Re: UFA.EXE
Napsal: 19 črc 2011 21:07
Pokračujte podle návodu http://www.viry.cz/forum/viewtopic.php?f=29&t=62878, oba logy mi sem vložte. 
Stránka 2 z 2
Re: UFA.EXE
Napsal: 19 črc 2011 21:17
potřeboval bych doporučit nějaký FREE antivirus..
Re: UFA.EXE
Napsal: 19 črc 2011 21:33
Antivirus zatím neinstalujte. Až dokončíme léčení, tak vám poradím celkově o zabezpečení PC.
Re: UFA.EXE
Napsal: 19 črc 2011 21:41
Po prvním scanu mi nenaběhne nic a při druhém se mi restartoval pc a napsalo to chybu.
Re: UFA.EXE
Napsal: 19 črc 2011 21:42
Tak zkuste druhý scan opakovat v nouzovém režimu.
Re: UFA.EXE
Napsal: 20 črc 2011 15:14
Ahoj, muzu poprosit o pomoc ? mam stejnej problem..logy z OTL:
OTL.txt
OTL logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
PRC - [2011.07.20 13:32:37 | 000,177,664 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
PRC - [2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
PRC - [2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
PRC - [2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010.09.22 09:51:21 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.10.15 19:08:04 | 005,822,464 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009.10.02 16:17:22 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2009.09.17 21:11:40 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009.09.17 21:11:38 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006.10.11 13:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ==========
MOD - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2010.12.10 00:01:33 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.05.24 20:30:43 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.04.05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.03.16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.03.01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.02.22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.02.10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.01.07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.08.25 21:08:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2009.12.19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.08.17 23:32:44 | 001,311,616 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2005.11.03 16:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005.08.10 14:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.05.16 15:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.23 18:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F1 53 DC 97 DF AB CA 01 [binary data]
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63455
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.22 09:51:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 08:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.19 21:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.09.22 09:51:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.09.22 09:51:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2010.02.16 12:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions
[2011.04.18 22:02:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.16 18:28:22 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\2020Player@2020Technologies.com
[2010.10.24 21:07:36 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.18 19:50:14 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\radiobar@toolbar
[2011.04.13 20:59:06 | 000,002,557 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\askcom.xml
[2011.07.16 11:11:20 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-1.xml
[2011.03.07 09:42:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-2.xml
[2011.03.09 00:51:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-3.xml
[2011.04.14 06:09:43 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-4.xml
[2011.06.23 08:46:42 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-5.xml
[2011.04.18 22:02:43 | 000,000,168 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.gif
[2011.04.18 22:02:43 | 000,000,618 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.xml
[2010.03.15 23:38:05 | 000,001,589 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\web-search.xml
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.23 18:56:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.22 09:51:48 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\RADIOBAR@TOOLBAR
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.10.21 20:06:16 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.21 20:06:16 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.10.21 20:06:16 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.10.21 20:06:16 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.10.21 20:06:16 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.20 15:46:29 | 000,203,160 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] File not found
O4 - HKLM..\Run: [conhost] C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\Windows\systemup.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
F3:64bit: - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
F3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.10 10.1.62.66
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (C:\Users\Uživatel\AppData\Roaming\dwm.exe) - C:\Users\Uživatel\AppData\Roaming\dwm.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell - "" = AutoRun
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell\AutoRun\command - "" = G:\SetupLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\NUVYUV.DLL (Nogatech Ltd.)
Drivers32: VIDC.NTN1 - C:\Windows\SysWow64\Nuvision.ax (Nogatech Ltd.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011.07.20 15:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011.07.19 16:54:48 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.07.19 16:29:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0-lnk
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0
[2011.07.19 16:12:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011.07.19 15:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.07.19 15:18:42 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.19 15:18:41 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.18 22:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.18 17:24:48 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.18 16:59:33 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.18 16:59:17 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.18 16:58:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.18 16:56:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.07.05 01:39:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.05 01:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011.07.05 01:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011.06.20 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\2011_06_20
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:46:29 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.20 15:46:29 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011.07.20 15:45:46 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.20 15:45:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.20 15:45:37 | 1609,961,472 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.20 15:33:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.20 15:24:31 | 000,007,607 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.07.20 14:57:36 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.20 13:57:01 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.20 13:57:01 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.20 13:57:01 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.20 13:57:01 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.20 13:57:01 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.20 13:32:31 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 21:16:05 | 000,000,179 | ---- | M] () -- C:\Windows\info1
[2011.07.19 16:57:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 16:54:50 | 000,002,332 | ---- | M] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:27:01 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-170747.backup
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.19 14:52:07 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.07.19 10:12:53 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-142939.backup
[2011.07.18 22:49:46 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 22:42:15 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2011.07.18 22:42:15 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.18 21:28:36 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:40 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:44:37 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-212453.backup
[2011.07.18 20:27:34 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.18 17:00:10 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-170630.backup
[2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.05 01:37:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.07.02 18:33:22 | 000,042,207 | -HS- | M] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | M] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.20 09:57:31 | 000,180,736 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 16:54:50 | 000,002,332 | ---- | C] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:52:40 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.19 16:52:40 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 15:18:55 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.18 22:49:46 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:25 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:25:57 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.18 20:25:55 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.18 20:25:55 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.18 17:00:14 | 000,110,592 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.18 16:59:57 | 000,114,176 | ---- | C] () -- C:\Windows\systemup.exe
[2011.07.18 16:59:16 | 000,000,179 | ---- | C] () -- C:\Windows\info1
[2011.07.18 16:58:40 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:26 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.18 16:49:34 | 000,006,868 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.05 01:37:42 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.02 18:33:22 | 000,042,207 | -HS- | C] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | C] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[2011.03.12 20:28:00 | 000,007,607 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2010.08.23 21:30:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.31 16:09:15 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2010.03.31 15:32:59 | 000,004,608 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.10 15:22:24 | 002,407,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010.02.24 15:43:33 | 000,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.20 00:27:50 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2010.02.17 17:18:01 | 000,190,160 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.02.17 17:17:57 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.02.17 17:17:57 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.02.16 20:43:03 | 000,000,632 | ---- | C] () -- C:\Windows\Thps3.INI
[2010.02.12 16:44:17 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2010.02.12 14:28:43 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.02.12 14:28:43 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.02.12 14:28:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.02.12 14:28:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.02.07 04:13:58 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 15:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
========== LOP Check ==========
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.06.10 14:28:46 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"WinFast Schedule" = C:\Program Files\WinFast\WFDTV\WFWIZ.exe -- [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.06.03 07:28:18 | 000,136,176 | ---- | M] (Google Inc.)
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2011.07.20 13:32:37 | 000,177,664 | ---- | M] () MD5=14C37D7485988E3D851E2F6184BDA108 -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SPOOLSV.EXE >
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\SysNative\spoolsv.exe
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.1\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0-lnk\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.07.19 21:16:05 | 000,340,480 | ---- | M] () MD5=BD0ACD06341E69D226259858DA331359 -- C:\Windows\update.5.0\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011.07.18 16:59:33 | 000,483,328 | ---- | M] () MD5=EFB19E06A994F184B781A3C948E77E6E -- C:\Windows\update.2\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:40:18 | 000,084,992 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,027,136 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,028,672 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,080,896 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,083,968 | ---- | M] (CANON INC.) --
[2009.07.14 03:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2009.07.14 03:41:56 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.07.14 17:17:26 | 000,003,584 | ---- | M] (Lexmark International Inc.) --
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
OTL.txt
OTL logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
PRC - [2011.07.20 13:32:37 | 000,177,664 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
PRC - [2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.19 21:16:05 | 000,340,480 | ---- | M] () -- C:\Windows\update.5.0\svchost.exe
PRC - [2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
PRC - [2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:59:33 | 000,483,328 | ---- | M] () -- C:\Windows\update.2\svchost.exe
PRC - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
PRC - [2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.tray-2-0\svchost.exe
PRC - [2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () -- C:\Windows\update.1\svchost.exe
PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010.09.22 09:51:21 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009.10.15 19:08:04 | 005,822,464 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009.10.02 16:17:22 | 000,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2009.09.17 21:11:40 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2009.09.17 21:11:38 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006.10.11 13:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
PRC - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (SafeList) ==========
MOD - [2011.07.20 15:52:45 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Uživatel\Downloads\OTL.exe
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.07.18 16:58:33 | 000,232,960 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
SRV - [2010.12.10 00:01:33 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.05.24 20:30:43 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2010.03.10 21:13:37 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2004.12.13 05:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.04.14 21:28:24 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.04.05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.03.16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.03.01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.02.22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.02.10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.01.07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010.12.21 15:04:06 | 000,170,640 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.12.21 13:47:38 | 000,125,296 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.12.02 12:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010.08.25 21:08:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.07.12 04:34:00 | 000,057,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2009.12.19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.08.17 23:32:44 | 001,311,616 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)
DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 06:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2005.11.03 16:40:56 | 000,089,600 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2005.08.10 14:46:20 | 000,068,608 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2005.05.16 15:21:16 | 000,007,168 | ---- | M] (Protection Technology) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.23 18:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\ULCDRHlp.sys -- (ULCDRHlp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F1 53 DC 97 DF AB CA 01 [binary data]
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63455
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: radiobar@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.1.9&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Uživatel\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.22 09:51:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 08:46:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.19 21:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.09.22 09:51:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.09.22 09:51:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions
[2010.02.16 12:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions
[2011.04.18 22:02:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.16 18:28:22 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\2020Player@2020Technologies.com
[2010.10.24 21:07:36 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com
[2010.04.18 19:50:14 | 000,000,000 | ---D | M] (RadioBar Toolbar) -- C:\Users\Uživatel\AppData\Roaming\mozilla\Firefox\Profiles\muwyjjqc.default\extensions\radiobar@toolbar
[2011.04.13 20:59:06 | 000,002,557 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\askcom.xml
[2011.07.16 11:11:20 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-1.xml
[2011.03.07 09:42:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-2.xml
[2011.03.09 00:51:08 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-3.xml
[2011.04.14 06:09:43 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-4.xml
[2011.06.23 08:46:42 | 000,000,950 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin-5.xml
[2011.04.18 22:02:43 | 000,000,168 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.gif
[2011.04.18 22:02:43 | 000,000,618 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.src
[2010.05.12 17:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\icqplugin.xml
[2010.03.15 23:38:05 | 000,001,589 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\searchplugins\web-search.xml
[2011.07.19 21:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.08.23 18:56:39 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.22 09:51:48 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\2020PLAYER@2020TECHNOLOGIES.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\BATTLEFIELDHEROESPATCHER@EA.COM
File not found (No name found) -- C:\USERS\UĹĽIVATEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\MUWYJJQC.DEFAULT\EXTENSIONS\RADIOBAR@TOOLBAR
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.10.21 20:06:16 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.21 20:06:16 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010.10.21 20:06:16 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.10.21 20:06:16 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.10.21 20:06:16 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2011.07.20 15:46:29 | 000,203,160 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [egui] File not found
O4 - HKLM..\Run: [conhost] C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe ()
O4 - HKLM..\Run: [l1rezerv.exe] C:\Windows\l1rezerv.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [sysdriver32.exe] C:\Windows\sysdriver32.exe ()
O4 - HKLM..\Run: [sysdriver32_.exe] C:\Windows\sysdriver32_.exe ()
O4 - HKLM..\Run: [systemup] C:\Windows\systemup.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-2-0\svchost.exe ()
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [wxpdrv] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
F3:64bit: - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
F3 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 WinNT: Load - (C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe) - C:\Users\UIVATE~1\AppData\Local\Temp\csrss.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.10 10.1.62.66
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-3502144519-3829416638-612489386-1000 Winlogon: Shell - (C:\Users\Uživatel\AppData\Roaming\dwm.exe) - C:\Users\Uživatel\AppData\Roaming\dwm.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell - "" = AutoRun
O33 - MountPoints2\{5f4f54f7-b07c-11df-b136-90e6bac5a0f0}\Shell\AutoRun\command - "" = G:\SetupLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.i420 - C:\Windows\SysWow64\NUVYUV.DLL (Nogatech Ltd.)
Drivers32: VIDC.NTN1 - C:\Windows\SysWow64\Nuvision.ax (Nogatech Ltd.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0-lnk
[2011.07.20 15:44:42 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-2-0
[2011.07.20 15:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2011.07.19 21:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2011.07.19 21:29:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2011.07.19 16:54:48 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.07.19 16:29:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0-lnk
[2011.07.19 16:15:01 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-12-0
[2011.07.19 16:12:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2011.07.19 15:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.07.19 15:18:42 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.19 15:18:41 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.18 22:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\rpcminer
[2011.07.18 21:28:37 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011.07.18 17:24:48 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011.07.18 16:59:33 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.07.18 16:59:17 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.07.18 16:58:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.07.18 16:56:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-9-0
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.07.18 16:56:10 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.07.05 01:39:28 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.05 01:37:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2011.07.05 01:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2011.06.20 16:35:08 | 000,000,000 | ---D | C] -- C:\Users\Uživatel\Desktop\2011_06_20
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:53:06 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.20 15:46:29 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.20 15:46:29 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011.07.20 15:45:46 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.20 15:45:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.20 15:45:37 | 1609,961,472 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.20 15:33:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.20 15:24:31 | 000,007,607 | ---- | M] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2011.07.20 14:57:36 | 000,000,974 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.20 13:57:01 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.20 13:57:01 | 000,622,422 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.20 13:57:01 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.20 13:57:01 | 000,118,604 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.20 13:57:01 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.20 13:32:31 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 21:16:05 | 000,000,179 | ---- | M] () -- C:\Windows\info1
[2011.07.19 16:57:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 16:54:50 | 000,002,332 | ---- | M] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:27:01 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-170747.backup
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.19 14:52:07 | 000,001,947 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011.07.19 10:12:53 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110719-142939.backup
[2011.07.18 22:49:46 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 22:42:15 | 000,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2011.07.18 22:42:15 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\WinFast PVR2.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.07.18 21:28:36 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:40 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:44:37 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-212453.backup
[2011.07.18 20:27:34 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.07.18 17:00:11 | 000,110,592 | ---- | M] () -- C:\Windows\l1rezerv.exe
[2011.07.18 17:00:10 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20110718-170630.backup
[2011.07.18 16:59:49 | 000,114,176 | ---- | M] () -- C:\Windows\systemup.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:33 | 000,232,960 | ---- | M] () -- C:\Windows\sysdriver32.exe
[2011.07.17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011.07.05 01:37:42 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.04 13:43:53 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.07.04 13:43:51 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011.07.04 13:43:42 | 000,253,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011.07.04 13:36:56 | 000,600,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011.07.04 13:36:54 | 000,288,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011.07.04 13:35:28 | 000,045,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011.07.04 13:32:35 | 000,031,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011.07.04 13:32:24 | 000,064,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011.07.04 13:32:14 | 000,022,360 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011.07.02 18:33:22 | 000,042,207 | -HS- | M] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | M] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.20 15:54:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.20 09:57:31 | 000,180,736 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2011.07.19 21:30:08 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2011.07.19 16:54:50 | 000,002,332 | ---- | C] () -- C:\Users\Uživatel\Desktop\Google Chrome.lnk
[2011.07.19 16:52:40 | 000,000,974 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000UA.job
[2011.07.19 16:52:40 | 000,000,922 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3502144519-3829416638-612489386-1000Core.job
[2011.07.19 15:18:55 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.18 22:49:46 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011.07.18 21:28:36 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011.07.18 21:28:36 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011.07.18 21:28:36 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011.07.18 20:45:25 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.07.18 20:25:57 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.07.18 20:25:55 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.07.18 20:25:55 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.07.18 17:00:14 | 000,110,592 | ---- | C] () -- C:\Windows\l1rezerv.exe
[2011.07.18 16:59:57 | 000,114,176 | ---- | C] () -- C:\Windows\systemup.exe
[2011.07.18 16:59:16 | 000,000,179 | ---- | C] () -- C:\Windows\info1
[2011.07.18 16:58:40 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32_.exe
[2011.07.18 16:58:26 | 000,232,960 | ---- | C] () -- C:\Windows\sysdriver32.exe
[2011.07.18 16:49:34 | 000,006,868 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.05 01:37:42 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2011.07.02 18:33:22 | 000,042,207 | -HS- | C] () -- C:\Users\Uživatel\Desktop\Folder.jpg
[2011.07.02 18:33:22 | 000,007,955 | -HS- | C] () -- C:\Users\Uživatel\Desktop\AlbumArtSmall.jpg
[2011.03.12 20:28:00 | 000,007,607 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\resmon.resmoncfg
[2010.08.23 21:30:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.31 16:09:15 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2010.03.31 15:32:59 | 000,004,608 | ---- | C] () -- C:\Users\Uživatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.10 15:22:24 | 002,407,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010.02.24 15:43:33 | 000,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.02.20 00:27:50 | 000,000,350 | ---- | C] () -- C:\Windows\SysWow64\AF15IRTBL.bin
[2010.02.17 17:18:01 | 000,190,160 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.02.17 17:17:57 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.02.17 17:17:57 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.02.16 20:43:03 | 000,000,632 | ---- | C] () -- C:\Windows\Thps3.INI
[2010.02.12 16:44:17 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2010.02.12 14:28:43 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.02.12 14:28:43 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.02.12 14:28:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.02.12 14:28:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.02.07 04:13:58 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.08.16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.29 15:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Windows\SysWow64\MafiaSetup.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | C] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
========== LOP Check ==========
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.06.10 14:28:46 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"WinFast Schedule" = C:\Program Files\WinFast\WFDTV\WFWIZ.exe -- [2009.03.11 19:22:48 | 002,912,256 | ---- | M] (Leadtek Research Inc.)
"SpybotSD TeaTimer" = C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe -- [2009.03.05 17:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Uživatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011.06.03 07:28:18 | 000,136,176 | ---- | M] (Google Inc.)
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\SysNative\cryptsvc.dll
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
< MD5 for: CSRSS.EXE >
[2011.07.20 13:32:37 | 000,177,664 | ---- | M] () MD5=14C37D7485988E3D851E2F6184BDA108 -- C:\Users\Uživatel\AppData\Local\Temp\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\SysNative\csrss.exe
[2009.07.14 03:39:02 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=60C2862B4BF0FD9F582EF344C2B1EC72 -- C:\Windows\winsxs\amd64_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_b4d8d57efdc6b4f3\csrss.exe
< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\SoftwareDistribution\Download\00236e2e422dab929dcda56260d05350\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: FASTFAT.SYS >
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\SysNative\drivers\fastfat.sys
[2009.07.14 01:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=0ADC83218B66A6DB380C330836F3E36D -- C:\Windows\winsxs\amd64_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_0aa81d2771152f86\fastfat.sys
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\SysNative\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\SysNative\drivers\ndis.sys
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NTFS.SYS >
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\SysNative\drivers\ntfs.sys
[2009.07.14 03:48:27 | 001,659,984 | ---- | M] (Microsoft Corporation) MD5=356698A13C4630D5B31C37378D469196 -- C:\Windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_02661b64369ca03a\ntfs.sys
< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\drivers\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\SysNative\smss.exe
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
< MD5 for: SPOOLSV.EXE >
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\SysNative\spoolsv.exe
[2009.07.14 03:39:44 | 000,558,080 | ---- | M] (Microsoft Corporation) MD5=89E8550C5862999FCF482EA562B0E98E -- C:\Windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_324094c8db39cbbd\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.1\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-12-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-2-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-7-0-lnk\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0\svchost.exe
[2011.07.18 16:48:19 | 001,170,432 | -H-- | M] () MD5=547E351F6480D31DC42704DC6AC1CDD1 -- C:\Windows\update.tray-9-0-lnk\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011.07.19 21:16:05 | 000,340,480 | ---- | M] () MD5=BD0ACD06341E69D226259858DA331359 -- C:\Windows\update.5.0\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2011.07.18 16:59:33 | 000,483,328 | ---- | M] () MD5=EFB19E06A994F184B781A3C948E77E6E -- C:\Windows\update.2\svchost.exe
< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\SysNative\drivers\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SoftwareDistribution\Download\0cfc8dbf763c806fb82e646c7352a6fc\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\SysNative\ws2_32.dll
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll
< >
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:40:18 | 000,084,992 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,027,136 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,028,672 | ---- | M] (CANON INC.) --
[2006.09.12 22:00:00 | 000,080,896 | ---- | M] (CANON INC.) --
[2009.03.17 06:00:00 | 000,083,968 | ---- | M] (CANON INC.) --
[2009.07.14 03:41:12 | 000,027,648 | ---- | M] (Microsoft Corporation) --
[2009.07.14 03:41:56 | 000,039,424 | ---- | M] (Microsoft Corporation) --
[2009.07.14 17:17:26 | 000,003,584 | ---- | M] (Lexmark International Inc.) --
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.07.19 15:18:41 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
Re: UFA.EXE
Napsal: 20 črc 2011 15:16
< %APPDATA%\*. >
[2010.02.18 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Adobe
[2010.02.17 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ArcSoft
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.14 22:03:00 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\AVS4YOU
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2010.03.02 23:41:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DivX
[2010.07.12 22:16:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\dvdcss
[2011.07.05 01:39:28 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.02.12 19:52:24 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Identities
[2010.02.12 14:43:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\InstallShield
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2010.02.12 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Center Programs
[2010.06.28 22:53:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Player Classic
[2011.07.20 13:32:28 | 000,000,000 | --SD | M] -- C:\Users\Uživatel\AppData\Roaming\Microsoft
[2010.02.12 14:37:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2011.06.19 15:54:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Nero
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.11.13 21:56:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Real
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2011.03.27 16:40:01 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Skype
[2010.09.06 08:08:36 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\skypePM
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2011.01.03 19:16:02 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\vlc
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.07.19 22:58:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2010.06.22 16:25:38 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
< %APPDATA%\*.exe /s >
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
[2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
[2010.03.16 22:20:16 | 000,010,134 | R--- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2010.06.28 23:00:21 | 002,228,534 | ---- | M] ( ) -- C:\Users\Uživatel\AppData\Roaming\OpenCandy\OpenCandy_EC22156BF8CA4B5F943BA0D99DF93464\audacity-win-1.2.6.exe
[2010.12.04 21:57:05 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.24 18:01:13 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2010.05.13 13:09:52 | 000,220,272 | ---- | M] (Google Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb_helper\LaunchHelper.exe
[2010.03.25 12:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr\ChromeInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr_helper\LaunchHelper.exe
[2010.12.18 12:06:01 | 025,809,040 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\rp\RealPlayer.exe
[2010.11.04 19:05:08 | 000,092,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\ui_data\vista.exe
[2011.07.17 17:45:27 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () MD5=EAF9D5F496D53877A45710D6CB52F651 -- C:\PhysicalMBR.bin
< End of report >
Extras.txt
OTL Extras logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180" = Canon MP180
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"doPDF 7 printer_is1" = doPDF 7.1 printer
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-6009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - English
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{5DA1C66B-EAD2-4A2A-B277-5E8710C580F8}" = CODEC(NogaTech)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6f01ffd3-a191-40a5-a881-9544c392b5a5}" = Nero 9 Lite
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD LT 2008 - English" = AutoCAD LT 2008 - English
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cute MP4 Video Converter_is1" = Cute MP4 Video Converter version 3.6.6.0
"DzSoftPPSlideShowConv_is1" = PowerPoint Slide Show Converter 3.0
"EADM" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EAX Unified" = EAX Unified
"GameSpy Arcade" = GameSpy Arcade
"GOM Player" = GOM Player
"ICQToolbar" = ICQ Toolbar
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP180" = Registrace uživatele zařízení Canon MP180
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
[2010.02.18 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Adobe
[2010.02.17 10:43:53 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ArcSoft
[2010.05.24 20:27:44 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Autodesk
[2010.12.14 22:03:00 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\AVS4YOU
[2010.12.06 21:38:49 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Canon
[2010.06.28 23:00:08 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Christofer Persson
[2010.08.25 21:12:15 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DAEMON Tools Lite
[2010.03.02 23:41:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\DivX
[2010.07.12 22:16:22 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\dvdcss
[2011.07.05 01:39:28 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\GRETECH
[2011.07.19 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ICQ
[2010.02.12 19:52:24 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Identities
[2010.02.12 14:43:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\InstallShield
[2010.03.19 17:23:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Leadertech
[2010.02.12 15:28:21 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Center Programs
[2010.06.28 22:53:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Media Player Classic
[2011.07.20 13:32:28 | 000,000,000 | --SD | M] -- C:\Users\Uživatel\AppData\Roaming\Microsoft
[2010.02.12 14:37:06 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Mozilla
[2011.01.03 18:53:43 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\NCH Swift Sound
[2011.06.19 15:54:17 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Nero
[2010.06.28 23:00:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenCandy
[2010.02.12 14:51:30 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\OpenOffice.org
[2011.01.02 18:56:18 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Philips
[2010.11.13 21:56:46 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Real
[2010.02.24 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\ScanSoft
[2011.03.27 16:40:01 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Skype
[2010.09.06 08:08:36 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\skypePM
[2010.09.22 07:34:41 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Softland
[2011.01.02 18:55:03 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Songbird2
[2010.02.16 12:27:37 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Thunderbird
[2011.01.03 19:16:02 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\vlc
[2010.03.31 16:07:27 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Win7codecs
[2011.07.19 22:58:39 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\Winamp
[2010.06.22 16:25:38 | 000,000,000 | ---D | M] -- C:\Users\Uživatel\AppData\Roaming\WinRAR
< %APPDATA%\*.* >
[2011.07.19 15:59:51 | 000,006,868 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\CB3E.436
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
< %APPDATA%\*.exe /s >
[2011.07.20 09:57:31 | 000,180,736 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\dwm.exe
[2002.08.29 17:33:56 | 000,319,488 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\MafiaSetup.exe
[2011.07.18 16:49:33 | 000,169,472 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\conhost.exe
[2010.03.16 22:20:16 | 000,010,134 | R--- | M] () -- C:\Users\Uživatel\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\muwyjjqc.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2010.06.28 23:00:21 | 002,228,534 | ---- | M] ( ) -- C:\Users\Uživatel\AppData\Roaming\OpenCandy\OpenCandy_EC22156BF8CA4B5F943BA0D99DF93464\audacity-win-1.2.6.exe
[2010.12.04 21:57:05 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.01.24 18:01:13 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\setup.exe
[2010.05.13 13:09:52 | 000,220,272 | ---- | M] (Google Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\gtb_helper\LaunchHelper.exe
[2010.03.25 12:08:26 | 013,407,072 | ---- | M] () -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr\ChromeInstaller.exe
[2010.10.22 19:10:16 | 000,190,632 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\chr_helper\LaunchHelper.exe
[2010.12.18 12:06:01 | 025,809,040 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\rp\RealPlayer.exe
[2010.11.04 19:05:08 | 000,092,328 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\setup3.14\ui_data\vista.exe
[2011.07.17 17:45:27 | 000,308,864 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Uživatel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.01\rnupgagent.exe
< %SYSTEMDRIVE%\*.exe >
< >
< >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.07.20 15:54:20 | 000,000,512 | ---- | M] () MD5=EAF9D5F496D53877A45710D6CB52F651 -- C:\PhysicalMBR.bin
< End of report >
Extras.txt
OTL Extras logfile created on: 20.7.2011 15:53:40 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Uživatel\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,47% Memory free
4,00 Gb Paging File | 2,66 Gb Available in Paging File | 66,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,49 Gb Total Space | 8,43 Gb Free Space | 8,39% Space Free | Partition Type: NTFS
Drive D: | 197,50 Gb Total Space | 11,04 Gb Free Space | 5,59% Space Free | Partition Type: NTFS
Drive F: | 298,02 Gb Total Space | 231,66 Gb Free Space | 77,73% Space Free | Partition Type: FAT32
Computer Name: UŽIVATEL-PC | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe -- ()
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe -- ()
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe -- ()
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe -- ()
"C:\Windows\update.tray-9-0-lnk\svchost.exe" = C:\Windows\update.tray-9-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0-lnk\svchost.exe -- ()
"C:\Windows\update.tray-7-0-lnk\svchost.exe" = C:\Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0-lnk\svchost.exe -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP180" = Canon MP180
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{65CCE260-0877-4DC2-9432-AFA29FB8534E}" = ESET NOD32 Antivirus
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"doPDF 7 printer_is1" = doPDF 7.1 printer
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-6009-0409-0002-0060B0CE6BBA}" = AutoCAD LT 2008 - English
"{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07
"{5DA1C66B-EAD2-4A2A-B277-5E8710C580F8}" = CODEC(NogaTech)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6f01ffd3-a191-40a5-a881-9544c392b5a5}" = Nero 9 Lite
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}" = Adobe Flash Player 9 ActiveX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA703982C580418795BF4001AA9D7061}" = DivX Plus Media Foundation Components
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"7-Zip" = 7-Zip 9.15 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD LT 2008 - English" = AutoCAD LT 2008 - English
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cute MP4 Video Converter_is1" = Cute MP4 Video Converter version 3.6.6.0
"DzSoftPPSlideShowConv_is1" = PowerPoint Slide Show Converter 3.0
"EADM" = EA Download Manager
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EAX Unified" = EAX Unified
"GameSpy Arcade" = GameSpy Arcade
"GOM Player" = GOM Player
"ICQToolbar" = ICQ Toolbar
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"Mozilla Thunderbird (3.0.1)" = Mozilla Thunderbird (3.0.1)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 12.0" = RealPlayer
"Registrace uživatele zařízení Canon MP180" = Registrace uživatele zařízení Canon MP180
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"The KMPlayer" = The KMPlayer (remove only)
"TmNationsForever_is1" = TmNationsForever
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3502144519-3829416638-612489386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Re: UFA.EXE
Napsal: 20 črc 2011 15:16
Sorry za vstup.
Založte si prosím vlastní téma, takto by se to pletlo. Děkujeme za pochopení.
Založte si prosím vlastní téma, takto by se to pletlo. Děkujeme za pochopení.