smss.exe
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows.old\Windows\System32\smss.exe
[2008.01.19 09:33:31 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2008.01.19 10:00:39 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=9FC8E8C0F344EAE043740B72794DA3CC -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_08594380d18f10f0\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\SysNative\smss.exe
[2009.04.11 09:10:54 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=C17704EA5B0F83D78F1377075FFE1C89 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_0a44bc8cceb0dc3c\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\System32\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008.01.19 09:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2006.11.02 13:16:13 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=6B30067D55E10E4DEBDC842FB1911479 -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_0fa33328c0c01e47\svchost.exe
[2008.01.19 10:00:40 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008.01.19 10:00:40 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
Re: Kontrola logu
pokračování OTL
< MD5 for: TCPIP.SYS >
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2010.04.06 10:35:06 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=150C1A66A7094F84560519261A309BC6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[2009.12.08 20:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010.02.18 17:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 16:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 14:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 20:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 17:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010.02.18 16:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009.01.07 00:31:21 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.04.14 18:39:11 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=5833A92EDC82BA178E4915A8E81A1FC2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_bbaf54e84a9a7440\tcpip.sys
[2009.01.07 00:31:21 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.04.14 18:39:10 | 001,192,448 | ---- | M] (Microsoft Corporation) MD5=616E40EA154BECBB549A87790AA0D667 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_bc13807d63d4e92a\tcpip.sys
[2009.08.14 18:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.19 10:12:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 14:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 18:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows.old\Windows\System32\drivers\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 22:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2008.04.26 10:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.04.05 19:13:35 | 001,414,024 | ---- | M] (Microsoft Corporation) MD5=8E7CD6BA2F09B46CE72D308F166C0B12 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[2010.06.16 19:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 09:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 18:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.02.18 16:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009.12.08 20:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009.12.08 23:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010.06.17 01:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 18:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.16 00:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2006.11.02 11:48:29 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=DB08D7CB8D64A07E4D59F8983CD13758 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_bb6d6f644acc0b1a\tcpip.sys
[2009.12.08 22:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009.12.08 22:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2008.04.26 10:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 13:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe
[2008.01.19 10:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.19 10:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\2K\viamraid.sys
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\drvdisk\x86\NT5\viamraid.sys
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\SRV2003\x86\viamraid.sys
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\XP\x86\viamraid.sys
[2007.07.12 19:35:36 | 000,118,184 | ---- | M] (VIA Technologies inc,.ltd) MD5=7352A2B1CA928AD8A95F75A1D868A0B5 -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\drvdisk\x86\NT4\viamraid.sys
[2007.07.12 19:35:36 | 000,118,184 | ---- | M] (VIA Technologies inc,.ltd) MD5=7352A2B1CA928AD8A95F75A1D868A0B5 -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\NT4\viamraid.sys
[2007.07.13 14:05:28 | 000,120,832 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9E897F955AB8F912E4C1C9ADAF35762C -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\drvdisk\VISTA\x86\viamraid.sys
[2007.07.13 14:05:28 | 000,120,832 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9E897F955AB8F912E4C1C9ADAF35762C -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\VISTA\x86\viamraid.sys
< MD5 for: VIPRT.SYS >
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\W2K\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\WNET\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\WXP\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\WLH\ViPrt.sys
< MD5 for: WINLOGON.EXE >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.19 10:00:45 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 13:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old\Windows\System32\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 13:19:11 | 000,264,704 | ---- | M] (Microsoft Corporation) MD5=28E8AC2995EBAC957AB648F461056C55 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_4c9f8a4a89c86626\ws2_32.dll
[2008.01.19 10:04:48 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
[2010.12.18 08:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll
[2010.09.13 17:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
[2010.12.18 08:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll
[2010.09.13 17:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
========== Alternate Data Streams ==========
@Alternate Data Stream - 196 bytes -> C:\ProgramData\TEMP:697DDE2B
@Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:A4E7D25F
@Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:0AC32449
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:BD34FFC5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:AA0017FD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:689AB7E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:852F2262
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B0456F0C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:F5B51004
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9BAC4211
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C5CE2DF6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E8C44CB4
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:569CEE83
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:1B389835
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:E690114B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D
< End of report >
< MD5 for: TCPIP.SYS >
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.06.16 19:14:29 | 001,424,264 | ---- | M] (Microsoft Corporation) MD5=0011810B5211FDACD784DE585262ECFE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_119c298735134c99\tcpip.sys
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2010.04.06 10:35:06 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=150C1A66A7094F84560519261A309BC6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_11681899353a0dd5\tcpip.sys
[2009.12.08 20:22:57 | 001,199,616 | ---- | M] (Microsoft Corporation) MD5=2F822AF5E70467F827F5B4010A7FD57F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_bb7549d64ac6920e\tcpip.sys
[2010.02.18 17:01:57 | 001,420,688 | ---- | M] (Microsoft Corporation) MD5=30C4ABC8075DEA44D7E775D434AF1753 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_0f2e179c1ecd900b\tcpip.sys
[2009.08.14 16:44:27 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=34B30202AECCB530FDDC6C6CCFA2FB46 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_bbc5fabc4a894d2a\tcpip.sys
[2010.02.18 14:25:21 | 001,200,640 | ---- | M] (Microsoft Corporation) MD5=396CF3FD8D2A4FDF55570C01894DB9DF -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_bba931004aa006ed\tcpip.sys
[2009.08.14 20:05:16 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=3BCD46BE9988B09D3510A0EF54F0D65B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_0f32e3e61ecadee9\tcpip.sys
[2010.02.18 17:04:06 | 001,414,032 | ---- | M] (Microsoft Corporation) MD5=4680D08A2E8A2509CD9B751D7AF59606 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys
[2010.02.18 16:22:15 | 001,423,752 | ---- | M] (Microsoft Corporation) MD5=4AD4600DF1F09EE7462152C061B683C8 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_118286a1352721f8\tcpip.sys
[2009.01.07 00:31:21 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.04.14 18:39:11 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=5833A92EDC82BA178E4915A8E81A1FC2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_bbaf54e84a9a7440\tcpip.sys
[2009.01.07 00:31:21 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.04.14 18:39:10 | 001,192,448 | ---- | M] (Microsoft Corporation) MD5=616E40EA154BECBB549A87790AA0D667 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_bc13807d63d4e92a\tcpip.sys
[2009.08.14 18:42:31 | 001,413,208 | ---- | M] (Microsoft Corporation) MD5=74B776CA1B328095FE23A3306B1613A3 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_0f6c030d3823f645\tcpip.sys
[2008.01.19 10:12:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=7A1183FBB802F5ABAD7FA18BC67E0858 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_0f3cadd61ec3b22c\tcpip.sys
[2010.02.18 14:27:40 | 001,198,080 | ---- | M] (Microsoft Corporation) MD5=7B0B928E318CADC23C87226BE0A1097D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_bc37d12363b92291\tcpip.sys
[2010.06.16 18:40:37 | 001,420,176 | ---- | M] (Microsoft Corporation) MD5=7D86275FB640011B372FD566C0EAFA8D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_0ede67001f09ee46\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows.old\Windows\System32\drivers\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 22:59:37 | 001,418,840 | ---- | M] (Microsoft Corporation) MD5=8C94F5E4F9DE14A495BAA86F643CF31D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_0ef8061a1ef61e99\tcpip.sys
[2008.04.26 10:55:25 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=8E041924441FF8755E5B4F135C8C3767 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_0efecf2c1ef1a5d7\tcpip.sys
[2010.04.05 19:13:35 | 001,414,024 | ---- | M] (Microsoft Corporation) MD5=8E7CD6BA2F09B46CE72D308F166C0B12 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_0f8a7609380d6a12\tcpip.sys
[2010.06.16 19:11:35 | 001,426,816 | ---- | M] (Microsoft Corporation) MD5=973658A2EA9C06B2976884B9046DFC6C -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_10d97a5c1c20ef58\tcpip.sys
[2009.04.11 09:15:48 | 001,426,408 | ---- | M] (Microsoft Corporation) MD5=99D07AD0EF2C535610F6573C29BC045E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_112826e21be57d78\tcpip.sys
[2009.08.14 18:39:38 | 001,425,992 | ---- | M] (Microsoft Corporation) MD5=A7BFF59C2F610F62E6C292074FF36A1E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_10c2d66e1c321395\tcpip.sys
[2010.02.18 16:28:06 | 001,427,336 | ---- | M] (Microsoft Corporation) MD5=B4B7B375FDD672AF79B0CBE9B9A48B47 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_112c2bd61be1dd22\tcpip.sys
[2009.12.08 20:21:46 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=BB6FB43B431CCAD6FC367648C87205C0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_bc00bf5763e297c8\tcpip.sys
[2009.12.08 23:13:33 | 001,411,656 | ---- | M] (Microsoft Corporation) MD5=D1A6D398865E0686533E13DD2558D64B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_0f81a4cb3813bb8a\tcpip.sys
[2010.06.17 01:28:33 | 001,414,544 | ---- | M] (Microsoft Corporation) MD5=D43D5336BE9DD93E02EE124297295713 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys
[2009.08.14 18:32:21 | 001,424,952 | ---- | M] (Microsoft Corporation) MD5=D45D67A18C9FD4CC637BC9D4585C0646 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_11acc42135079bb6\tcpip.sys
[2009.08.16 00:55:23 | 001,196,032 | ---- | M] (Microsoft Corporation) MD5=D4E30E6BADFF21865C3A075457CF9C00 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_bc4f6fa963a72036\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2006.11.02 11:48:29 | 001,193,472 | ---- | M] (Microsoft Corporation) MD5=DB08D7CB8D64A07E4D59F8983CD13758 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_bb6d6f644acc0b1a\tcpip.sys
[2009.12.08 22:22:19 | 001,425,480 | ---- | M] (Microsoft Corporation) MD5=E52F99B1160A1A1DE83223379D2C1828 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_10e247ce1c1aa392\tcpip.sys
[2009.12.08 22:04:59 | 001,423,944 | ---- | M] (Microsoft Corporation) MD5=EE84432AD7DCADE2931528C319C55097 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_1159459f3545c743\tcpip.sys
[2008.04.26 10:47:15 | 001,421,368 | ---- | M] (Microsoft Corporation) MD5=F10A60005FB50698E33A1940C6EBB010 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_0f8c6d1f380baafd\tcpip.sys
[2008.01.19 09:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 13:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe
[2008.01.19 10:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.19 10:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\2K\viamraid.sys
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\drvdisk\x86\NT5\viamraid.sys
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\SRV2003\x86\viamraid.sys
[2007.07.17 13:35:20 | 000,114,944 | ---- | M] (VIA Technologies inc,.ltd) MD5=1B7B0954AF54E716F697C511D68C150E -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\XP\x86\viamraid.sys
[2007.07.12 19:35:36 | 000,118,184 | ---- | M] (VIA Technologies inc,.ltd) MD5=7352A2B1CA928AD8A95F75A1D868A0B5 -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\drvdisk\x86\NT4\viamraid.sys
[2007.07.12 19:35:36 | 000,118,184 | ---- | M] (VIA Technologies inc,.ltd) MD5=7352A2B1CA928AD8A95F75A1D868A0B5 -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\NT4\viamraid.sys
[2007.07.13 14:05:28 | 000,120,832 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9E897F955AB8F912E4C1C9ADAF35762C -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\drvdisk\VISTA\x86\viamraid.sys
[2007.07.13 14:05:28 | 000,120,832 | ---- | M] (VIA Technologies Inc.,Ltd) MD5=9E897F955AB8F912E4C1C9ADAF35762C -- C:\Drivers\MB\via_hyperionpro_v513a\VRAIDDrv\VISTA\x86\viamraid.sys
< MD5 for: VIPRT.SYS >
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\W2K\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\WNET\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=7C69B1B6DEC5F8584AA352E522AF1476 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\WXP\ViPrt.sys
[2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) MD5=A1B7CFFE5F09B825FBA506C4DE9FDAC7 -- C:\Drivers\MB\via_hyperionpro_v513a\SATAIDE\WLH\ViPrt.sys
< MD5 for: WINLOGON.EXE >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.19 10:00:45 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 13:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old\Windows\System32\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.11.02 13:19:11 | 000,264,704 | ---- | M] (Microsoft Corporation) MD5=28E8AC2995EBAC957AB648F461056C55 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_4c9f8a4a89c86626\ws2_32.dll
[2008.01.19 10:04:48 | 000,265,216 | ---- | M] (Microsoft Corporation) MD5=63944ECFE4878C1C4889689324CABFAB -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_4ed64c4686b376fa\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old\Windows\System32\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
[2008.01.19 09:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_f4a329cecb77d110\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\ws2_32.dll
[2009.04.11 09:11:31 | 000,264,704 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6002.18005_none_50c1c55283d54246\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
[2010.12.18 08:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll
[2010.09.13 17:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
[2010.12.18 08:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll
[2010.09.13 17:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
========== Alternate Data Streams ==========
@Alternate Data Stream - 196 bytes -> C:\ProgramData\TEMP:697DDE2B
@Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:A4E7D25F
@Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:8E5EA40F
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:0AC32449
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:BD34FFC5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:AA0017FD
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:689AB7E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:852F2262
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B0456F0C
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:F5B51004
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9BAC4211
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C5CE2DF6
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E8C44CB4
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:569CEE83
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:1B389835
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:E690114B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D
< End of report >
Re: Kontrola logu
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\URLSearchHook: - Reg Error: Key error. File not found O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. O3 - HKU\S-1-5-21-1107261835-2622062634-3731929966-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\vnd.ms.radio {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - Reg Error: Key error. File not found [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] @Alternate Data Stream - 196 bytes -> C:\ProgramData\TEMP:697DDE2B @Alternate Data Stream - 192 bytes -> C:\ProgramData\TEMP:A4E7D25F @Alternate Data Stream - 191 bytes -> C:\ProgramData\TEMP:8E5EA40F @Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:0AC32449 @Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:C22674B6 @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:BD34FFC5 @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:AA0017FD @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:689AB7E9 @Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:852F2262 @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B0456F0C @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:F5B51004 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9BAC4211 @Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C5CE2DF6 @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E8C44CB4 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:569CEE83 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:1B389835 @Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:B623B5B8 @Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:E690114B @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:3D36932D :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "DAEMON Tools Lite"=- "PC Suite Tray"=- "Skype"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "WinampAgent"=- "NBKeyScan"=- "TkBellExe"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "SunJavaUpdateSched"=- :files C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Tady je OTP
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vnd.ms.radio\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}\ not found.
File {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - Reg Error: Key error. File not found not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\wininit.tmp deleted successfully.
ADS C:\ProgramData\TEMP:697DDE2B deleted successfully.
ADS C:\ProgramData\TEMP:A4E7D25F deleted successfully.
ADS C:\ProgramData\TEMP:8E5EA40F deleted successfully.
ADS C:\ProgramData\TEMP:0AC32449 deleted successfully.
ADS C:\ProgramData\TEMP:C22674B6 deleted successfully.
ADS C:\ProgramData\TEMP:BD34FFC5 deleted successfully.
ADS C:\ProgramData\TEMP:AA0017FD deleted successfully.
ADS C:\ProgramData\TEMP:689AB7E9 deleted successfully.
ADS C:\ProgramData\TEMP:852F2262 deleted successfully.
ADS C:\ProgramData\TEMP:B0456F0C deleted successfully.
ADS C:\ProgramData\TEMP:F5B51004 deleted successfully.
ADS C:\ProgramData\TEMP:9BAC4211 deleted successfully.
ADS C:\ProgramData\TEMP:C5CE2DF6 deleted successfully.
ADS C:\ProgramData\TEMP:E8C44CB4 deleted successfully.
ADS C:\ProgramData\TEMP:569CEE83 deleted successfully.
ADS C:\ProgramData\TEMP:1B389835 deleted successfully.
ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully.
ADS C:\ProgramData\TEMP:E690114B deleted successfully.
ADS C:\ProgramData\TEMP:3D36932D deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job moved successfully.
C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6838.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8FE0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB0D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3333.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP354F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D9A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5FEA.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBC0E.tmp folder moved successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACC386.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1c8d82f6d46425decfccb3e7d8d0c30a\BIT423A.tmp moved successfully.
C:\Windows\Temp\tmp13C4.tmp moved successfully.
C:\Windows\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kubik
->Temp folder emptied: 2821867 bytes
->Temporary Internet Files folder emptied: 5290103 bytes
->Java cache emptied: 803240 bytes
->Flash cache emptied: 4634 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1090015 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 10,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Kubik
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 04052011_163243
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF50D.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF513.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF55B.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF560.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF588.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF58D.tmp not found!
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H3TG1SWJ\honeypot_export[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9VRVI98G\afr[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9KMVLUWK\afr[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9KMVLUWK\afr[2].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9KMVLUWK\viewtopic[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1107261835-2622062634-3731929966-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}\ not found.
File {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\vnd.ms.radio\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}\ not found.
File {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - Reg Error: Key error. File not found not found.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\wininit.tmp deleted successfully.
ADS C:\ProgramData\TEMP:697DDE2B deleted successfully.
ADS C:\ProgramData\TEMP:A4E7D25F deleted successfully.
ADS C:\ProgramData\TEMP:8E5EA40F deleted successfully.
ADS C:\ProgramData\TEMP:0AC32449 deleted successfully.
ADS C:\ProgramData\TEMP:C22674B6 deleted successfully.
ADS C:\ProgramData\TEMP:BD34FFC5 deleted successfully.
ADS C:\ProgramData\TEMP:AA0017FD deleted successfully.
ADS C:\ProgramData\TEMP:689AB7E9 deleted successfully.
ADS C:\ProgramData\TEMP:852F2262 deleted successfully.
ADS C:\ProgramData\TEMP:B0456F0C deleted successfully.
ADS C:\ProgramData\TEMP:F5B51004 deleted successfully.
ADS C:\ProgramData\TEMP:9BAC4211 deleted successfully.
ADS C:\ProgramData\TEMP:C5CE2DF6 deleted successfully.
ADS C:\ProgramData\TEMP:E8C44CB4 deleted successfully.
ADS C:\ProgramData\TEMP:569CEE83 deleted successfully.
ADS C:\ProgramData\TEMP:1B389835 deleted successfully.
ADS C:\ProgramData\TEMP:B623B5B8 deleted successfully.
ADS C:\ProgramData\TEMP:E690114B deleted successfully.
ADS C:\ProgramData\TEMP:3D36932D deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job moved successfully.
C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6838.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8FE0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAB0D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3333.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP354F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5D9A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5FEA.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBC0E.tmp folder moved successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACC386.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\1c8d82f6d46425decfccb3e7d8d0c30a\BIT423A.tmp moved successfully.
C:\Windows\Temp\tmp13C4.tmp moved successfully.
C:\Windows\twain_32\hpqgnds2.tmp moved successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Kubik
->Temp folder emptied: 2821867 bytes
->Temporary Internet Files folder emptied: 5290103 bytes
->Java cache emptied: 803240 bytes
->Flash cache emptied: 4634 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1090015 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 10,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Kubik
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 04052011_163243
Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF50D.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF513.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF55B.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF560.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF588.tmp not found!
File\Folder C:\Users\Kubik\AppData\Local\Temp\~DFF58D.tmp not found!
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\H3TG1SWJ\honeypot_export[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9VRVI98G\afr[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9KMVLUWK\afr[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9KMVLUWK\afr[2].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\9KMVLUWK\viewtopic[1].htm moved successfully.
C:\Users\Kubik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
Registry entries deleted on Reboot...
Re: Kontrola logu
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Teď už snad je to OK. od včerejška mi pořád vypínal, bylo umění ho rozjet. Teď běží bez problému. Uvídíme v následujích dnech. Každopádně mockrát děkuju.
Jste fakt kapacity.
Jste fakt kapacity.
Re: Kontrola logu
Tak jeste uklidime 
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Vše jsem učinil a pro jistotu posílám ještě log
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubik at 2011-04-05 20:00:54
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 46 GB (19%) free of 238 GB
Total RAM: 2039 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:03, on 5.4.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Program Files\trend micro\Kubik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GoogleDownload] C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8332 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {49311EE8-436C-41E7-8D39-05EF02C2E975}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {73D2E3D8-B6BC-435D-9CE0-2592ADF3CECF}
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2892
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3376 CREDAT:71938
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 688 692 700 65536 696
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Kubik\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Program Files (x86)\Power Video Converter\msdxm.ocx [2000-04-20 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 138264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 203800]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 168472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"Symantec PIF AlertEng"=C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"GoogleDownload"=C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe [2011-02-23 49225]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-05 19:59:34 ----D---- C:\rsit
2011-04-05 19:47:50 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-04-05 19:28:40 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2011-04-05 19:28:37 ----D---- C:\Program Files (x86)\Windows Live
2011-04-05 19:24:49 ----D---- C:\Program Files\Windows Live
2011-04-05 19:22:52 ----D---- C:\Program Files (x86)\Bing Bar Installer
2011-04-05 19:16:42 ----A---- C:\Windows\SYSWOW64\webservices.dll
2011-04-05 19:16:42 ----A---- C:\Windows\system32\webservices.dll
2011-04-05 16:27:21 ----ASH---- C:\hiberfil.sys
2011-04-04 22:49:03 ----D---- C:\Program Files\trend micro
2011-04-04 21:41:53 ----D---- C:\Windows\Registration
2011-04-03 22:19:50 ----D---- C:\Users\Kubik\AppData\Roaming\MagicIndie
2011-04-03 19:41:06 ----D---- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
2011-03-31 18:29:58 ----D---- C:\Users\Kubik\AppData\Roaming\PlayPond
2011-03-31 18:28:33 ----D---- C:\Program Files (x86)\Mystery Legends Phantom of the Opera
2011-03-25 17:39:16 ----D---- C:\ProgramData\Venus DS
2011-03-24 14:11:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-24 14:11:23 ----A---- C:\Windows\system32\FntCache.dll
2011-03-24 14:11:22 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-03-24 14:11:22 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-03-24 14:11:22 ----A---- C:\Windows\system32\DWrite.dll
2011-03-22 17:19:22 ----D---- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\java.exe
2011-03-19 18:13:25 ----D---- C:\ProgramData\McAfee
2011-03-13 17:10:49 ----D---- C:\Users\Kubik\AppData\Roaming\margrave3_full
2011-03-12 15:35:47 ----D---- C:\Users\Kubik\AppData\Roaming\Elephant Games
2011-03-12 15:35:47 ----D---- C:\ProgramData\Elephant Games
2011-03-09 21:18:09 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 21:18:08 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-03-09 21:18:08 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-03-09 21:18:08 ----A---- C:\Windows\system32\mstsc.exe
2011-03-09 21:18:05 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-03-09 21:18:05 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-03-09 21:18:05 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 21:18:05 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 21:18:04 ----A---- C:\Windows\SYSWOW64\sbeio.dll
2011-03-09 21:18:04 ----A---- C:\Windows\system32\sbeio.dll
======List of files/folders modified in the last 1 months======
2011-04-05 20:00:53 ----D---- C:\Windows\Temp
2011-04-05 19:58:27 ----D---- C:\Windows
2011-04-05 19:58:08 ----D---- C:\Windows\Minidump
2011-04-05 19:53:15 ----D---- C:\Windows\Prefetch
2011-04-05 19:49:32 ----D---- C:\Users\Kubik\AppData\Roaming\uTorrent
2011-04-05 19:47:56 ----SHD---- C:\Windows\Installer
2011-04-05 19:47:52 ----RSD---- C:\Windows\assembly
2011-04-05 19:47:50 ----RD---- C:\Program Files (x86)
2011-04-05 19:43:00 ----D---- C:\Windows\winsxs
2011-04-05 19:41:39 ----D---- C:\Windows\SysWOW64
2011-04-05 19:37:38 ----D---- C:\Windows\rescache
2011-04-05 19:32:24 ----SD---- C:\ProgramData\Microsoft
2011-04-05 19:32:20 ----RSD---- C:\Windows\Fonts
2011-04-05 19:28:40 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-05 19:28:40 ----D---- C:\Windows\system32\drivers
2011-04-05 19:25:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-05 19:24:49 ----RD---- C:\Program Files
2011-04-05 19:21:47 ----D---- C:\Windows\System32
2011-04-05 19:21:47 ----D---- C:\Windows\inf
2011-04-05 19:21:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-05 19:19:19 ----D---- C:\Windows\system32\Tasks
2011-04-05 19:17:53 ----D---- C:\Program Files (x86)\Common Files
2011-04-05 19:17:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-04-05 19:17:25 ----D---- C:\Windows\system32\cs-CZ
2011-04-05 19:17:16 ----D---- C:\Windows\system32\catroot
2011-04-05 19:16:29 ----SHD---- C:\System Volume Information
2011-04-05 16:33:04 ----D---- C:\Windows\twain_32
2011-04-05 16:32:47 ----D---- C:\Windows\Tasks
2011-04-05 16:32:45 ----SD---- C:\Windows\Downloaded Program Files
2011-04-05 16:30:28 ----D---- C:\Users\Kubik\AppData\Roaming\Skype
2011-04-05 16:29:58 ----D---- C:\Users\Kubik\AppData\Roaming\skypePM
2011-04-05 16:21:42 ----D---- C:\Program Files (x86)\totalcmd
2011-04-04 22:53:14 ----D---- C:\games
2011-04-04 22:28:02 ----D---- C:\Program Files (x86)\Games
2011-04-04 21:42:59 ----D---- C:\Windows\system32\wbem
2011-04-04 20:36:37 ----D---- C:\Windows\system32\Msdtc
2011-04-04 20:27:21 ----D---- C:\Windows\system32\config
2011-04-04 20:27:09 ----D---- C:\Windows\system32\spool
2011-04-04 20:27:09 ----D---- C:\Windows\system32\catroot2
2011-04-04 20:27:09 ----D---- C:\Users\Kubik\AppData\Roaming\GHISLER
2011-04-04 20:27:08 ----D---- C:\ProgramData\HP Product Assistant
2011-04-04 19:06:04 ----AD---- C:\ProgramData\TEMP
2011-03-28 18:20:50 ----D---- C:\Users\Kubik\AppData\Roaming\Artogon
2011-03-27 15:37:11 ----SD---- C:\Users\Kubik\AppData\Roaming\Microsoft
2011-03-25 17:39:16 ----HD---- C:\ProgramData
2011-03-19 22:23:17 ----D---- C:\Users\Kubik\AppData\Roaming\PrimoPDF
2011-03-19 18:15:28 ----D---- C:\Program Files (x86)\Java
2011-03-19 11:20:28 ----D---- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
2011-03-19 10:28:59 ----D---- C:\Program Files (x86)\MyPlayCity.com
2011-03-18 17:14:26 ----D---- C:\Users\Kubik\AppData\Roaming\SolSuite
2011-03-17 19:06:42 ----D---- C:\Users\Kubik\AppData\Roaming\PlayFirst
2011-03-17 19:06:42 ----D---- C:\ProgramData\PlayFirst
2011-03-13 19:53:48 ----D---- C:\Windows\Debug
2011-03-10 00:20:03 ----A---- C:\Windows\system32\mrt.exe
2011-03-10 00:19:53 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-03 834544]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-08-27 310728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-12 42696]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2008-02-11 7709056]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-11-29 28208]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-15 82816]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2006-10-03 51200]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 a3w00r4i;a3w00r4i; C:\Windows\system32\drivers\a3w00r4i.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 145408]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 42496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd64.sys [2008-02-11 7709056]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 108544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubik at 2011-04-05 20:00:54
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 46 GB (19%) free of 238 GB
Total RAM: 2039 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:03, on 5.4.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe
C:\Program Files\trend micro\Kubik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Program Files (x86)\Power Video Converter\msdxm.ocx
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [GoogleDownload] C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8332 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {49311EE8-436C-41E7-8D39-05EF02C2E975}
"C:\Windows\system32\Dwm.exe"
taskeng.exe {73D2E3D8-B6BC-435D-9CE0-2592ADF3CECF}
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2892
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3376 CREDAT:71938
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 688 692 700 65536 696
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Kubik\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1033,&Radio - C:\Program Files (x86)\Power Video Converter\msdxm.ocx [2000-04-20 844048]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1584184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 138264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 203800]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 168472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 1436224]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"Symantec PIF AlertEng"=C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"GoogleDownload"=C:\Users\Kubik\AppData\Roaming\GoogleDownload.exe [2011-02-23 49225]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-04-05 19:59:34 ----D---- C:\rsit
2011-04-05 19:47:50 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-04-05 19:28:40 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2011-04-05 19:28:37 ----D---- C:\Program Files (x86)\Windows Live
2011-04-05 19:24:49 ----D---- C:\Program Files\Windows Live
2011-04-05 19:22:52 ----D---- C:\Program Files (x86)\Bing Bar Installer
2011-04-05 19:16:42 ----A---- C:\Windows\SYSWOW64\webservices.dll
2011-04-05 19:16:42 ----A---- C:\Windows\system32\webservices.dll
2011-04-05 16:27:21 ----ASH---- C:\hiberfil.sys
2011-04-04 22:49:03 ----D---- C:\Program Files\trend micro
2011-04-04 21:41:53 ----D---- C:\Windows\Registration
2011-04-03 22:19:50 ----D---- C:\Users\Kubik\AppData\Roaming\MagicIndie
2011-04-03 19:41:06 ----D---- C:\Users\Kubik\AppData\Roaming\HitPoint Studios
2011-03-31 18:29:58 ----D---- C:\Users\Kubik\AppData\Roaming\PlayPond
2011-03-31 18:28:33 ----D---- C:\Program Files (x86)\Mystery Legends Phantom of the Opera
2011-03-25 17:39:16 ----D---- C:\ProgramData\Venus DS
2011-03-24 14:11:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-24 14:11:23 ----A---- C:\Windows\system32\FntCache.dll
2011-03-24 14:11:22 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-03-24 14:11:22 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-03-24 14:11:22 ----A---- C:\Windows\system32\DWrite.dll
2011-03-22 17:19:22 ----D---- C:\Users\Kubik\AppData\Roaming\Vogat Interactive
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-03-19 18:15:51 ----A---- C:\Windows\SYSWOW64\java.exe
2011-03-19 18:13:25 ----D---- C:\ProgramData\McAfee
2011-03-13 17:10:49 ----D---- C:\Users\Kubik\AppData\Roaming\margrave3_full
2011-03-12 15:35:47 ----D---- C:\Users\Kubik\AppData\Roaming\Elephant Games
2011-03-12 15:35:47 ----D---- C:\ProgramData\Elephant Games
2011-03-09 21:18:09 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 21:18:08 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-03-09 21:18:08 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-03-09 21:18:08 ----A---- C:\Windows\system32\mstsc.exe
2011-03-09 21:18:05 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-03-09 21:18:05 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-03-09 21:18:05 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 21:18:05 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 21:18:04 ----A---- C:\Windows\SYSWOW64\sbeio.dll
2011-03-09 21:18:04 ----A---- C:\Windows\system32\sbeio.dll
======List of files/folders modified in the last 1 months======
2011-04-05 20:00:53 ----D---- C:\Windows\Temp
2011-04-05 19:58:27 ----D---- C:\Windows
2011-04-05 19:58:08 ----D---- C:\Windows\Minidump
2011-04-05 19:53:15 ----D---- C:\Windows\Prefetch
2011-04-05 19:49:32 ----D---- C:\Users\Kubik\AppData\Roaming\uTorrent
2011-04-05 19:47:56 ----SHD---- C:\Windows\Installer
2011-04-05 19:47:52 ----RSD---- C:\Windows\assembly
2011-04-05 19:47:50 ----RD---- C:\Program Files (x86)
2011-04-05 19:43:00 ----D---- C:\Windows\winsxs
2011-04-05 19:41:39 ----D---- C:\Windows\SysWOW64
2011-04-05 19:37:38 ----D---- C:\Windows\rescache
2011-04-05 19:32:24 ----SD---- C:\ProgramData\Microsoft
2011-04-05 19:32:20 ----RSD---- C:\Windows\Fonts
2011-04-05 19:28:40 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-05 19:28:40 ----D---- C:\Windows\system32\drivers
2011-04-05 19:25:39 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-05 19:24:49 ----RD---- C:\Program Files
2011-04-05 19:21:47 ----D---- C:\Windows\System32
2011-04-05 19:21:47 ----D---- C:\Windows\inf
2011-04-05 19:21:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-05 19:19:19 ----D---- C:\Windows\system32\Tasks
2011-04-05 19:17:53 ----D---- C:\Program Files (x86)\Common Files
2011-04-05 19:17:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-04-05 19:17:25 ----D---- C:\Windows\system32\cs-CZ
2011-04-05 19:17:16 ----D---- C:\Windows\system32\catroot
2011-04-05 19:16:29 ----SHD---- C:\System Volume Information
2011-04-05 16:33:04 ----D---- C:\Windows\twain_32
2011-04-05 16:32:47 ----D---- C:\Windows\Tasks
2011-04-05 16:32:45 ----SD---- C:\Windows\Downloaded Program Files
2011-04-05 16:30:28 ----D---- C:\Users\Kubik\AppData\Roaming\Skype
2011-04-05 16:29:58 ----D---- C:\Users\Kubik\AppData\Roaming\skypePM
2011-04-05 16:21:42 ----D---- C:\Program Files (x86)\totalcmd
2011-04-04 22:53:14 ----D---- C:\games
2011-04-04 22:28:02 ----D---- C:\Program Files (x86)\Games
2011-04-04 21:42:59 ----D---- C:\Windows\system32\wbem
2011-04-04 20:36:37 ----D---- C:\Windows\system32\Msdtc
2011-04-04 20:27:21 ----D---- C:\Windows\system32\config
2011-04-04 20:27:09 ----D---- C:\Windows\system32\spool
2011-04-04 20:27:09 ----D---- C:\Windows\system32\catroot2
2011-04-04 20:27:09 ----D---- C:\Users\Kubik\AppData\Roaming\GHISLER
2011-04-04 20:27:08 ----D---- C:\ProgramData\HP Product Assistant
2011-04-04 19:06:04 ----AD---- C:\ProgramData\TEMP
2011-03-28 18:20:50 ----D---- C:\Users\Kubik\AppData\Roaming\Artogon
2011-03-27 15:37:11 ----SD---- C:\Users\Kubik\AppData\Roaming\Microsoft
2011-03-25 17:39:16 ----HD---- C:\ProgramData
2011-03-19 22:23:17 ----D---- C:\Users\Kubik\AppData\Roaming\PrimoPDF
2011-03-19 18:15:28 ----D---- C:\Program Files (x86)\Java
2011-03-19 11:20:28 ----D---- C:\Users\Kubik\AppData\Roaming\ERS Game Studios
2011-03-19 10:28:59 ----D---- C:\Program Files (x86)\MyPlayCity.com
2011-03-18 17:14:26 ----D---- C:\Users\Kubik\AppData\Roaming\SolSuite
2011-03-17 19:06:42 ----D---- C:\Users\Kubik\AppData\Roaming\PlayFirst
2011-03-17 19:06:42 ----D---- C:\ProgramData\PlayFirst
2011-03-13 19:53:48 ----D---- C:\Windows\Debug
2011-03-10 00:20:03 ----A---- C:\Windows\system32\mrt.exe
2011-03-10 00:19:53 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-03 834544]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 188928]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-08-27 310728]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-01-12 42696]
R3 3xHybr64;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybr64.sys [2007-04-20 873216]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 275456]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2008-02-11 7709056]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-11-29 28208]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 72064]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-05-15 82816]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2006-10-03 51200]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 a3w00r4i;a3w00r4i; C:\Windows\system32\drivers\a3w00r4i.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 26112]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 115712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 694272]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 34816]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 145408]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 42496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 6144]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd64.sys [2008-02-11 7709056]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 40832]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 7936]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 178176]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 108544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 12784]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Re: Kontrola logu
Log vypada cisty
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Takže ještě jednou mnohokrát děkuji.
Re: Kontrola logu
Nemate zac, rad jsem pomohl Zase nekdy 
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?