VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=104500

Stránka 2 z 3

Re: Prosím o kontrolu logu

Napsal: 08 říj 2010 16:28
od dol
Zdravím,
počítač se mi zdá pomalý, možná to je jeho výkonem. Po vypnutí AV se samozřejmě trochu zrychlil. Jsem laik, ale mate mě stálá práce disku, i když je počítač v klidu. Opsal jsem Správce úloh/Procesy/Využití paměti:
s vypnutým AV - 240M
se zapnutým AV - 470M
s otevřeným IE8 - 530M
Pokud pomalá rychlost bude uživateli nadále vadit, asi změním AV. Osobně používám Avast a doplnil jsem Zone Alarm. Zatím jsem problém neměl. Prosím proto jen o posouzení zaslaných logů, případně doporučení, které programy při spuštění ještě odškrtnout.
Díky.

Re: Prosím o kontrolu logu

Napsal: 08 říj 2010 20:42
od motji
To je zvláštní, já při 512MB RAM, Avastu, ZA a firefoxu mám využití 340MB RAM.
Zkuste ještě combofix.


:arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Re: Prosím o kontrolu logu

Napsal: 09 říj 2010 15:12
od dol
Spustím Combofix a pošlu log při příští návštěvě.
Jinak na mém počítači při RAM 2GB mám při Avast a Zone alarm využití RAM 240MB, po spuštění IE8 295MB.

Re: Prosím o kontrolu logu

Napsal: 09 říj 2010 17:50
od motji
MOzilla je hroznej žrout :roll: .
Dobře, pak sem vložte log. F-secure bych vyhodila, třeba Avira není tak náročná na RAM.

Re: Prosím o kontrolu logu

Napsal: 30 lis 2010 16:15
od dol
Dobrý den, nevím, zda lhůta pro další přihlášení už není promlčena.
Teprve včera jsem měl možnost na počítači použít Combofix a poslat Vám log. Bohužel zůstalo jen u možnosti. Počítač pokusům o skenování odolal. Postupoval jsem přesně podle návodu, program stáhl z Bleeping..,na druhý pokus nainstaloval Konzolu a nechal otevírat okno AutoScan. A to bylo všechno. Žádné fáze, chvíli blikající kurzor, pak bez blikání a pak nutný restart. To se opakovalo několikrát; odstranění souboru z plochy, znovu stáhnutí Combofixu i z instaluj.cz, výsledek vždy podobný. A to jsem čekal pro jistotu až 45 minut. Na počítači trvající problém s otevíráním stránek, např. i Start i Ovládací panely.
I když jsou, jak se říká, dny počítače sečteny, a jeho majitel si už vybírá náhradu, přece jen by mě zajímala příčina jeho potíží.
Díky za trpělivost.

Re: Prosím o kontrolu logu

Napsal: 30 lis 2010 21:29
od motji
Dobrý večer :)
Zkusíme to jinak :)

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)



:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 17:31
od dol
OTL Extras logfile created on: 17.12.2010 17:10:24 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jiří.ALZA\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,00 Mb Total Physical Memory | 78,00 Mb Available Physical Memory | 15,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 49,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,89 Gb Total Space | 29,71 Gb Free Space | 12,76% Space Free | Partition Type: NTFS
Drive D: | 114,48 Gb Total Space | 80,86 Gb Free Space | 70,63% Space Free | Partition Type: NTFS

Computer Name: ALZA | User Name: Jiří | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-436374069-1547161642-682003330-1004\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\AVG Free\avginet.exe" = C:\Program Files\AVG Free\avginet.exe:*:Enabled:avginet.exe -- File not found
"C:\Program Files\AVG Free\avgamsvr.exe" = C:\Program Files\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe -- File not found
"C:\Program Files\AVG Free\avgcc.exe" = C:\Program Files\AVG Free\avgcc.exe:*:Enabled:avgcc.exe -- File not found
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime -- (Nero AG)
"C:\Program Files\Sierra On-Line\SIGSPat.exe" = C:\Program Files\Sierra On-Line\SIGSPat.exe:*:Enabled:SIGSPat -- (Cendant Software, Inc.)
"C:\Program Files\Outbreak\OutBreak_LAN.exe" = C:\Program Files\Outbreak\OutBreak_LAN.exe:*:Enabled:Codename: Outbrake -- (GSC Game World)
"C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" = C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise -- (Voipwise)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0938795F-85C6-4C77-B2EB-5834B5B8DE19}_is1" = RTL Winter Games 2007
"{0A2A5039-B37F-489D-B1DC-A5258DF9E697}" = FIFA 08
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP630_series" = Canon MP630 series MP Drivers
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic UDF Reader
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1BBD9C84-4FDE-4318-8A32-B31CF4CF4CF8}" = TOPO Czech 3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}" = Windows Live Sign-in Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire
"{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}" = Nokia Nseries Video Manager
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{309A4810-C1A1-4BAC-888A-5BB93BC707F4}" = Nokia NSeries One Touch Access
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37D33EA0-A902-4925-8081-9AF88CB86EE1}" = Nokia NSeries Content Copier
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3EC0A49B-BF10-45A5-B15C-D90484A846E6}" = Letopisy Narnie Princ Kaspian
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"{4B682CF4-9B41-4297-8B13-968B28B864C6}" = FlatOut Demo
"{4B6E7269-2948-4E5B-9C82-3B4803AEDD37}" = Nokia NSeries Application Installer
"{4CFB3821-1582-4F3B-BF8D-30986923B36B}" = Nokia Multimedia Factory
"{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1" = Kobra 11 Nitro
"{639858DD-4966-40F3-A706-7C838BCF3A2B}" = MaxBlast 4
"{649CB8E9-4A54-409C-B0D8-7D6865329D26}" = Nokia Download!
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{977CD9E4-2CE7-46AC-BBEC-FC2B9696464B}" = Marine Park Empire
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A1BC8E02-6B5B-4B4A-A75F-B27A16918C2B}" = DiscWizard for Windows
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-0000-7EC8-7489-000000000701}" = Adobe Acrobat 7.0.1 and Reader 7.0.1 Update
"{AC76BA86-0000-7EC8-7489-000000000703}" = Adobe Acrobat 7.0.2 and Reader 7.0.2 Update
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{AF9DF4B7-5BDE-42F5-94EF-53311B55566B}" = Project IGI2 - Covert Strike
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C72D7008-266D-4DD8-BF3C-296B736127F6}" = Mafia
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE3B8E96-B0AF-4871-9178-1519B58E3A93}" = A4 TECH PC Camera H
"{CF3BAA39-989D-4EC4-9224-44D578494B5B}" = Nokia NSeries System Utilities
"{CFA21350-5CC1-46E5-BDEF-7B35837E26E6}_is1" = The Stalin Subway
"{D000103C-07B1-4150-B854-03B9EB085725}" = Windows Live Messenger
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{DF0EA7E8-3F3C-4453-9DA8-54BE739E4049}_is1" = Devastation
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E4E3E62E-16D7-425E-009C-DCB5E64F5955}" = FIFA 2005
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F14B8ECC-BDA0-4987-9201-D7B7DBE11029}" = Nero 7 Premium
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{Punské války}" = Punské války
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6A630DCEC5EEC912115F2FF59D8C2C769798D930" = Balíček ovladače systému Windows - Nokia Modem (10/12/2007 3.6)
"819D45A9F73817F5B6D7C71A33ADAB88C5DA1765" = Balíček ovladače systému Windows - Nokia Modem (08/03/2007 6.84.0.2)
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2008
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"ATI Display Driver" = ATI Display Driver
"Belarc Advisor" = Belarc Advisor 7.2
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"Codename: Outbreak" = Codename: Outbreak
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"EasyLanguage - Angličtina (JNP edice)_is1" = EasyLanguage - Angličtina (JNP edice)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Firefox Windows Media Player XPI" = Firefox Windows Media Player XPI
"F-Secure Product 277" = F-Secure Profi Antivirus
"GameSpy Arcade" = GameSpy Arcade
"HDD Health_is1" = HDD Health v3.3 Beta
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{242BCCDC-B37B-4792-A52C-BCDDB1030AF9}" = Zoo Empire
"InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"InstallShield_{977CD9E4-2CE7-46AC-BBEC-FC2B9696464B}" = Marine Park Empire
"InstallShield_{AF9DF4B7-5BDE-42F5-94EF-53311B55566B}" = Project IGI2 - Covert Strike
"IrfanView" = IrfanView (remove only)
"LimeWire" = LimeWire 4.16.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Multimedia Factory{4CFB3821-1582-4F3B-BF8D-30986923B36B}" = Nokia Multimedia Factory
"Nokia NSeries Application Installer" = Nokia NSeries Application Installer 6.84.2114
"Nokia NSeries Content Copier" = Nokia NSeries Content Copier 6.84.2114
"Nokia NSeries One Touch Access" = Nokia NSeries One Touch Access 6.84.2114
"Nokia NSeries System Utilities" = Nokia NSeries System Utilities 6.84.2114
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PC Tune-Up" = PC Tune-Up
"Picasa2" = Picasa 2
"QcDrv" = ##CAMERADRIVERNAME##
"QuicktimeAlt_is1" = QuickTime Alternative 1.76
"Rally Championship" = Rally Championship
"RealPlayer 6.0" = RealPlayer
"Registrace uživatele zařízení Canon MP630 series" = Registrace uživatele zařízení Canon MP630 series
"Revo Uninstaller" = Revo Uninstaller 1.89
"Ricochet_is1" = Ricochet Xtreme
"Sierra Utilities" = Sierra Utilities
"SiSoftware Sandra Professional 2005_is1" = SiSoftware Sandra Professional 2005 (Win64/32/CE)
"SlimStar 250" = SlimStar 250
"Tarcinin Mutfagi Toolbar" = Tarcinin Mutfagi Toolbar
"Tarcinin_Mutfagi Toolbar" = Tarcinin_Mutfagi Toolbar
"Totalcmd" = Total Commander (Remove or Repair)
"Voipwise_is1" = Voipwise
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Příručka k zařízení Windows Mobile®
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.12.2010 10:39:57 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:39:57 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:39:57 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:39:57 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:40:59 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:40:59 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:40:59 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:41:36 | Computer Name = ALZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.12.2010 10:42:11 | Computer Name = ALZA | Source = F-Secure Anti-Virus | ID = 103
Description =

Error - 17.12.2010 10:44:24 | Computer Name = ALZA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 17.12.2010 11:01:07 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:01:09 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:01:11 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:01:13 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:01:15 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:01:18 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:23:30 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:23:30 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:23:35 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.

Error - 17.12.2010 11:23:35 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.


< End of report >

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 17:36
od dol
OTL logfile created on: 17.12.2010 15:59:39 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Jiří.ALZA\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,00 Mb Total Physical Memory | 110,00 Mb Available Physical Memory | 22,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,89 Gb Total Space | 29,69 Gb Free Space | 12,75% Space Free | Partition Type: NTFS
Drive D: | 114,48 Gb Total Space | 80,86 Gb Free Space | 70,63% Space Free | Partition Type: NTFS

Computer Name: ALZA | User Name: Jiří | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.12.17 15:49:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří.ALZA\Plocha\OTL.exe
PRC - [2010.07.29 18:01:55 | 000,709,800 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
PRC - [2010.07.29 18:01:52 | 000,496,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
PRC - [2010.02.25 20:01:32 | 009,084,720 | ---- | M] (Voipwise) -- C:\Program Files\Voipwise.com\Voipwise\voipwise.exe
PRC - [2010.01.21 20:16:52 | 000,348,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
PRC - [2010.01.21 20:16:52 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
PRC - [2009.01.29 16:53:00 | 000,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsus.exe
PRC - [2008.12.04 15:04:02 | 000,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
PRC - [2008.12.04 15:02:40 | 000,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSMB32.EXE
PRC - [2008.12.04 15:02:40 | 000,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSM32.EXE
PRC - [2008.12.04 15:02:40 | 000,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSMA32.EXE
PRC - [2008.12.04 15:02:38 | 000,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FAMEH32.EXE
PRC - [2008.12.04 15:02:38 | 000,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FCH32.EXE
PRC - [2008.12.04 14:59:14 | 000,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSGUI\fsguidll.exe
PRC - [2008.12.04 14:57:54 | 000,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe
PRC - [2008.12.04 14:57:06 | 000,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
PRC - [2008.12.04 14:55:26 | 000,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.08.30 09:58:38 | 000,049,152 | ---- | M] (ZSMCSNAP) -- C:\WINDOWS\VMSnap3.EXE
PRC - [2006.06.28 16:54:06 | 000,049,152 | ---- | M] (Vimicro) -- C:\WINDOWS\Domino.EXE
PRC - [2005.11.23 10:12:16 | 001,060,864 | ---- | M] (VIA Technologies) -- C:\Program Files\VIA\RAID\raid_tool.exe


========== Modules (SafeList) ==========

MOD - [2010.12.17 15:49:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří.ALZA\Plocha\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\ComboFix\PEV.cfx -- (PEVSystemStart)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Helexis\Drive Health\dhcore.exe -- (DriveHealth)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.01.21 20:16:52 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009.10.27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.12.04 15:04:02 | 000,055,904 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2008.12.04 15:02:40 | 000,117,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2008.12.04 14:57:54 | 000,510,560 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2008.12.04 14:55:26 | 000,490,080 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\FSAUA\program\fsaua.exe -- (FSAUA)
SRV - [2008.01.22 09:35:52 | 000,103,808 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007.05.16 09:41:18 | 000,029,704 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2005.11.14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.11.21 15:11:26 | 000,156,656 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\Sandra Professional 2005\RpcDataSrv.exe -- (SandraDataSrv)
SRV - [2004.11.21 15:11:20 | 001,131,496 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\Sandra Professional 2005\RpcSandraSrv.exe -- (SandraTheSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JI1A2B~1.ALZ\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010.12.17 15:54:48 | 000,042,664 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010.07.29 18:24:49 | 000,124,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010.05.10 19:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.02.17 19:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.10.06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.12.04 15:02:20 | 000,067,808 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2008.12.04 14:57:54 | 000,079,872 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2008.12.04 14:57:10 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)
DRV - [2008.12.04 14:57:10 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 19:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)
DRV - [2008.02.27 12:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2007.09.14 15:04:46 | 002,455,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.03.09 09:27:56 | 000,010,836 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\usbfltr.cat -- (UsbFltr)
DRV - [2006.12.01 13:23:58 | 000,392,122 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbVM303.sys -- (ZSMC303)
DRV - [2006.08.18 13:52:00 | 004,017,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.06.16 19:56:38 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.06.13 04:20:00 | 000,094,460 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006.06.13 04:20:00 | 000,088,476 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006.06.13 04:20:00 | 000,086,844 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006.06.13 04:20:00 | 000,025,724 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006.06.13 04:20:00 | 000,014,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006.06.13 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006.06.13 04:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2006.06.12 02:30:00 | 000,089,264 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006.04.25 09:57:42 | 000,428,160 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmfilter303.sys -- (vmfilter303)
DRV - [2006.04.21 09:54:56 | 000,012,963 | ---- | M] (WayTech Development, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\kbfilter.sys -- (kbfilter)
DRV - [2006.03.17 07:35:24 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006.03.17 07:34:46 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2006.03.17 04:20:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006.02.23 11:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\xfilt.sys -- (xfilt)
DRV - [2006.02.23 11:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2005.05.27 10:32:51 | 001,317,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvcm.sys -- (QCMerced)
DRV - [2005.05.27 10:31:26 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005.01.10 01:32:00 | 003,330,304 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004.11.10 11:41:18 | 000,019,416 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandra Professional 2005\sandra.sys -- (SANDRA)
DRV - [2004.08.09 12:33:26 | 000,114,016 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.08.09 12:29:28 | 000,053,920 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.04.23 11:49:10 | 000,121,216 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RT2500.sys -- (RT2500)
DRV - [2004.04.14 11:08:00 | 000,044,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2004.04.14 11:08:00 | 000,021,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2004.04.14 11:08:00 | 000,010,144 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2004.04.14 11:08:00 | 000,005,600 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-436374069-1547161642-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.cz/ [binary data]
IE - HKU\S-1-5-21-436374069-1547161642-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
IE - HKU\S-1-5-21-436374069-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-436374069-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.25 10:09:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009.12.25 18:14:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009.12.25 18:14:42 | 000,000,000 | ---D | M]

[2009.04.08 20:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla\Extensions
[2010.11.29 19:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla\Firefox\Profiles\fd469yvo.default\extensions
[2010.09.08 05:51:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla\Firefox\Profiles\fd469yvo.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.06 21:24:23 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla\Firefox\Profiles\fd469yvo.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.09.06 21:06:19 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla\Firefox\Profiles\fd469yvo.default\searchplugins\bing.xml
[2010.11.29 19:58:02 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008.04.19 18:07:59 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008.04.19 18:07:41 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\real-networks@partners.mozilla.com
[2008.03.31 20:06:24 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2008.03.31 20:06:24 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2008.01.27 10:57:20 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2008.01.27 10:57:20 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2008.03.31 20:06:24 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.05.14 07:32:48 | 000,395,299 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 13651 more lines...
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-436374069-1547161642-682003330-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE File not found
O4 - HKLM..\Run: [Domino] C:\WINDOWS\Domino.EXE (Vimicro)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O4 - HKLM..\Run: [VMSnap3] C:\WINDOWS\VMSnap3.EXE (ZSMCSNAP)
O4 - HKU\S-1-5-21-436374069-1547161642-682003330-1004..\Run: [Voipwise] C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-436374069-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-436374069-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\NPJPI150_09.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://by118fd.bay118.hotmail.msn.com/r ... nPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://tw.msi.com.tw/autobios/LOnline/install.cab (WebSDev Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinsta ... 586-jc.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} http://www.tgrt.com.tr/CanliYayin/ampx2 ... _en_dl.cab (IWinAmpActiveX Class)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_09)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\bw+0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw+0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw00s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw-0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw10s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw20s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw30s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw40s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw50s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw60s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw70s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw80s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bw90s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwa0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwb0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwc0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwd0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwe0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwf0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwg0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwh0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwi0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwj0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwk0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwl0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwm0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwn0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwo0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwp0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwq0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwr0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bws0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwt0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwu0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwv0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bww0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwx0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwy0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0 {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\bwz0s {e52c5ff2-fe17-4587-80a1-19009b8183fe} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\offline-8876480 {E52C5FF2-FE17-4587-80A1-19009B8183FE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (Logitech)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jiří.ALZA\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jiří.ALZA\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.11.22 16:44:46 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6aac7382-e551-11dd-a9c0-0013d35ffe75}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 17:37
od dol
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.12.17 15:48:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jiří.ALZA\Plocha\OTL.exe
[2010.11.29 23:32:57 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.11.29 22:57:58 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF22486.exe
[2010.11.29 22:48:54 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF20722.exe
[2010.11.29 22:02:22 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.11.29 21:18:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.11.29 21:18:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.11.29 21:18:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.11.29 21:18:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.11.29 21:18:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.11.29 21:17:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[41 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.12.17 15:54:48 | 000,042,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010.12.17 15:49:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří.ALZA\Plocha\OTL.exe
[2010.12.17 15:40:04 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.17 15:32:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.17 15:31:48 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.17 15:31:37 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2010.12.17 15:31:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.29 23:30:49 | 003,982,422 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Plocha\ComboFix.exe
[2010.11.29 22:57:44 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF22486.exe
[2010.11.29 22:48:44 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF20722.exe
[2010.11.29 22:02:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.11.29 21:28:25 | 000,000,327 | ---- | M] () -- C:\Boot.bak
[2010.11.18 17:27:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.11.17 22:34:03 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Jiří.ALZA\Dokumenty\Příběh Jakuba a Martina.doc
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[41 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.29 23:30:49 | 003,982,422 | R--- | C] () -- C:\Documents and Settings\Jiří.ALZA\Plocha\ComboFix.exe
[2010.11.29 21:28:25 | 000,000,327 | ---- | C] () -- C:\Boot.bak
[2010.11.29 21:28:19 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.11.29 21:18:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.11.29 21:18:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.11.29 21:18:19 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.11.29 21:18:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.11.29 21:18:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.11.17 19:39:22 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Dokumenty\Příběh Jakuba a Martina.doc
[2010.11.11 20:49:54 | 000,223,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.05.19 20:08:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\$_hpcst$.hpc
[2009.04.21 18:42:56 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.03.01 20:33:34 | 000,042,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2008.10.15 16:28:39 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008.09.30 16:43:34 | 001,286,152 | ---- | C] () -- C:\WINDOWS\System32\msxml4.dll
[2008.09.08 19:26:49 | 000,001,272 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.06.21 08:27:16 | 000,011,285 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\NMM-MetaData.db
[2008.05.11 20:28:26 | 000,001,350 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.04.01 19:11:06 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.04 21:03:27 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2007.10.28 19:21:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\unrar.dll
[2007.01.24 18:15:43 | 000,001,039 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.01.24 18:15:41 | 000,000,840 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007.01.24 18:15:40 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.24 18:15:40 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.24 18:15:40 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.01.24 18:15:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.24 18:15:38 | 000,000,132 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2007.01.24 18:15:32 | 000,011,130 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.01.24 18:15:31 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.01.24 18:15:24 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007.01.24 18:15:24 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2007.01.24 18:15:16 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2007.01.24 18:15:16 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2007.01.24 18:15:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.01.24 18:15:14 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007.01.24 18:15:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\TrackerNET.dll
[2007.01.24 18:15:07 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.01.24 18:15:05 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.01.24 18:15:03 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2007.01.24 18:15:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2007.01.24 18:15:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2007.01.24 18:14:48 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\memtest.dll
[2007.01.24 18:14:47 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007.01.24 18:14:46 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2007.01.24 18:14:44 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.01.24 18:14:42 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[2007.01.24 18:14:08 | 000,039,372 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2007.01.24 18:14:04 | 001,317,152 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2007.01.24 18:14:04 | 000,039,372 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2007.01.24 18:14:03 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys

========== LOP Check ==========

[2009.01.01 14:25:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.06.25 12:21:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2009.01.05 21:34:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX
[2009.01.05 21:30:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2010.11.22 17:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2010.02.06 23:21:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2009.01.05 22:31:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2009.03.01 20:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\f-secure
[2009.03.01 20:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fssg
[2010.01.10 20:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.01.10 20:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2007.01.24 17:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.03.18 10:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.10.17 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.12.25 10:20:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiøí.ALZA\Data aplikací\Nokia
[2008.01.10 23:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\AVG7
[2007.01.24 17:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\F-Secure
[2007.01.24 17:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\ispnews
[2008.03.27 19:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\LimeWire
[2007.12.30 14:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\Nokia
[2007.11.12 20:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\Nokia Multimedia Player
[2007.12.30 13:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\PC Suite
[2008.09.08 19:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Disney Interactive Studios
[2010.04.21 18:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\F-Secure
[2008.08.25 18:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\FotoWire
[2008.12.20 11:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LANGMaster
[2009.03.25 21:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LimeWire
[2009.01.24 12:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Nokia
[2010.01.10 19:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\PC Suite
[2009.03.18 10:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\TuneUp Software
[2010.01.10 15:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Voipwise
[2010.05.13 20:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ronaldo vs Jirik\Data aplikací\Cenega
[2010.09.25 08:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ronaldo vs Jirik\Data aplikací\Nokia
[2010.09.12 12:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ronaldo vs Jirik\Data aplikací\PC Suite
[2010.02.12 17:16:55 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.12.17 15:31:37 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\iMeshNAG.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"Voipwise" = "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized -- [2010.02.25 20:01:32 | 009,084,720 | ---- | M] (Voipwise)

< c:\windows\*.* /U >
[41 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.05.01 14:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Adobe
[2008.04.01 21:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\AdobeUM
[2008.04.27 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Ahead
[2009.12.25 18:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Apple Computer
[2008.09.08 19:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Disney Interactive Studios
[2010.04.21 18:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\F-Secure
[2008.08.25 18:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\FotoWire
[2008.04.12 09:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Google
[2008.04.11 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Help
[2008.03.31 21:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Identities
[2008.08.25 19:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\InstallShield
[2008.12.20 11:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LANGMaster
[2009.03.25 21:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LimeWire
[2009.02.17 17:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Macromedia
[2010.09.25 08:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Malwarebytes
[2010.02.06 23:21:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft
[2009.04.08 20:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla
[2009.01.24 12:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Nokia
[2010.01.10 19:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\PC Suite
[2009.09.08 17:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Real
[2009.01.22 20:53:29 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\SecuROM
[2010.10.28 22:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Skype
[2010.09.09 15:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\skypePM
[2009.04.21 19:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Sony Corporation
[2008.04.06 00:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Sun
[2010.09.06 15:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\SUPERAntiSpyware.com
[2008.04.20 12:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Talkback
[2009.03.18 10:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\TuneUp Software
[2010.01.10 15:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Voipwise

< %APPDATA%\*.exe /s >
[2009.04.21 18:36:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
[2009.04.26 12:33:32 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\ARPPRODUCTICON.exe
[2009.04.26 12:33:32 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\FlatOutDemo.exe1_4B682CF49B4142978B13968B28B864C6.exe
[2009.04.26 12:33:32 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\FlatOutDemo.exe_E7A4797FABFC4ECEA2D0CD1C7229179B.exe
[2009.04.26 12:33:32 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\Uninstall_FlatOut_De_E7A4797FABFC4ECEA2D0CD1C7229179B.exe
[2010.06.25 20:55:12 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Real\Update\setup3.10\setup.exe


< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2005.11.23 10:12:12 | 000,107,344 | ---- | M] (VIA Technologies inc,.ltd) MD5=643DC63B827FB767968967B4DB813F1F -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\Floppy\i386\NT4\viamraid.sys
[2005.11.23 10:12:22 | 000,107,344 | ---- | M] (VIA Technologies inc,.ltd) MD5=643DC63B827FB767968967B4DB813F1F -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\VIARAID\driver\winnt40\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Drivers\VIA\drvdisk\i386\NT4\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Drivers\VIA\VIARAID\driver\winnt40\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Install\VIA_HyperionPro_V510A\drvdisk\i386\NT4\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Install\VIA_HyperionPro_V510A\VIARAID\driver\winnt40\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Drivers\VIA\drvdisk\i386\NT5\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Drivers\VIA\VIARAID\driver\winxp\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Install\VIA_HyperionPro_V510A\drvdisk\i386\NT5\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Install\VIA_HyperionPro_V510A\VIARAID\driver\winxp\viamraid.sys
[2006.03.31 03:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\WINDOWS\OemDir\viamraid.sys
[2005.11.23 10:12:12 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\Floppy\i386\NT5\viamraid.sys
[2005.11.23 10:12:24 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\VIARAID\driver\winxp\viamraid.sys
[2005.11.23 10:12:24 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.10 06:52:30 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[4 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006.11.23 17:54:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.11.23 17:54:00 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.11.23 17:54:00 | 000,471,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.10 06:52:30 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.12.17 15:54:48 | 000,042,664 | ---- | M] () -- C:\WINDOWS\system32\drivers\fsbts.sys
[4 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2010.12.17 15:32:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< >

< >

< End of report >

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 17:53
od motji
Trochu mám obavu o zdraví Vašeho disku :o
Error - 17.12.2010 11:23:35 | Computer Name = ALZA | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Máte jen jeden disk?


:arrow: Stahněte HD tune http://www.slunecnice.cz/sw/hd-tune/
-zvolete poslední záložku Error scan
-dejte skenovat, trvá to kolem hodiny.
-pak napište jestli jste měl nějaká políčka červená

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 21:56
od dol
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.12.17 15:48:46 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jiří.ALZA\Plocha\OTL.exe
[2010.11.29 23:32:57 | 000,000,000 | --SD | C] -- C:\ComboFix
[2010.11.29 22:57:58 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF22486.exe
[2010.11.29 22:48:54 | 000,390,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CF20722.exe
[2010.11.29 22:02:22 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.11.29 21:18:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.11.29 21:18:19 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.11.29 21:18:19 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.11.29 21:18:19 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.11.29 21:18:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.11.29 21:17:25 | 000,000,000 | ---D | C] -- C:\Qoobox
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[41 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.12.17 15:54:48 | 000,042,664 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2010.12.17 15:49:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří.ALZA\Plocha\OTL.exe
[2010.12.17 15:40:04 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.17 15:32:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.17 15:31:48 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.17 15:31:37 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2010.12.17 15:31:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.29 23:30:49 | 003,982,422 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Plocha\ComboFix.exe
[2010.11.29 22:57:44 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF22486.exe
[2010.11.29 22:48:44 | 000,390,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\CF20722.exe
[2010.11.29 22:02:27 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2010.11.29 21:28:25 | 000,000,327 | ---- | M] () -- C:\Boot.bak
[2010.11.18 17:27:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.11.17 22:34:03 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Jiří.ALZA\Dokumenty\Příběh Jakuba a Martina.doc
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[41 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.29 23:30:49 | 003,982,422 | R--- | C] () -- C:\Documents and Settings\Jiří.ALZA\Plocha\ComboFix.exe
[2010.11.29 21:28:25 | 000,000,327 | ---- | C] () -- C:\Boot.bak
[2010.11.29 21:28:19 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2010.11.29 21:18:19 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.11.29 21:18:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.11.29 21:18:19 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.11.29 21:18:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.11.29 21:18:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.11.17 19:39:22 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Dokumenty\Příběh Jakuba a Martina.doc
[2010.11.11 20:49:54 | 000,223,632 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.05.19 20:08:52 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\$_hpcst$.hpc
[2009.04.21 18:42:56 | 000,000,179 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.03.01 20:33:34 | 000,042,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2008.10.15 16:28:39 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2008.09.30 16:43:34 | 001,286,152 | ---- | C] () -- C:\WINDOWS\System32\msxml4.dll
[2008.09.08 19:26:49 | 000,001,272 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.06.21 08:27:16 | 000,011,285 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\NMM-MetaData.db
[2008.05.11 20:28:26 | 000,001,350 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.04.01 19:11:06 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Jiří.ALZA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.01.04 21:03:27 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2007.10.28 19:21:08 | 000,053,248 | ---- | C] () -- C:\WINDOWS\unrar.dll
[2007.01.24 18:15:43 | 000,001,039 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.01.24 18:15:41 | 000,000,840 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007.01.24 18:15:40 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.24 18:15:40 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.01.24 18:15:40 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2007.01.24 18:15:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.01.24 18:15:38 | 000,000,132 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2007.01.24 18:15:32 | 000,011,130 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.01.24 18:15:31 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2007.01.24 18:15:24 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007.01.24 18:15:24 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2007.01.24 18:15:16 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2007.01.24 18:15:16 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2007.01.24 18:15:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.01.24 18:15:14 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2007.01.24 18:15:14 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\TrackerNET.dll
[2007.01.24 18:15:07 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.01.24 18:15:05 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.01.24 18:15:03 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2007.01.24 18:15:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2007.01.24 18:15:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2007.01.24 18:14:48 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\memtest.dll
[2007.01.24 18:14:47 | 000,009,255 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2007.01.24 18:14:46 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll
[2007.01.24 18:14:44 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.01.24 18:14:42 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[2007.01.24 18:14:08 | 000,039,372 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2007.01.24 18:14:04 | 001,317,152 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvcm.sys
[2007.01.24 18:14:04 | 000,039,372 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2007.01.24 18:14:03 | 000,006,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\FlashSys.sys

========== LOP Check ==========

[2009.01.01 14:25:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.06.25 12:21:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2009.01.05 21:34:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX
[2009.01.05 21:30:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2010.11.22 17:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2010.02.06 23:21:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2009.01.05 22:31:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2009.03.01 20:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\f-secure
[2009.03.01 20:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fssg
[2010.01.10 20:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.01.10 20:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2007.01.24 17:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.03.18 10:55:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.10.17 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.12.25 10:20:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiøí.ALZA\Data aplikací\Nokia
[2008.01.10 23:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\AVG7
[2007.01.24 17:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\F-Secure
[2007.01.24 17:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\ispnews
[2008.03.27 19:58:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\LimeWire
[2007.12.30 14:05:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\Nokia
[2007.11.12 20:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\Nokia Multimedia Player
[2007.12.30 13:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří\Data aplikací\PC Suite
[2008.09.08 19:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Disney Interactive Studios
[2010.04.21 18:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\F-Secure
[2008.08.25 18:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\FotoWire
[2008.12.20 11:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LANGMaster
[2009.03.25 21:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LimeWire
[2009.01.24 12:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Nokia
[2010.01.10 19:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\PC Suite
[2009.03.18 10:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\TuneUp Software
[2010.01.10 15:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Voipwise
[2010.05.13 20:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ronaldo vs Jirik\Data aplikací\Cenega
[2010.09.25 08:00:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ronaldo vs Jirik\Data aplikací\Nokia
[2010.09.12 12:05:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ronaldo vs Jirik\Data aplikací\PC Suite
[2010.02.12 17:16:55 | 000,000,388 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.12.17 15:31:37 | 000,000,300 | ---- | M] () -- C:\WINDOWS\Tasks\iMeshNAG.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 04:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"Voipwise" = "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized -- [2010.02.25 20:01:32 | 009,084,720 | ---- | M] (Voipwise)

< c:\windows\*.* /U >
[41 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.05.01 14:26:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Adobe
[2008.04.01 21:50:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\AdobeUM
[2008.04.27 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Ahead
[2009.12.25 18:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Apple Computer
[2008.09.08 19:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Disney Interactive Studios
[2010.04.21 18:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\F-Secure
[2008.08.25 18:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\FotoWire
[2008.04.12 09:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Google
[2008.04.11 15:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Help
[2008.03.31 21:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Identities
[2008.08.25 19:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\InstallShield
[2008.12.20 11:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LANGMaster
[2009.03.25 21:27:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\LimeWire
[2009.02.17 17:10:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Macromedia
[2010.09.25 08:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Malwarebytes
[2010.02.06 23:21:46 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft
[2009.04.08 20:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Mozilla
[2009.01.24 12:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Nokia
[2010.01.10 19:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\PC Suite
[2009.09.08 17:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Real
[2009.01.22 20:53:29 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\SecuROM
[2010.10.28 22:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Skype
[2010.09.09 15:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\skypePM
[2009.04.21 19:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Sony Corporation
[2008.04.06 00:16:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Sun
[2010.09.06 15:59:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\SUPERAntiSpyware.com
[2008.04.20 12:38:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Talkback
[2009.03.18 10:56:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\TuneUp Software
[2010.01.10 15:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Voipwise

< %APPDATA%\*.exe /s >
[2009.04.21 18:36:49 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}\ARPPRODUCTICON.exe
[2009.04.26 12:33:32 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\ARPPRODUCTICON.exe
[2009.04.26 12:33:32 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\FlatOutDemo.exe1_4B682CF49B4142978B13968B28B864C6.exe
[2009.04.26 12:33:32 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\FlatOutDemo.exe_E7A4797FABFC4ECEA2D0CD1C7229179B.exe
[2009.04.26 12:33:32 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\Uninstall_FlatOut_De_E7A4797FABFC4ECEA2D0CD1C7229179B.exe
[2010.06.25 20:55:12 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\Jiří.ALZA\Data aplikací\Real\Update\setup3.10\setup.exe


< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.18 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.11.10 18:01:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.18 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: VIAMRAID.SYS >
[2005.11.23 10:12:12 | 000,107,344 | ---- | M] (VIA Technologies inc,.ltd) MD5=643DC63B827FB767968967B4DB813F1F -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\Floppy\i386\NT4\viamraid.sys
[2005.11.23 10:12:22 | 000,107,344 | ---- | M] (VIA Technologies inc,.ltd) MD5=643DC63B827FB767968967B4DB813F1F -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\VIARAID\driver\winnt40\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Drivers\VIA\drvdisk\i386\NT4\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Drivers\VIA\VIARAID\driver\winnt40\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Install\VIA_HyperionPro_V510A\drvdisk\i386\NT4\viamraid.sys
[2006.03.31 02:29:00 | 000,114,952 | ---- | M] (VIA Technologies inc,.ltd) MD5=7FA61BA47E0CDBCC0FA3581C98718747 -- C:\Install\VIA_HyperionPro_V510A\VIARAID\driver\winnt40\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Drivers\VIA\drvdisk\i386\NT5\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Drivers\VIA\VIARAID\driver\winxp\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Install\VIA_HyperionPro_V510A\drvdisk\i386\NT5\viamraid.sys
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\Install\VIA_HyperionPro_V510A\VIARAID\driver\winxp\viamraid.sys
[2006.03.31 03:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\WINDOWS\OemDir\viamraid.sys
[2005.11.23 10:12:12 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\Floppy\i386\NT5\viamraid.sys
[2005.11.23 10:12:24 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\Program Files\Setup Files\VIA Chipset Drivers v5.07A\VIARAID\driver\winxp\viamraid.sys
[2005.11.23 10:12:24 | 000,092,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=FBF18F9F5FB852C2976723587B44F346 -- C:\WINDOWS\system32\drivers\viamraid.sys

< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.10 06:52:30 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[4 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006.11.23 17:54:00 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.11.23 17:54:00 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.11.23 17:54:00 | 000,471,040 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.10 06:52:30 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.12.17 15:54:48 | 000,042,664 | ---- | M] () -- C:\WINDOWS\system32\drivers\fsbts.sys
[4 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2010.12.17 15:32:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< >

< >

< End of report >

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 22:08
od motji
Počkejte, tohle jste mi sem už dával :o , já jsem chtěla, ať uděláte ten test v HD tune

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 22:15
od dol
Dobrý večer,
opět díky za trpělivost, musel jsem od počítače odjet a nechal jsem dokončit dlouhotrvající skenování a poslat log Malwarebytes, jak jsem, doufám, měl. U problémového počítače budu opět asi až o Vánocích, takže oba disky prověřím.

Re: Prosím o kontrolu logu

Napsal: 17 pro 2010 22:27
od motji
Dobře, pak dejte vědět :)
Hezké vánoce :)

Re: Prosím o kontrolu logu

Napsal: 18 pro 2010 16:15
od dol
Děkuji, i já Vám přeji, abyste Vánoce měla hezké a s příjemným překvapením.
Všechny časy jsou v UTC+01:00
Stránka 2 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz