druhá půlka
========== Files/Folders - Created Within 30 Days ==========
[2010.11.14 22:31:04 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Mára\Desktop\OTL.exe
[2010.11.13 23:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.11.13 23:01:44 | 000,040,464 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\drivers\75932902.sys
[2010.11.13 23:01:43 | 000,352,784 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\drivers\7593290.sys
[2010.11.13 23:01:43 | 000,157,712 | ---- | C] (Kaspersky Lab) -- C:\windows\SysNative\drivers\75932901.sys
[2010.11.13 23:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virus Removal Tool
[2010.11.13 22:36:39 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010.11.13 19:53:35 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Roaming\Malwarebytes
[2010.11.13 19:53:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.13 19:53:18 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010.11.13 19:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.13 19:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.13 18:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.11.13 18:16:25 | 000,000,000 | ---D | C] -- C:\rsit
[2010.11.11 23:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.11.10 00:41:47 | 000,000,000 | ---D | C] -- C:\Users\Mára\Documents\Videa
[2010.11.10 00:40:46 | 000,000,000 | ---D | C] -- C:\Users\Mára\Documents\My Music
[2010.11.10 00:02:00 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Local\GHISLER
[2010.11.09 23:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Totalcommander
[2010.11.09 23:56:09 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Roaming\GHISLER
[2010.11.09 23:10:13 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2010.11.09 23:10:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2010.11.09 23:10:12 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2010.11.09 23:10:12 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2010.11.09 23:10:06 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2010.11.09 23:10:06 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2010.11.09 23:08:55 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2010.11.09 23:08:53 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2010.11.09 23:08:53 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2010.11.09 23:08:52 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2010.11.09 23:08:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2010.11.09 23:08:50 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2010.11.09 23:08:50 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2010.11.09 23:08:49 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2010.11.09 23:08:49 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2010.11.09 23:08:47 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2010.11.09 23:08:47 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2010.11.09 22:58:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\THQ
[2010.11.09 22:58:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-SHOC
[2010.11.04 21:30:05 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Local\ElevatedDiagnostics
[2010.11.04 11:53:17 | 000,032,256 | ---- | C] (TPMX Electronics Ltd.) -- C:\windows\SysNative\drivers\PELUSBLF.SYS
[2010.11.04 11:53:17 | 000,023,040 | ---- | C] (TPMX Electronics Ltd.) -- C:\windows\SysNative\drivers\PELMOUSE.SYS
[2010.11.04 11:53:17 | 000,022,016 | ---- | C] (Primax Electronics Ltd.) -- C:\windows\SysNative\drivers\PELMOUBT.SYS
[2010.11.04 11:53:17 | 000,016,384 | ---- | C] (Primax Electronics Ltd.) -- C:\windows\SysNative\drivers\PELBTM.SYS
[2010.11.04 11:53:17 | 000,014,336 | ---- | C] (Primax Electronics Ltd.) -- C:\windows\SysNative\drivers\PELPS2M.SYS
[2010.11.04 11:52:42 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\windows\difxapi.dll
[2010.11.04 11:40:38 | 000,000,000 | ---D | C] -- C:\temp
[2010.10.31 22:57:01 | 000,008,192 | ---- | C] () -- C:\Users\Mára\AppData\Roaming\records_db
[2010.10.31 17:09:43 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Roaming\skypePM
[2010.10.31 17:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.10.31 17:08:07 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.10.31 17:08:06 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Roaming\Skype
[2010.10.31 17:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.10.31 11:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.10.29 20:45:07 | 000,000,000 | -HSD | C] -- C:\windows\ftpcache
[2010.10.27 22:49:26 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Roaming\vlc
[2010.10.27 22:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VLC
[2010.10.27 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Films
[2010.10.27 20:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MDVP 1.0
[2010.10.26 21:39:10 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CPFilters.dll
[2010.10.26 21:39:10 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CPFilters.dll
[2010.10.26 21:39:10 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdri.dll
[2010.10.26 21:39:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2010.10.26 21:39:10 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mpg2splt.ax
[2010.10.26 21:39:10 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSNP.ax
[2010.10.26 21:39:10 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mpg2splt.ax
[2010.10.26 21:38:24 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2010.10.26 09:40:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.10.25 19:29:45 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Roaming\Vodafone
[2010.10.25 19:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.10.25 19:29:43 | 000,115,072 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\windows\SysNative\drivers\ewusbmdm.sys
[2010.10.25 19:29:37 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Local\Programs
[2010.10.25 19:29:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2010.10.25 19:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2010.10.25 19:29:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.10.25 19:28:27 | 000,000,000 | ---D | C] -- C:\Users\Mára\AppData\Local\{964CEE3F-13E8-4AC2-B7DF-F35C205D6334}
[2010.10.24 11:56:43 | 000,000,000 | ---D | C] -- C:\Users\Mára\bluej
[2010.10.24 11:53:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluej
[2010.10.24 11:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.10.24 11:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.10.24 11:49:01 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2010.10.24 11:49:01 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2010.10.24 11:49:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2010.10.24 11:49:01 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2010.10.24 11:48:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.10.24 11:35:47 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\deployJava1.dll
[2010.10.24 11:35:46 | 000,189,216 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaws.exe
[2010.10.24 11:35:46 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaw.exe
[2010.10.24 11:35:46 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\SysNative\java.exe
[2010.10.24 11:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.10.24 09:01:53 | 000,000,000 | ---D | C] -- C:\SdilenaNB
[2010.10.16 21:38:20 | 000,000,000 | ---D | C] -- C:\Users\Mára\Documents\My Games
[2010.10.15 22:55:23 | 000,000,000 | ---D | C] -- C:\Users\Mára\Documents\Work
[2010.08.30 11:06:37 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml
[2010.08.07 19:52:32 | 001,337,043 | -H-- | C] () -- C:\Users\Mára\AppData\Local\IconCache.db
[2010.08.07 15:08:37 | 000,112,048 | ---- | C] () -- C:\Users\Mára\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.07.14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009.07.14 05:54:24 | 000,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2008.12.30 18:13:14 | 000,137,196 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.08.20 14:45:46 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
========== Files - Modified Within 30 Days ==========
[2010.11.14 22:31:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Mára\Desktop\OTL.exe
[2010.11.14 21:13:10 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.14 21:13:10 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.14 21:08:15 | 001,578,316 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010.11.14 21:08:15 | 000,669,368 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2010.11.14 21:08:15 | 000,653,898 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010.11.14 21:08:15 | 000,136,332 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2010.11.14 21:08:15 | 000,121,090 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010.11.14 21:05:24 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010.11.14 13:03:03 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.14 01:03:42 | 000,001,805 | ---- | M] () -- C:\windows\SysNative\Config.MPF
[2010.11.13 23:02:46 | 000,002,547 | ---- | M] () -- C:\Users\Mára\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_14.11.2010_00-18.lnk
[2010.11.13 19:53:22 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.10 00:52:45 | 000,001,019 | ---- | M] () -- C:\Users\Mára\Desktop\pokus – zástupce.lnk
[2010.11.09 23:56:51 | 000,001,071 | ---- | M] () -- C:\Users\Mára\Desktop\Total Commander.lnk
[2010.11.09 23:07:21 | 000,002,311 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
[2010.11.08 23:40:42 | 000,184,401 | ---- | M] () -- C:\Users\Mára\Desktop\exploit1.jpg
[2010.11.08 22:16:01 | 000,182,219 | ---- | M] () -- C:\Users\Mára\Desktop\exploit.jpg
[2010.11.05 22:06:30 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010.11.05 22:06:30 | 000,001,690 | ---- | M] () -- C:\Users\Public\Desktop\Lenovo ReadyComm 5.lnk
[2010.10.31 22:57:09 | 000,008,192 | ---- | M] () -- C:\Users\Mára\AppData\Roaming\records_db
[2010.10.31 17:09:46 | 000,000,056 | -H-- | M] () -- C:\windows\SysWow64\ezsidmv.dat
[2010.10.31 17:08:11 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.10.27 22:49:20 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.27 20:56:06 | 000,000,984 | ---- | M] () -- C:\Users\Mára\Desktop\MDVDP.lnk
[2010.10.25 19:29:16 | 000,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2010.10.25 19:29:16 | 000,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2010.10.24 11:59:35 | 000,001,358 | ---- | M] () -- C:\Users\Mára\Desktop\Bluej.lnk
[2010.10.24 11:48:47 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\deployJava1.dll
[2010.10.24 11:48:47 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaws.exe
[2010.10.24 11:48:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\javaw.exe
[2010.10.24 11:48:47 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysWow64\java.exe
[2010.10.24 11:35:35 | 000,189,216 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaws.exe
[2010.10.24 11:35:35 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\javaw.exe
[2010.10.24 11:35:34 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\deployJava1.dll
[2010.10.24 11:35:34 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\windows\SysNative\java.exe
========== Files Created - No Company Name ==========
[2010.11.13 23:02:46 | 000,002,547 | ---- | C] () -- C:\Users\Mára\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_14.11.2010_00-18.lnk
[2010.11.13 19:53:22 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.09 23:56:10 | 000,001,071 | ---- | C] () -- C:\Users\Mára\Desktop\Total Commander.lnk
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\UC.PIF
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\RAR.PIF
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\PKZIP.PIF
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\PKUNZIP.PIF
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\NOCLOSE.PIF
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\LHA.PIF
[2010.11.09 23:56:09 | 000,000,545 | ---- | C] () -- C:\windows\ARJ.PIF
[2010.11.09 23:07:21 | 000,002,311 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
[2010.11.08 23:40:42 | 000,184,401 | ---- | C] () -- C:\Users\Mára\Desktop\exploit1.jpg
[2010.11.08 22:16:00 | 000,182,219 | ---- | C] () -- C:\Users\Mára\Desktop\exploit.jpg
[2010.11.07 15:34:03 | 000,001,019 | ---- | C] () -- C:\Users\Mára\Desktop\pokus – zástupce.lnk
[2010.10.31 17:09:46 | 000,000,056 | -H-- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2010.10.31 17:08:11 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.10.27 22:49:20 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.27 20:56:06 | 000,000,984 | ---- | C] () -- C:\Users\Mára\Desktop\MDVDP.lnk
[2010.10.25 19:29:16 | 000,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone SMS.lnk
[2010.10.25 19:29:16 | 000,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2010.10.24 11:59:35 | 000,001,358 | ---- | C] () -- C:\Users\Mára\Desktop\Bluej.lnk
[2010.04.15 00:24:58 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll
[2010.04.15 00:17:46 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2010.04.15 00:17:46 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2010.04.15 00:17:34 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2010.04.15 00:11:39 | 001,471,654 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010.04.14 23:53:43 | 000,015,190 | ---- | C] () -- C:\windows\M3000Twn.ini
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
========== LOP Check ==========
[2010.08.20 22:53:05 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\ArcSyncConfig
[2010.09.23 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Ashampoo
[2010.11.09 23:56:09 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\GHISLER
[2010.11.11 13:06:27 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\ICQ
[2010.10.25 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Vodafone
[2010.08.20 22:44:58 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2010.08.20 22:44:58 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2009.07.14 06:08:49 | 000,019,326 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\Windows\System32\StikyNot.exe -- File not found
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.08.29 23:21:35 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Adobe
[2010.08.20 22:53:05 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\ArcSyncConfig
[2010.09.23 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Ashampoo
[2010.08.20 22:55:08 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\CyberLink
[2010.11.09 23:56:09 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\GHISLER
[2010.11.11 13:06:27 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\ICQ
[2010.08.07 15:08:12 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Identities
[2010.08.07 15:08:54 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Intel Corporation
[2010.08.29 23:21:35 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Macromedia
[2010.11.13 19:53:35 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Malwarebytes
[2009.07.29 08:23:49 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Media Center Programs
[2010.10.26 09:36:37 | 000,000,000 | --SD | M] -- C:\Users\Mára\AppData\Roaming\Microsoft
[2010.11.02 13:32:33 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Skype
[2010.10.31 17:09:43 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\skypePM
[2010.10.27 22:53:51 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\vlc
[2010.10.25 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\Vodafone
[2010.09.14 14:27:57 | 000,000,000 | ---D | M] -- C:\Users\Mára\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2010.04.14 15:32:11 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2010.04.14 15:32:11 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2010.04.14 15:32:11 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2010.04.14 15:29:59 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2010.04.14 15:32:11 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2010.04.14 15:32:11 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.04.14 15:29:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.04.14 15:32:11 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.04.14 15:29:59 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.04.14 15:32:11 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2010.04.14 15:29:59 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTOR.SYS >
[2009.12.17 11:42:08 | 000,538,136 | ---- | M] (Intel Corporation) MD5=42E00996DFC13C46366689C0EA8ABC5E -- C:\windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_f26ae7769ab43067\iaStor.sys
< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.04.14 15:32:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.04.14 15:32:11 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.07.14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.07.14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
< MD5 for: [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (MICROSOFT CORPORATION) >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (MICROSOFT CORPORATION) >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: [2009.07.14 02:16:20 | 000,206,336 | ---- | M] (MICROSOFT CORPORATION) >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009.07.14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
[2010.09.08 05:28:01 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll
[2010.09.01 05:29:28 | 011,406,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.01 05:29:28 | 011,406,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.11.14 13:03:17 | 000,000,018 | ---- | M] () -- C:\Windows\SysWOW64\log.txt
< >
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Avast mi našel infekci v paměti
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Avast mi našel infekci v paměti
OTL Extras logfile created on: 14.11.2010 22:50:52 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Mára\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 379,83 Gb Free Space | 90,05% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 28,01 Gb Free Space | 96,59% Space Free | Partition Type: NTFS
Drive E: | 38,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MÁRA-PC | User Name: Mára | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{64A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java(TM) SE Development Kit 6 Update 22 (64-bit)
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-x64 7.0.4.16_WHQL
"MouseSuite98" = Lenovo Mouse Suite
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" " =
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Lenovo EasyCamera
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B3776EC-5F0A-4996-A7DF-BB5DA95B240E}" = Vodafone Mobile Connect Lite
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"avast5" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee SecurityCenter
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Totalcmd" = Total Commander (Remove or Repair)
"VeriFace" = VeriFace
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7.11.2010 19:01:13 | Computer Name = Mára-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll se nezdařilo. Chyba v souboru manifestu
nebo zásady c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll
na řádku 2. Neplatná syntaxe XML.
Error - 8.11.2010 15:03:58 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 8.11.2010 15:04:02 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 9.11.2010 5:13:49 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 9.11.2010 5:13:51 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 9.11.2010 17:39:56 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 9.11.2010 17:40:00 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 9.11.2010 19:46:12 | Computer Name = Mára-PC | Source = Application Hang | ID = 1002
Description = Program notepad.exe verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 174 Čas spuštění: 01cb80682c36420a Čas ukončení: 0 Cesta k aplikaci: C:\windows\SysWOW64\notepad.exe
ID
hlášení: 83d8cee8-ec5b-11df-b55e-506313b3dc9f
Error - 10.11.2010 5:02:23 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 10.11.2010 5:02:27 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
[ Media Center Events ]
Error - 7.11.2010 11:38:11 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 16:38:11 - Chyba při připojování k Internetu 16:38:11 - Nelze kontaktovat
server..
Error - 7.11.2010 12:43:30 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 17:43:29 - Chyba při připojování k Internetu 17:43:29 - Nelze kontaktovat
server..
Error - 7.11.2010 17:53:27 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:53:16 - Chyba při připojování k Internetu 22:53:27 - Nelze kontaktovat
server..
Error - 7.11.2010 17:53:43 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:53:33 - Chyba při připojování k Internetu 22:53:33 - Nelze kontaktovat
server..
Error - 9.11.2010 17:43:12 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:43:12 - Chyba při připojování k Internetu 22:43:12 - Nelze kontaktovat
server..
Error - 9.11.2010 17:43:22 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:43:17 - Chyba při připojování k Internetu 22:43:17 - Nelze kontaktovat
server..
Error - 9.11.2010 18:46:20 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 23:46:20 - Chyba při připojování k Internetu 23:46:20 - Nelze kontaktovat
server..
Error - 9.11.2010 18:46:29 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 23:46:26 - Chyba při připojování k Internetu 23:46:26 - Nelze kontaktovat
server..
Error - 9.11.2010 19:46:34 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 0:46:34 - Chyba při připojování k Internetu 0:46:34 - Nelze kontaktovat
server..
Error - 9.11.2010 19:46:40 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 0:46:39 - Chyba při připojování k Internetu 0:46:39 - Nelze kontaktovat
server..
[ System Events ]
Error - 5.11.2010 17:47:13 | Computer Name = Mára-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.
Error - 5.11.2010 17:47:14 | Computer Name = Mára-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.
Error - 5.11.2010 17:47:15 | Computer Name = Mára-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.
Error - 6.11.2010 7:33:53 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 6.11.2010 12:46:51 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 7.11.2010 10:31:32 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 7.11.2010 13:15:13 | Computer Name = Mára-PC | Source = DCOM | ID = 10010
Description =
Error - 8.11.2010 15:06:04 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 9.11.2010 5:15:57 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 9.11.2010 17:41:59 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
< End of report >
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Mára\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 379,83 Gb Free Space | 90,05% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 28,01 Gb Free Space | 96,59% Space Free | Partition Type: NTFS
Drive E: | 38,22 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: MÁRA-PC | User Name: Mára | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{64A3A4F4-B792-11D6-A78A-00B0D0160220}" = Java(TM) SE Development Kit 6 Update 22 (64-bit)
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Elantech" = ETDWare PS/2-x64 7.0.4.16_WHQL
"MouseSuite98" = Lenovo Mouse Suite
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" " =
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{432282b5-d708-431a-9ada-abbbbac3f205}" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BB1DCED-84D3-47F9-B718-5947E904593E}" = Lenovo EasyCamera
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B3776EC-5F0A-4996-A7DF-BB5DA95B240E}" = Vodafone Mobile Connect Lite
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90A40405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Součásti připojení sady Microsoft Office Small Business
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"avast5" = avast! Free Antivirus
"Business Contact Manager" = Business Contact Manager pro aplikaci Outlook 2007 SP1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Guitar Pro 5_is1" = Guitar Pro 5.2
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MSC" = McAfee SecurityCenter
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl
"Totalcmd" = Total Commander (Remove or Repair)
"VeriFace" = VeriFace
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7.11.2010 19:01:13 | Computer Name = Mára-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\program files (x86)\microsoft\search
enhancement pack\search helper\searchhelper.dll se nezdařilo. Chyba v souboru manifestu
nebo zásady c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll
na řádku 2. Neplatná syntaxe XML.
Error - 8.11.2010 15:03:58 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 8.11.2010 15:04:02 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 9.11.2010 5:13:49 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 9.11.2010 5:13:51 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 9.11.2010 17:39:56 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 9.11.2010 17:40:00 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
Error - 9.11.2010 19:46:12 | Computer Name = Mára-PC | Source = Application Hang | ID = 1002
Description = Program notepad.exe verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 174 Čas spuštění: 01cb80682c36420a Čas ukončení: 0 Cesta k aplikaci: C:\windows\SysWOW64\notepad.exe
ID
hlášení: 83d8cee8-ec5b-11df-b55e-506313b3dc9f
Error - 10.11.2010 5:02:23 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 10.11.2010 5:02:27 | Computer Name = Mára-PC | Source = VMCService | ID = 0
Description = GetLoggedOnUser
[ Media Center Events ]
Error - 7.11.2010 11:38:11 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 16:38:11 - Chyba při připojování k Internetu 16:38:11 - Nelze kontaktovat
server..
Error - 7.11.2010 12:43:30 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 17:43:29 - Chyba při připojování k Internetu 17:43:29 - Nelze kontaktovat
server..
Error - 7.11.2010 17:53:27 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:53:16 - Chyba při připojování k Internetu 22:53:27 - Nelze kontaktovat
server..
Error - 7.11.2010 17:53:43 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:53:33 - Chyba při připojování k Internetu 22:53:33 - Nelze kontaktovat
server..
Error - 9.11.2010 17:43:12 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:43:12 - Chyba při připojování k Internetu 22:43:12 - Nelze kontaktovat
server..
Error - 9.11.2010 17:43:22 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 22:43:17 - Chyba při připojování k Internetu 22:43:17 - Nelze kontaktovat
server..
Error - 9.11.2010 18:46:20 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 23:46:20 - Chyba při připojování k Internetu 23:46:20 - Nelze kontaktovat
server..
Error - 9.11.2010 18:46:29 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 23:46:26 - Chyba při připojování k Internetu 23:46:26 - Nelze kontaktovat
server..
Error - 9.11.2010 19:46:34 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 0:46:34 - Chyba při připojování k Internetu 0:46:34 - Nelze kontaktovat
server..
Error - 9.11.2010 19:46:40 | Computer Name = Mára-PC | Source = MCUpdate | ID = 0
Description = 0:46:39 - Chyba při připojování k Internetu 0:46:39 - Nelze kontaktovat
server..
[ System Events ]
Error - 5.11.2010 17:47:13 | Computer Name = Mára-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.
Error - 5.11.2010 17:47:14 | Computer Name = Mára-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.
Error - 5.11.2010 17:47:15 | Computer Name = Mára-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR4.
Error - 6.11.2010 7:33:53 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 6.11.2010 12:46:51 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 7.11.2010 10:31:32 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 7.11.2010 13:15:13 | Computer Name = Mára-PC | Source = DCOM | ID = 10010
Description =
Error - 8.11.2010 15:06:04 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 9.11.2010 5:15:57 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 9.11.2010 17:41:59 | Computer Name = Mára-PC | Source = Service Control Manager | ID = 7000
Description = Služba ReadyComm.DirectRouter neuspěla při spuštění v důsledku následující
chyby: %%2
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119427
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Avast mi našel infekci v paměti
Konečně vím, odkud problém pochází. Soubor mcshield.exe pochází od McAffe, neboli aniviry se navzájem nesnáší. Takže Avast ho vyhodnotil jako vir. Logy vypadají čisté.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Avast mi našel infekci v paměti
Děkuju za pomoc. Nakonec jsem odinstaloval Avast a nechal McAfee a už to vypadá čistě 
díky moc
díky moc-
Rudy
- Site Admin
- Příspěvky: 119427
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Avast mi našel infekci v paměti
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?