Kód: Vybrat vše
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv" /RESET /Q
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\BITS" /RESET /Q
pause
. Zkuste to s tímto.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zpomalení PC po použití CCleaner
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
. Zkuste to s tímto.Koupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
1.bat proběhne, 2- do registrů nejde zapsat" C:\*.reg. nelze importovat. Do registru se nepodařilo úspěsně zapsat všechna data. Některé klíče jsou otevřeny systémem nebo jinými procesy"
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
Spusťte znovu OTL, do okna dole vložte následující skript a klikněte na tlačítko Opravit!Kód: Vybrat vše
:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
:Commands
[EmptyTemp]Koupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
All processes killed
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ErrorControl"|dword:00000001 /E!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Petr
->Temp folder emptied: 918219 bytes
->Temporary Internet Files folder emptied: 587437 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 15244612 bytes
->Flash cache emptied: 348 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 16,00 mb
OTL by OldTimer - Version 3.2.24.0 log created on 06162011_223115
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
========== REGISTRY ==========
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ErrorControl"|dword:00000001 /E!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Petr
->Temp folder emptied: 918219 bytes
->Temporary Internet Files folder emptied: 587437 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 15244612 bytes
->Flash cache emptied: 348 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 16,00 mb
OTL by OldTimer - Version 3.2.24.0 log created on 06162011_223115
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!
Registry entries deleted on Reboot...
Re: zpomalení PC po použití CCleaner
ještě posílám logy zswreg
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv" /RESET /Q
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\BITS" /RESET /Q
pause
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv" /RESET /Q
c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\BITS" /RESET /Q
pause
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
Stáhněte SystemLook, do okna vložte následující skript a stiskněte tlačítko Look!Kód: Vybrat vše
:dir
C:\
:reg
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS
HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauservKoupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
SystemLook 04.09.10 by jpshortstuff
Log created at 22:48 on 16/06/2011 by Petr
Administrator - Elevation successful
========== dir ==========
C: - Parameters: "(none)"
---Files---
AUTOEXEC.BAT --a---- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
avenger.txt --a---- 1428 bytes [01:16 10/06/2009] [01:16 10/06/2009]
boot.ini ---hs-- 211 bytes [21:17 03/03/2007] [19:09 22/05/2008]
Bootfont.bin -rahs-- 4952 bytes [12:00 25/10/2001] [12:00 25/10/2001]
CONFIG.SYS --a---- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
EasyShareInstall.log --a---- 235694 bytes [19:10 11/05/2007] [19:20 11/05/2007]
hiberfil.sys --ahs-- 1073274880 bytes [10:19 17/11/2008] [20:32 16/06/2011]
IO.SYS -rahs-- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
logfile --a---- 49469 bytes [19:48 11/05/2007] [16:46 04/05/2008]
MSDOS.SYS -rahs-- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
NTDETECT.COM -rahs-- 47564 bytes [21:38 03/08/2004] [21:38 03/08/2004]
ntldr -rahs-- 250048 bytes [21:59 03/08/2004] [21:59 03/08/2004]
oprava reg.reg --a---- 944 bytes [16:44 16/06/2011] [16:44 16/06/2011]
oprava.bat --a---- 179 bytes [16:43 16/06/2011] [16:43 16/06/2011]
oprava_4.reg --a---- 944 bytes [19:59 16/06/2011] [19:58 16/06/2011]
oprava_5.bat --a---- 175 bytes [20:20 16/06/2011] [20:20 16/06/2011]
oprava_6.reg --a---- 944 bytes [20:22 16/06/2011] [20:22 16/06/2011]
pagefile.sys --ahs-- 402653184 bytes [21:11 03/03/2007] [20:32 16/06/2011]
PCcheck.LOG --a---- 3367 bytes [20:19 24/04/2007] [20:19 24/04/2007]
swreg.exe --a---- 286720 bytes [16:41 16/06/2011] [20:18 16/06/2011]
---Folders---
Avenger d------ [01:04 10/06/2009]
Documents and Settings d------ [21:18 03/03/2007]
Games d------ [22:28 03/03/2007]
Phenomedia AG d------ [14:07 24/08/2008]
Program Files d------ [21:19 03/03/2007]
RECYCLER d--hs-- [21:38 03/03/2007]
rsit d------ [20:01 09/06/2009]
System Volume Information d--hs-- [21:18 03/03/2007]
totalcmd d------ [21:26 03/03/2007]
WINDOWS d------ [21:11 03/03/2007]
========== reg ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"Type"= 0x0000000020 (32)
"Start"= 0x0000000003 (3)
"ErrorControl"= 0x0000000001 (1)
"ImagePath"="%fystemRoot%\system32\svchost.exe -k netsvcs"
"DisplayName"="Služba inteligentního přenosu na pozadí"
"DependOnService"="RpcSs"
"DependOnGroup"=" "
"ObjectName"="LocalSystem"
"Description"="Přenáší na pozadí data mezi klienty a servery. Pokud je služba BITS zakázána, některé funkce systému (např. Windows Update) nebudou fungovat."
"FailureActions"=00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 e3 0c 00 01 00 00 00 60 ea 00 00 01 00 00 00 60 ea 00 00 01 00 00 00 60 ea 00 00 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Enum]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Services\wuauserv]
(Unable to open key - key not found)
-= EOF =-
Log created at 22:48 on 16/06/2011 by Petr
Administrator - Elevation successful
========== dir ==========
C: - Parameters: "(none)"
---Files---
AUTOEXEC.BAT --a---- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
avenger.txt --a---- 1428 bytes [01:16 10/06/2009] [01:16 10/06/2009]
boot.ini ---hs-- 211 bytes [21:17 03/03/2007] [19:09 22/05/2008]
Bootfont.bin -rahs-- 4952 bytes [12:00 25/10/2001] [12:00 25/10/2001]
CONFIG.SYS --a---- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
EasyShareInstall.log --a---- 235694 bytes [19:10 11/05/2007] [19:20 11/05/2007]
hiberfil.sys --ahs-- 1073274880 bytes [10:19 17/11/2008] [20:32 16/06/2011]
IO.SYS -rahs-- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
logfile --a---- 49469 bytes [19:48 11/05/2007] [16:46 04/05/2008]
MSDOS.SYS -rahs-- 0 bytes [20:34 03/03/2007] [20:34 03/03/2007]
NTDETECT.COM -rahs-- 47564 bytes [21:38 03/08/2004] [21:38 03/08/2004]
ntldr -rahs-- 250048 bytes [21:59 03/08/2004] [21:59 03/08/2004]
oprava reg.reg --a---- 944 bytes [16:44 16/06/2011] [16:44 16/06/2011]
oprava.bat --a---- 179 bytes [16:43 16/06/2011] [16:43 16/06/2011]
oprava_4.reg --a---- 944 bytes [19:59 16/06/2011] [19:58 16/06/2011]
oprava_5.bat --a---- 175 bytes [20:20 16/06/2011] [20:20 16/06/2011]
oprava_6.reg --a---- 944 bytes [20:22 16/06/2011] [20:22 16/06/2011]
pagefile.sys --ahs-- 402653184 bytes [21:11 03/03/2007] [20:32 16/06/2011]
PCcheck.LOG --a---- 3367 bytes [20:19 24/04/2007] [20:19 24/04/2007]
swreg.exe --a---- 286720 bytes [16:41 16/06/2011] [20:18 16/06/2011]
---Folders---
Avenger d------ [01:04 10/06/2009]
Documents and Settings d------ [21:18 03/03/2007]
Games d------ [22:28 03/03/2007]
Phenomedia AG d------ [14:07 24/08/2008]
Program Files d------ [21:19 03/03/2007]
RECYCLER d--hs-- [21:38 03/03/2007]
rsit d------ [20:01 09/06/2009]
System Volume Information d--hs-- [21:18 03/03/2007]
totalcmd d------ [21:26 03/03/2007]
WINDOWS d------ [21:11 03/03/2007]
========== reg ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"Type"= 0x0000000020 (32)
"Start"= 0x0000000003 (3)
"ErrorControl"= 0x0000000001 (1)
"ImagePath"="%fystemRoot%\system32\svchost.exe -k netsvcs"
"DisplayName"="Služba inteligentního přenosu na pozadí"
"DependOnService"="RpcSs"
"DependOnGroup"=" "
"ObjectName"="LocalSystem"
"Description"="Přenáší na pozadí data mezi klienty a servery. Pokud je služba BITS zakázána, některé funkce systému (např. Windows Update) nebudou fungovat."
"FailureActions"=00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 68 e3 0c 00 01 00 00 00 60 ea 00 00 01 00 00 00 60 ea 00 00 01 00 00 00 60 ea 00 00 (REG_BINARY)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Enum]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Services\wuauserv]
(Unable to open key - key not found)
-= EOF =-
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
Na stránce http://tinyurl.com/653f7oz vložte do okna následující skript, do pole pojmenování dejte opr a stiskněte tlačítko OK. Stažený soubor uložte přímo na disk C!
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001Kód: Vybrat vše
Registry keys to delete:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS
Programs to launch on reboot:
C:\opr.regKoupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
ten soubor opr.reg, nemám spouštět?
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
Ne, ten spustí Avenger sám.
Koupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
nevím zda proběhlo vše korektně, po restartu wokna hlásí že nevidí na C opr.reg. Teď tam fak není ale před spuštěním jsem to prohlížel a byl tam. Proběhl jsem to dvakrát protože poprvé jsem si nebyl s tím C jistý, c ale po druhé tam byl stopro.!??
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Program "C:\opr.reg" successfully queued to run on reboot.
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS" not found!
Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Program "C:\opr.reg" successfully queued to run on reboot.
Completed script processing.
*******************
Finished! Terminate.
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
Zkuste ho stáhnout a spustit ručně podle příspěvku výše.
Koupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
nejde zapsat, jestli je cesta přes regedit, to bych zvládnul,
tu je log
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
tu je log
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\
33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\
78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\
73,00,00,00
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: zpomalení PC po použití CCleaner
Dejte prosím nový log z OTL (http://www.viry.cz/forum/viewtopic.php?p=995905#p995905).
Koupím trochu času, cenu respektuji.
Re: zpomalení PC po použití CCleaner
OTL logfile created on: 16.6.2011 23:48:36 - Run 2
OTL by OldTimer - Version 3.2.24.0 Folder = D:\_Downloaded files\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,49 Mb Total Physical Memory | 531,12 Mb Available Physical Memory | 51,89% Memory free
1,28 Gb Paging File | 0,95 Gb Available in Paging File | 73,95% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 2,99 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 46,12 Gb Total Space | 39,44 Gb Free Space | 85,51% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 197,50 Gb Free Space | 42,40% Space Free | Partition Type: NTFS
Computer Name: PETR-87F50839C2 | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
PRC - [2011.06.03 21:29:29 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [2003.12.03 07:01:00 | 000,753,700 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2001.10.27 07:32:54 | 000,270,336 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe
========== Modules (SafeList) ==========
MOD - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)
========== Driver Services (SafeList) ==========
DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.04 00:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.10.27 07:47:14 | 000,349,184 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001.10.27 05:50:02 | 000,032,752 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2001.10.27 05:49:46 | 000,020,960 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinttxx.sys -- (TTDec)
DRV - [2001.10.27 05:49:30 | 000,011,280 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2001.10.27 05:49:22 | 000,032,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2001.10.27 05:47:30 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2001.10.27 05:46:22 | 000,035,952 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2001.10.01 15:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2011.06.16 18:08:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Executive Software\Diskeeper\DkIcon.exe (Executive Software International, Inc.)
O4 - HKLM..\Run: [HydarVisionDesktopManager] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-606747145-1202660629-854245398-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.215
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.03 22:34:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DRAW - DVIDEO.DLL File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VCR1 - ATIVCR1.DLL File not found
Drivers32: VIDC.VCR2 - ATIVCR2.DLL File not found
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\atiyuv12.dll ()
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 7 Days ==========
[2011.06.16 18:41:26 | 000,286,720 | ---- | C] (SteelWerX) -- C:\swreg.exe
[2011.06.15 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.06.15 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.06.15 19:26:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.15 19:26:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:52 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.06.15 19:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.06.11 06:45:50 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
========== Files - Modified Within 7 Days ==========
[2011.06.16 23:40:19 | 000,004,599 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.06.16 23:38:45 | 000,000,944 | ---- | M] () -- C:\opr.reg
[2011.06.16 23:24:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.16 23:24:25 | 1073,274,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.16 22:20:07 | 000,000,175 | ---- | M] () -- C:\oprava_5.bat
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
[2011.06.16 19:49:46 | 000,000,031 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.06.16 18:43:03 | 000,000,179 | ---- | M] () -- C:\oprava.bat
[2011.06.16 18:38:57 | 000,002,701 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.06.16 18:08:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.06.16 15:16:57 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.14 14:52:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.14 14:41:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.12 20:37:22 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmcsyxx.GID
[2011.06.11 06:45:50 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
========== Files Created - No Company Name ==========
[2011.06.16 23:38:45 | 000,000,944 | ---- | C] () -- C:\opr.reg
[2011.06.16 22:20:07 | 000,000,175 | ---- | C] () -- C:\oprava_5.bat
[2011.06.16 18:43:03 | 000,000,179 | ---- | C] () -- C:\oprava.bat
[2010.12.19 20:26:04 | 000,000,342 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2010.12.19 20:26:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\STXKBD.INI
[2009.03.11 21:22:21 | 000,000,178 | ---- | C] () -- C:\WINDOWS\arbasew.ini
[2009.01.05 21:57:18 | 000,004,251 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.23 20:08:05 | 000,003,487 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2008.05.04 17:57:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.04.02 21:12:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2008.04.02 21:07:30 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2008.02.21 20:26:44 | 000,002,383 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2007.06.25 18:42:20 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.31 20:26:47 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.25 21:52:37 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.05.08 14:27:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.04.24 22:28:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.04.24 22:19:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2007.04.24 22:19:10 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2007.04.24 22:19:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.04.24 22:19:00 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2007.04.24 22:18:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll
[2007.04.24 22:18:17 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\HydraEsp.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll
[2007.04.24 22:18:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll
[2007.04.24 22:18:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll
[2007.04.24 22:18:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll
[2007.04.24 22:08:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.20 20:09:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Petr.ini
[2007.03.07 23:17:57 | 000,001,160 | ---- | C] () -- C:\WINDOWS\visualdirsize.ini
[2007.03.07 22:59:51 | 000,000,133 | ---- | C] () -- C:\WINDOWS\lsplugin.ini
[2007.03.04 18:15:36 | 000,002,701 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2007.03.03 23:53:45 | 000,000,031 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007.03.03 23:35:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.03 23:26:23 | 000,004,599 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.03 23:23:26 | 000,035,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2007.03.03 23:23:24 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2007.03.03 23:23:21 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2007.03.03 23:23:18 | 000,032,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2007.03.03 23:23:17 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2007.03.03 23:23:16 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2007.03.03 23:19:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.03 23:18:19 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.03 22:38:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.03 22:29:07 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.17 16:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.27 05:49:38 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2001.10.27 05:48:52 | 000,060,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.15 22:47:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2010.04.17 22:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.10.28 18:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.10.28 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk(2)
[2009.06.10 19:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2009.06.10 19:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2009.09.28 16:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 16:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
< %ALLUSERSPROFILE%\Application Data\*. >
[2008.12.16 22:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.10.17 19:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2007.05.25 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2007.04.24 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\CyberLink
[2011.06.08 20:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.10.01 20:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2007.05.16 18:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Help
[2007.03.03 22:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2007.03.05 19:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.06.03 21:29:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2007.03.03 23:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft Web Folders
[2009.09.06 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2011.06.16 17:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.06.16 16:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2011.06.15 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2008.06.13 21:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2009.09.01 21:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2007.03.03 23:17:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.03.03 23:17:48 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.03.03 23:17:48 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\deployJava1.dll
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javacpl.cpl
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javaw.exe
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javaws.exe
[2011.06.15 23:21:44 | 000,934,374 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.06.14 14:41:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %fystemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< End of report >
OTL by OldTimer - Version 3.2.24.0 Folder = D:\_Downloaded files\OTL
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,49 Mb Total Physical Memory | 531,12 Mb Available Physical Memory | 51,89% Memory free
1,28 Gb Paging File | 0,95 Gb Available in Paging File | 73,95% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 2,99 Gb Free Space | 30,66% Space Free | Partition Type: NTFS
Drive D: | 46,12 Gb Total Space | 39,44 Gb Free Space | 85,51% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 197,50 Gb Free Space | 42,40% Space Free | Partition Type: NTFS
Computer Name: PETR-87F50839C2 | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
PRC - [2011.06.03 21:29:29 | 000,941,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) -- C:\Program Files\Executive Software\Diskeeper\DkService.exe
PRC - [2003.12.03 07:01:00 | 000,753,700 | ---- | M] (C. Ghisler & Co.) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2001.10.27 07:32:54 | 000,270,336 | ---- | M] (ATI Technologies, Inc.) -- C:\WINDOWS\system32\atiptaxx.exe
========== Modules (SafeList) ==========
MOD - [2011.06.15 23:28:43 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\_Downloaded files\OTL\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2006.08.25 17:51:20 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2004.12.22 00:28:58 | 000,602,220 | ---- | M] (Executive Software International, Inc.) [Auto | Running] -- C:\Program Files\Executive Software\Diskeeper\DkService.exe -- (Diskeeper)
========== Driver Services (SafeList) ==========
DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 14:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2004.08.04 01:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004.08.04 00:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2001.10.27 07:47:14 | 000,349,184 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2001.10.27 05:50:02 | 000,032,752 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio)
DRV - [2001.10.27 05:49:46 | 000,020,960 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinttxx.sys -- (TTDec)
DRV - [2001.10.27 05:49:30 | 000,011,280 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2001.10.27 05:49:22 | 000,032,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx)
DRV - [2001.10.27 05:47:30 | 000,065,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2001.10.27 05:46:22 | 000,035,952 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP)
DRV - [2001.10.01 15:29:22 | 000,006,144 | ---- | M] (Ravisent Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 23:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001.08.17 23:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001.08.17 23:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001.08.17 23:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001.08.17 23:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001.08.17 23:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001.08.17 23:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001.08.17 23:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001.08.17 23:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001.08.17 23:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001.08.17 22:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-606747145-1202660629-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2011.06.16 18:08:14 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Executive Software\Diskeeper\DkIcon.exe (Executive Software International, Inc.)
O4 - HKLM..\Run: [HydarVisionDesktopManager] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-21-606747145-1202660629-854245398-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1202660629-854245398-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL (ATI Technologies Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.215
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.03 22:34:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DRAW - DVIDEO.DLL File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VCR1 - ATIVCR1.DLL File not found
Drivers32: VIDC.VCR2 - ATIVCR2.DLL File not found
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\atiyuv12.dll ()
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54619756233228288)
========== Files/Folders - Created Within 7 Days ==========
[2011.06.16 18:41:26 | 000,286,720 | ---- | C] (SteelWerX) -- C:\swreg.exe
[2011.06.15 19:27:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2011.06.15 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.06.15 19:26:52 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.15 19:26:52 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:52 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:52 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.06.15 19:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.06.11 06:45:50 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
========== Files - Modified Within 7 Days ==========
[2011.06.16 23:40:19 | 000,004,599 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.06.16 23:38:45 | 000,000,944 | ---- | M] () -- C:\opr.reg
[2011.06.16 23:24:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.06.16 23:24:25 | 1073,274,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.16 22:20:07 | 000,000,175 | ---- | M] () -- C:\oprava_5.bat
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
[2011.06.16 19:49:46 | 000,000,031 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011.06.16 18:43:03 | 000,000,179 | ---- | M] () -- C:\oprava.bat
[2011.06.16 18:38:57 | 000,002,701 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2011.06.16 18:08:14 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.06.16 15:16:57 | 000,002,275 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011.06.14 14:52:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.14 14:41:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.06.12 20:37:22 | 000,023,148 | -H-- | M] () -- C:\WINDOWS\System32\Atmcsyxx.GID
[2011.06.11 06:45:50 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
========== Files Created - No Company Name ==========
[2011.06.16 23:38:45 | 000,000,944 | ---- | C] () -- C:\opr.reg
[2011.06.16 22:20:07 | 000,000,175 | ---- | C] () -- C:\oprava_5.bat
[2011.06.16 18:43:03 | 000,000,179 | ---- | C] () -- C:\oprava.bat
[2010.12.19 20:26:04 | 000,000,342 | ---- | C] () -- C:\WINDOWS\WTRDICT.INI
[2010.12.19 20:26:04 | 000,000,044 | ---- | C] () -- C:\WINDOWS\STXKBD.INI
[2009.03.11 21:22:21 | 000,000,178 | ---- | C] () -- C:\WINDOWS\arbasew.ini
[2009.01.05 21:57:18 | 000,004,251 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.11.23 20:08:05 | 000,003,487 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2008.05.04 17:57:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.04.02 21:12:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WEBTRANS.INI
[2008.04.02 21:07:30 | 000,000,134 | ---- | C] () -- C:\WINDOWS\WEBWTR.INI
[2008.02.21 20:26:44 | 000,002,383 | ---- | C] () -- C:\WINDOWS\WINTRAN.INI
[2007.06.25 18:42:20 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.31 20:26:47 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.25 21:52:37 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2007.05.08 14:27:37 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007.04.24 22:28:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ATIMMC.INI
[2007.04.24 22:19:15 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2007.04.24 22:19:10 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\atiyuv12.dll
[2007.04.24 22:19:10 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.04.24 22:19:00 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2007.04.24 22:18:17 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HydraFra.dll
[2007.04.24 22:18:17 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\HydraEsp.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraPtb.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraNln.dll
[2007.04.24 22:18:17 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\HydraIta.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraSvs.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraNon.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraFif.dll
[2007.04.24 22:18:17 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HydraDad.dll
[2007.04.24 22:18:17 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HydraJan.dll
[2007.04.24 22:18:17 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\HydraKor.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZht.dll
[2007.04.24 22:18:17 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\HydraZhs.dll
[2007.04.24 22:18:17 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ViewHook.dll
[2007.04.24 22:08:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.03.20 20:09:42 | 000,000,023 | ---- | C] () -- C:\WINDOWS\kodakpcd.Petr.ini
[2007.03.07 23:17:57 | 000,001,160 | ---- | C] () -- C:\WINDOWS\visualdirsize.ini
[2007.03.07 22:59:51 | 000,000,133 | ---- | C] () -- C:\WINDOWS\lsplugin.ini
[2007.03.04 18:15:36 | 000,002,701 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2007.03.03 23:53:45 | 000,000,031 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007.03.03 23:35:33 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.03 23:26:23 | 000,004,599 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.03.03 23:23:26 | 000,035,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2007.03.03 23:23:24 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2007.03.03 23:23:21 | 000,032,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2007.03.03 23:23:18 | 000,032,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2007.03.03 23:23:17 | 000,011,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2007.03.03 23:23:16 | 000,020,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2007.03.03 23:19:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.03.03 23:18:19 | 000,195,368 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007.03.03 22:38:42 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.03.03 22:29:07 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.17 16:58:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001.10.27 05:49:38 | 000,011,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2001.10.27 05:48:52 | 000,060,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2001.10.25 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 14:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 14:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.10.15 22:47:00 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2010.04.17 22:44:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.10.28 18:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2008.10.28 18:56:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk(2)
[2009.06.10 19:49:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2009.06.10 19:47:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2009.09.28 16:37:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 16:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"SpybotSD TeaTimer" = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
[2011.06.16 22:18:55 | 000,286,720 | ---- | M] (SteelWerX) -- C:\swreg.exe
< %ALLUSERSPROFILE%\Application Data\*. >
[2008.12.16 22:53:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.10.17 19:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2007.05.25 21:54:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2007.03.05 21:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Autodesk
[2007.04.24 22:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\CyberLink
[2011.06.08 20:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2009.12.02 22:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fElementary
[2009.10.28 19:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\f2fStarter
[2009.09.06 18:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Foxit
[2007.11.02 18:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GameHouse
[2007.10.01 20:19:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2007.05.16 18:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Help
[2007.03.03 22:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2007.03.05 19:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.06.03 21:29:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2007.03.03 23:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft Web Folders
[2009.09.06 18:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2007.03.03 22:59:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2011.06.16 17:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.06.16 16:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2011.06.15 19:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2008.06.13 21:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2009.09.01 21:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2007.05.11 20:24:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 16:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 23:59:08 | 000,081,280 | ---- | M] (Microsoft Corporation) MD5=4AF58CA3425F28FC5E3DB47DC122F722 -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2007.03.03 23:17:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2007.03.03 23:17:48 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2007.03.03 23:17:48 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2011.06.15 19:26:31 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\deployJava1.dll
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\java.exe
[2011.06.15 19:26:32 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javacpl.cpl
[2011.06.15 19:26:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javaw.exe
[2011.06.15 19:26:32 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\system32\javaws.exe
[2011.06.15 23:21:44 | 000,934,374 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2011.06.14 14:41:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %fystemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< End of report >
Přispějete na provoz fóra?