Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel Nezbeda at 2010-09-12 22:07:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 105 GB (69%) free of 153 GB
Total RAM: 959 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:20, on 12.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\download\RSIT.exe
C:\Program Files\trend micro\Pavel Nezbeda.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Hlede&j v ČR - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v &encyklopedii - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5108
O8 - Extra context menu item: Hledej ve &světě - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Hledej ve &zboží - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5107
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 10012 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{7FCB6E37-681A-4DB5-907E-FA70A1D2661C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-18 591336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Lištička - C:\Program Files\Seznam\Listicka\Toolbar.dll [2007-11-04 793960]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-18 591336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-18 13574144]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-18 86016]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-11-19 2166784]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-05-20 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-18 730600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoBandCustomize"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoBandCustomize"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-09-07 22:45:20 ----D---- C:\rsit
2010-09-05 22:59:16 ----D---- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
2010-09-05 22:58:26 ----D---- C:\Program Files\Conduit
2010-09-05 22:58:24 ----D---- C:\Program Files\ZoneAlarm
2010-09-05 22:57:59 ----D---- C:\Program Files\CheckPoint
2010-09-05 22:57:43 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-09-05 22:57:38 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-09-05 22:57:38 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-09-05 22:57:30 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-09-05 22:57:25 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-09-05 22:57:25 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-09-05 22:57:24 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-09-05 22:57:24 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-09-05 22:57:24 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-09-05 22:57:23 ----A---- C:\WINDOWS\system32\vsdatant.sys
2010-09-05 22:57:21 ----D---- C:\Program Files\Zone Labs
2010-09-05 22:56:35 ----D---- C:\WINDOWS\Internet Logs
2010-09-05 22:56:34 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-09-05 22:56:33 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-09-05 22:56:33 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-09-05 22:46:27 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-09-05 22:46:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-09-05 22:46:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-09-02 22:28:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-09-02 22:26:18 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-02 22:25:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Plugins
2010-09-02 21:29:36 ----D---- C:\Config.Msi
2010-08-27 22:41:15 ----D---- C:\WINDOWS\system32\NtmsData
2010-08-25 19:13:45 ----D---- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Malwarebytes
2010-08-25 19:13:37 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-08-25 19:13:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-25 19:13:34 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-08-25 19:13:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-22 21:33:07 ----D---- C:\Program Files\trend micro
2010-08-15 14:15:17 ----D---- C:\vag IHR3040n
======List of files/folders modified in the last 1 months======
2010-09-12 21:43:47 ----D---- C:\WINDOWS\temp
2010-09-12 21:28:40 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-12 21:27:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-12 21:27:35 ----D---- C:\Program Files\Spyware Terminator
2010-09-12 21:27:21 ----D---- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Skype
2010-09-12 20:23:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-09-12 19:59:25 ----D---- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\skypePM
2010-09-12 19:38:21 ----D---- C:\WINDOWS\Prefetch
2010-09-12 00:19:57 ----D---- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Spyware Terminator
2010-09-10 20:45:40 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-09 21:43:31 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-09 20:04:56 ----SHD---- C:\WINDOWS\Installer
2010-09-08 08:42:44 ----D---- C:\WINDOWS
2010-09-07 22:53:36 ----D---- C:\download
2010-09-07 22:40:04 ----D---- C:\WINDOWS\Debug
2010-09-07 22:38:17 ----D---- C:\Program Files\CCleaner
2010-09-07 22:29:18 ----D---- C:\WINDOWS\system32
2010-09-07 21:56:36 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-07 20:35:31 ----D---- C:\auto data
2010-09-06 18:58:55 ----SHD---- C:\System Volume Information
2010-09-06 18:58:55 ----D---- C:\WINDOWS\system32\Restore
2010-09-06 18:57:35 ----D---- C:\WINDOWS\system32\drivers
2010-09-05 22:58:55 ----D---- C:\Program Files\Mozilla Firefox 3 Beta 1
2010-09-05 22:58:26 ----D---- C:\Program Files
2010-09-05 22:46:23 ----D---- C:\WINDOWS\WinSxS
2010-09-05 22:46:04 ----D---- C:\Program Files\Alwil Software
2010-09-05 22:43:33 ----D---- C:\Program Files\ESET
2010-09-02 22:29:25 ----D---- C:\WINDOWS\system32\config
2010-09-02 22:29:00 ----D---- C:\WINDOWS\system32\wbem
2010-09-02 22:28:59 ----D---- C:\WINDOWS\Registration
2010-09-02 22:27:45 ----D---- C:\Program Files\Internet Explorer
2010-09-02 22:27:24 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-09-02 22:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-09-02 22:27:23 ----HD---- C:\WINDOWS\inf
2010-09-02 22:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-09-02 22:27:18 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-09-02 22:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-09-02 22:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-09-02 22:26:51 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-09-02 22:26:42 ----D---- C:\Program Files\Movie Maker
2010-09-02 22:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-09-02 22:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-09-02 22:26:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-02 22:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-09-02 22:25:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-09-02 22:24:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2010-09-02 22:24:03 ----D---- C:\Program Files\Adobe
2010-09-02 22:24:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-09-02 22:24:01 ----D---- C:\Program Files\Common Files\Adobe
2010-09-02 22:23:02 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-09-02 22:22:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-09-02 22:22:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-09-02 22:22:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-09-02 22:22:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-09-02 21:42:34 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-02 21:29:54 ----D---- C:\Program Files\Google
2010-09-02 21:29:53 ----D---- C:\Program Files\Windows Live
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-06-28 105088]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 713xTVCard;SAA7135 TV Card; C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2006-05-20 289280]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 HOSTNT;HOSTNT; C:\WINDOWS\system32\drivers\HOSTNT.sys [2008-05-20 4032]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 WDMTVTuner;Universal WDM TV Tuner; C:\WINDOWS\system32\drivers\WDMTuner.sys [2006-05-20 26880]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-18 6132576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2004-04-20 24209]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2008-03-13 72000]
S3 IT9135BDA;IT9135 BDA Devices; C:\WINDOWS\System32\Drivers\IT9135BDA.sys [2010-07-23 94336]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-03 20543]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-18 493032]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-07-13 131131]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-07-13 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-18 163908]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-11-19 488960]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-05-20 2437176]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu zamrzá mi počítač
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu zamrzá mi počítač
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
grpconv.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: prosím o kontrolu zamrzá mi počítač
OTL logfile created on: 12.9.2010 22:17:22 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
959.00 Mb Total Physical Memory | 329.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 102.56 Gb Free Space | 68.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FLEXIO-82DE7A7E
Current User Name: Pavel Nezbeda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.12 22:16:24 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\download\OTL.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.05.20 18:10:18 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010.05.18 16:01:32 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009.11.24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009.11.19 18:53:04 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009.11.19 18:53:03 | 002,166,784 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2009.11.17 08:17:02 | 015,547,760 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpyWareTerminator.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.02.06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2008.10.31 08:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 08:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.04 13:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006.07.13 17:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006.07.13 17:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006.04.03 19:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2000.06.29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
========== Modules (SafeList) ==========
MOD - [2010.09.12 22:16:24 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\download\OTL.exe
MOD - [2010.05.18 16:01:40 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2008.07.25 12:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008.07.25 12:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.02.05 10:29:04 | 000,139,264 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Plánovač automatické aktualizace LiveUpdate)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009.11.19 18:53:04 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.02.06 18:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008.10.31 08:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.07.13 17:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006.07.13 17:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006.04.03 19:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2000.06.29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
========== Driver Services (SafeList) ==========
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.23 20:17:49 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2010.05.18 16:01:28 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009.11.19 18:53:04 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.02.06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008.10.31 08:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.10.09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.09.18 00:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.06.21 05:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 05:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.05.20 20:42:16 | 000,004,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\hostnt.sys -- (HOSTNT)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.13 13:50:02 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2007.04.16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.07.11 15:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.07.11 15:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.06.28 11:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.06.28 10:25:24 | 004,304,384 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.05.20 22:00:00 | 000,289,280 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAA713x.sys -- (713xTVCard)
DRV - [2006.05.20 22:00:00 | 000,026,880 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WDMTuner.sys -- (WDMTVTuner)
DRV - [2005.07.28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.04.20 04:04:56 | 000,024,209 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2001.08.17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2000.02.03 21:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
IE - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:1.0.7
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.09.05 23:19:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007.11.03 01:49:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.02 22:28:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 3 Beta 1\components [2008.12.25 00:47:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3 Beta 1\plugins [2010.09.02 22:28:10 | 000,000,000 | ---D | M]
[2008.02.29 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Extensions
[2010.09.05 22:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions
[2009.10.11 00:29:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.05 22:58:36 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2009.10.26 19:01:13 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009.10.26 19:01:17 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2008.12.25 00:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\cs@dictionaries.addons.mozilla(2).org
[2009.10.22 23:00:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-1.xml
[2008.08.13 16:47:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-2.xml
[2008.09.16 15:11:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-3.xml
[2008.09.20 20:23:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-4.xml
[2008.12.19 03:07:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-5.xml
[2008.12.23 16:11:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-6.xml
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin.xml
[2009.07.19 18:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.19 18:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.11.03 01:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2007.11.03 01:49:46 | 000,066,408 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007.11.03 01:49:46 | 000,054,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007.11.03 01:49:46 | 000,034,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007.11.03 01:49:46 | 000,046,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007.11.03 01:49:46 | 000,171,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2006.11.09 15:20:00 | 002,111,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2007.08.04 22:16:04 | 000,001,118 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\centrum-cz.xml
[2007.08.04 22:16:04 | 000,000,661 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2007.08.04 22:16:04 | 000,001,674 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2007.08.04 22:16:04 | 000,001,302 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2007.08.04 22:16:04 | 000,000,765 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
O1 HOSTS File: ([2010.09.07 21:56:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Přelož do češtiny - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hlede&j v ČR - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej v &encyklopedii - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej ve &světě - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej ve &zboží - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.07 20:35:31 | 000,000,000 | ---D | M] - C:\auto data -- [ NTFS ]
O32 - AutoRun File - [2009.03.13 16:16:35 | 000,000,000 | ---D | M] - C:\auto foto -- [ NTFS ]
O32 - AutoRun File - [2009.12.08 16:01:07 | 000,000,000 | ---D | M] - C:\Auto-diagnostika -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (68974924210896896)
========== Files/Folders - Created Within 30 Days ==========
[2010.09.07 22:45:20 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.07 22:40:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavel Nezbeda\Recent
[2010.09.05 22:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Dokumenty\ForceField Shared Files
[2010.09.05 22:59:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
[2010.09.05 22:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.09.05 22:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\Conduit
[2010.09.05 22:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\ZoneAlarm
[2010.09.05 22:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm
[2010.09.05 22:57:59 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.09.05 22:57:43 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.09.05 22:57:38 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.09.05 22:57:38 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.09.05 22:57:30 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.09.05 22:57:25 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.09.05 22:57:25 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.09.05 22:57:24 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.09.05 22:57:24 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.09.05 22:57:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.09.05 22:57:23 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.09.05 22:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010.09.05 22:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010.09.05 22:56:34 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.09.05 22:56:33 | 000,712,192 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.09.05 22:56:33 | 000,228,352 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.09.05 22:46:27 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.05 22:46:27 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.05 22:46:27 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.05 22:46:27 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.05 22:46:27 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.09.05 22:46:27 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.05 22:46:27 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.05 22:46:13 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.05 22:46:13 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.05 22:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.02 22:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2010.09.02 22:26:18 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.09.02 22:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Plugins
[2010.09.02 21:29:36 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.08.27 22:41:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.08.25 19:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Malwarebytes
[2010.08.25 19:13:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.25 19:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.08.25 19:13:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.25 19:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.22 21:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.15 14:15:17 | 000,000,000 | ---D | C] -- C:\vag IHR3040n
========== Files - Modified Within 30 Days ==========
[2010.09.12 22:17:24 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7FCB6E37-681A-4DB5-907E-FA70A1D2661C}.job
[2010.09.12 21:29:32 | 000,191,471 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.09.12 21:29:23 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.12 21:28:56 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2010.09.12 21:28:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.12 21:28:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.12 21:27:45 | 010,223,616 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\ntuser.dat
[2010.09.12 21:27:45 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Pavel Nezbeda\ntuser.ini
[2010.09.10 20:45:40 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.07 22:38:19 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\CCleaner.lnk
[2010.09.07 22:29:25 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.09.07 22:23:25 | 000,123,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.07 21:56:36 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.09.05 23:11:23 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\CKScanner.exe
[2010.09.05 22:59:45 | 000,421,442 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.09.05 22:57:47 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.09.05 22:57:46 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\ZoneAlarm Security.lnk
[2010.09.05 22:46:27 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.08.27 22:45:54 | 000,004,608 | ---- | M] () -- C:\6XSourceFilter.grf
[2010.08.25 19:13:40 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.08.23 16:11:34 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2010.09.05 23:11:04 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\CKScanner.exe
[2010.09.05 22:57:47 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.09.05 22:57:46 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\ZoneAlarm Security.lnk
[2010.09.05 22:57:23 | 000,421,442 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.09.05 22:46:27 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.09.02 21:28:50 | 010,223,616 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\ntuser.dat
[2010.08.25 19:13:40 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.07.23 19:35:43 | 000,002,478 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LmeUSB.log
[2010.07.23 19:35:43 | 000,002,477 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LSDmbTH.log
[2010.07.23 19:35:43 | 000,002,426 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LmeZJSW.log
[2010.07.23 19:30:49 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2010.07.23 19:30:39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.03.18 00:19:17 | 000,000,101 | ---- | C] () -- C:\WINDOWS\SILCOM_P.INI
[2009.11.19 18:53:04 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.10.26 21:51:22 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009.10.26 21:51:22 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009.10.26 21:51:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009.10.26 21:51:22 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009.07.09 20:40:30 | 000,006,836 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2009.05.13 17:07:34 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.12.26 04:31:19 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.11.09 19:22:46 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\fusioncache.dat
[2008.09.23 21:54:21 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008.08.19 16:34:59 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.08.19 16:34:59 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.08.19 16:34:59 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.08.19 16:34:58 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.08.19 16:34:58 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.07.01 20:11:11 | 000,546,816 | R--- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\vvddata.wrt
[2008.07.01 19:59:26 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2008.07.01 19:59:22 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\dbjavio6.dll
[2008.07.01 19:59:21 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\dbauth6.dll
[2008.07.01 19:59:12 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2008.07.01 19:59:09 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2008.07.01 19:59:09 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2008.05.20 20:42:16 | 000,004,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hostnt.sys
[2008.03.24 15:10:28 | 000,000,052 | ---- | C] () -- C:\WINDOWS\tbub.ini
[2008.02.12 22:04:23 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.12.19 18:15:29 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.12.16 20:30:28 | 000,000,137 | ---- | C] () -- C:\WINDOWS\ETOSP.INI
[2007.10.28 03:37:44 | 000,000,032 | ---- | C] () -- C:\WINDOWS\thxcfg.ini
[2007.09.03 14:32:39 | 000,000,093 | ---- | C] () -- C:\Program Files\PatchWise.log
[2007.03.25 20:51:35 | 000,000,662 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.03.16 17:35:17 | 000,000,022 | ---- | C] () -- C:\WINDOWS\c2.INI
[2007.03.16 17:33:47 | 000,000,019 | ---- | C] () -- C:\WINDOWS\cnc.ini
[2007.03.14 21:24:42 | 000,000,289 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2007.03.14 20:25:31 | 000,000,694 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.09 22:07:33 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.07 03:13:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.02.20 20:17:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.11.16 15:25:24 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.11.16 14:05:48 | 000,004,247 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2006.11.16 14:05:38 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006.07.12 07:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.07.12 07:19:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.07.12 07:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.07.12 07:19:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.07.12 07:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.07.12 07:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004.09.30 08:17:31 | 000,000,516 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.08.18 15:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004.08.18 15:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004.08.18 15:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004.08.18 15:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004.08.18 15:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004.05.13 20:13:40 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\dbodtr6.dll
[2004.05.13 20:12:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dbextf50.dll
[2002.12.05 17:51:00 | 000,059,392 | R--- | C] () -- C:\WINDOWS\streamhlp.dll
[2002.03.21 13:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002.03.21 13:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002.03.21 13:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002.03.21 13:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002.03.21 13:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002.03.21 13:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002.03.21 13:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002.03.20 22:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
========== LOP Check ==========
OTL by OldTimer - Version 3.2.12.0 Folder = C:\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
959.00 Mb Total Physical Memory | 329.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 102.56 Gb Free Space | 68.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FLEXIO-82DE7A7E
Current User Name: Pavel Nezbeda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.12 22:16:24 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\download\OTL.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.05.20 18:10:18 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010.05.18 16:01:32 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009.11.24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009.11.19 18:53:04 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009.11.19 18:53:03 | 002,166,784 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2009.11.17 08:17:02 | 015,547,760 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpyWareTerminator.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.02.06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2008.10.31 08:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
PRC - [2008.10.31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
PRC - [2008.10.31 08:24:26 | 001,705,256 | ---- | M] (Sunbelt Software, Inc.) -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.04 13:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
PRC - [2006.07.13 17:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2006.07.13 17:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2006.04.03 19:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2000.06.29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
========== Modules (SafeList) ==========
MOD - [2010.09.12 22:16:24 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\download\OTL.exe
MOD - [2010.05.18 16:01:40 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2008.07.25 12:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008.07.25 12:17:20 | 000,558,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007.02.05 10:29:04 | 000,139,264 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Plánovač automatické aktualizace LiveUpdate)
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2009.11.19 18:53:04 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.02.06 18:08:58 | 000,533,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008.10.31 08:24:28 | 001,365,288 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe -- (SPF4)
SRV - [2008.10.31 08:24:28 | 000,095,528 | ---- | M] (Sunbelt Software, Inc.) [Auto | Running] -- C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe -- (SbPF.Launcher)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.07.13 17:59:48 | 000,131,131 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2006.07.13 17:59:32 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2006.04.03 19:04:02 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
SRV - [2000.06.29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
========== Driver Services (SafeList) ==========
DRV - [2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.23 20:17:49 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2010.05.18 16:01:28 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2009.11.19 18:53:04 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009.02.06 18:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008.10.31 08:09:06 | 000,270,888 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbFw.sys -- (SbFw)
DRV - [2008.10.09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008.09.18 00:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.06.21 05:54:54 | 000,066,600 | R--- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sbhips.sys -- (sbhips)
DRV - [2008.06.21 05:54:54 | 000,065,576 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2008.05.20 20:42:16 | 000,004,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\hostnt.sys -- (HOSTNT)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.03.13 13:50:02 | 000,072,000 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2007.04.16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.07.11 15:38:30 | 000,020,480 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.07.11 15:38:28 | 000,057,856 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.06.28 11:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.06.28 10:25:24 | 004,304,384 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.05.20 22:00:00 | 000,289,280 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SAA713x.sys -- (713xTVCard)
DRV - [2006.05.20 22:00:00 | 000,026,880 | R--- | M] (Philips Semiconductors) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WDMTuner.sys -- (WDMTVTuner)
DRV - [2005.07.28 08:18:40 | 000,685,056 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004.04.20 04:04:56 | 000,024,209 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2001.08.17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001.08.17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2000.02.03 21:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
IE - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:1.0.7
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
FF - HKLM\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files\AVG\AVG8\ToolbarFF
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.09.05 23:19:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2007.11.03 01:49:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.02 22:28:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox 3 Beta 1\components [2008.12.25 00:47:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3 Beta 1\plugins [2010.09.02 22:28:10 | 000,000,000 | ---D | M]
[2008.02.29 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Extensions
[2010.09.05 22:59:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions
[2009.10.11 00:29:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.05 22:58:36 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2009.10.26 19:01:13 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009.10.26 19:01:17 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2008.12.25 00:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\extensions\cs@dictionaries.addons.mozilla(2).org
[2009.10.22 23:00:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-1.xml
[2008.08.13 16:47:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-2.xml
[2008.09.16 15:11:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-3.xml
[2008.09.20 20:23:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-4.xml
[2008.12.19 03:07:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-5.xml
[2008.12.23 16:11:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin-6.xml
[2009.07.13 17:12:02 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla\Firefox\Profiles\voxj3vg5.default\searchplugins\icqplugin.xml
[2009.07.19 18:45:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.19 18:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.11.03 01:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
[2007.11.03 01:49:46 | 000,066,408 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2007.11.03 01:49:46 | 000,054,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2007.11.03 01:49:46 | 000,034,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2007.11.03 01:49:46 | 000,046,456 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2007.11.03 01:49:46 | 000,171,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2006.11.09 15:20:00 | 002,111,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2007.08.04 22:16:04 | 000,001,118 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\centrum-cz.xml
[2007.08.04 22:16:04 | 000,000,661 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2007.08.04 22:16:04 | 000,001,674 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2007.08.04 22:16:04 | 000,001,302 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2007.08.04 22:16:04 | 000,000,765 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
O1 HOSTS File: ([2010.09.07 21:56:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (ZoneAlarm Toolbar) - {66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (&Seznam Lištička) - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Přelož do češtiny - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hlede&j v ČR - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej v &encyklopedii - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej ve &světě - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O8 - Extra context menu item: Hledej ve &zboží - C:\Program Files\Seznam\Listicka\Toolbar.dll (Seznam.cz a.s.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.07 20:35:31 | 000,000,000 | ---D | M] - C:\auto data -- [ NTFS ]
O32 - AutoRun File - [2009.03.13 16:16:35 | 000,000,000 | ---D | M] - C:\auto foto -- [ NTFS ]
O32 - AutoRun File - [2009.12.08 16:01:07 | 000,000,000 | ---D | M] - C:\Auto-diagnostika -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (68974924210896896)
========== Files/Folders - Created Within 30 Days ==========
[2010.09.07 22:45:20 | 000,000,000 | ---D | C] -- C:\rsit
[2010.09.07 22:40:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavel Nezbeda\Recent
[2010.09.05 22:59:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Dokumenty\ForceField Shared Files
[2010.09.05 22:59:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
[2010.09.05 22:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.09.05 22:58:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\Conduit
[2010.09.05 22:58:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\ZoneAlarm
[2010.09.05 22:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm
[2010.09.05 22:57:59 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.09.05 22:57:43 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.09.05 22:57:38 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.09.05 22:57:38 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.09.05 22:57:30 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.09.05 22:57:25 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.09.05 22:57:25 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.09.05 22:57:24 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.09.05 22:57:24 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.09.05 22:57:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.09.05 22:57:23 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.09.05 22:57:21 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010.09.05 22:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010.09.05 22:56:34 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.09.05 22:56:33 | 000,712,192 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.09.05 22:56:33 | 000,228,352 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.09.05 22:46:27 | 000,165,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.05 22:46:27 | 000,100,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.05 22:46:27 | 000,094,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.05 22:46:27 | 000,046,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.05 22:46:27 | 000,028,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.09.05 22:46:27 | 000,023,376 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.05 22:46:27 | 000,017,744 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.05 22:46:13 | 000,167,592 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.05 22:46:13 | 000,038,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.05 22:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.09.02 22:28:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
[2010.09.02 22:26:18 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.09.02 22:25:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Plugins
[2010.09.02 21:29:36 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.08.27 22:41:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.08.25 19:13:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Malwarebytes
[2010.08.25 19:13:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.25 19:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.08.25 19:13:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.25 19:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.08.22 21:33:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.15 14:15:17 | 000,000,000 | ---D | C] -- C:\vag IHR3040n
========== Files - Modified Within 30 Days ==========
[2010.09.12 22:17:24 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7FCB6E37-681A-4DB5-907E-FA70A1D2661C}.job
[2010.09.12 21:29:32 | 000,191,471 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.09.12 21:29:23 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.12 21:28:56 | 008,405,015 | ---- | M] () -- C:\WINDOWS\TempFile
[2010.09.12 21:28:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.12 21:28:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.12 21:27:45 | 010,223,616 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\ntuser.dat
[2010.09.12 21:27:45 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Pavel Nezbeda\ntuser.ini
[2010.09.10 20:45:40 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.07 22:38:19 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\CCleaner.lnk
[2010.09.07 22:29:25 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.09.07 22:23:25 | 000,123,728 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.09.07 21:56:36 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.09.07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.09.07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.09.07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.09.07 16:47:19 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.09.07 16:47:16 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.09.07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.09.07 16:46:51 | 000,028,880 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.09.05 23:11:23 | 000,443,392 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\CKScanner.exe
[2010.09.05 22:59:45 | 000,421,442 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.09.05 22:57:47 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.09.05 22:57:46 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\ZoneAlarm Security.lnk
[2010.09.05 22:46:27 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.08.27 22:45:54 | 000,004,608 | ---- | M] () -- C:\6XSourceFilter.grf
[2010.08.25 19:13:40 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.08.23 16:11:34 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
========== Files Created - No Company Name ==========
[2010.09.05 23:11:04 | 000,443,392 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\CKScanner.exe
[2010.09.05 22:57:47 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.09.05 22:57:46 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Plocha\ZoneAlarm Security.lnk
[2010.09.05 22:57:23 | 000,421,442 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.09.05 22:46:27 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2010.09.02 21:28:50 | 010,223,616 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\ntuser.dat
[2010.08.25 19:13:40 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.07.23 19:35:43 | 000,002,478 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LmeUSB.log
[2010.07.23 19:35:43 | 000,002,477 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LSDmbTH.log
[2010.07.23 19:35:43 | 000,002,426 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LmeZJSW.log
[2010.07.23 19:30:49 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2010.07.23 19:30:39 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.03.18 00:19:17 | 000,000,101 | ---- | C] () -- C:\WINDOWS\SILCOM_P.INI
[2009.11.19 18:53:04 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2009.10.26 21:51:22 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2009.10.26 21:51:22 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll
[2009.10.26 21:51:22 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2009.10.26 21:51:22 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2009.07.09 20:40:30 | 000,006,836 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2009.05.13 17:07:34 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008.12.26 04:31:19 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.11.09 19:22:46 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\fusioncache.dat
[2008.09.23 21:54:21 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2008.08.19 16:34:59 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.08.19 16:34:59 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.08.19 16:34:59 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.08.19 16:34:58 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.08.19 16:34:58 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.07.01 20:11:11 | 000,546,816 | R--- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\vvddata.wrt
[2008.07.01 19:59:26 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2008.07.01 19:59:22 | 000,078,336 | ---- | C] () -- C:\WINDOWS\System32\dbjavio6.dll
[2008.07.01 19:59:21 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\dbauth6.dll
[2008.07.01 19:59:12 | 000,000,055 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2008.07.01 19:59:09 | 000,024,608 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2008.07.01 19:59:09 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2008.05.20 20:42:16 | 000,004,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hostnt.sys
[2008.03.24 15:10:28 | 000,000,052 | ---- | C] () -- C:\WINDOWS\tbub.ini
[2008.02.12 22:04:23 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.12.19 18:15:29 | 000,000,412 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007.12.16 20:30:28 | 000,000,137 | ---- | C] () -- C:\WINDOWS\ETOSP.INI
[2007.10.28 03:37:44 | 000,000,032 | ---- | C] () -- C:\WINDOWS\thxcfg.ini
[2007.09.03 14:32:39 | 000,000,093 | ---- | C] () -- C:\Program Files\PatchWise.log
[2007.03.25 20:51:35 | 000,000,662 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2007.03.16 17:35:17 | 000,000,022 | ---- | C] () -- C:\WINDOWS\c2.INI
[2007.03.16 17:33:47 | 000,000,019 | ---- | C] () -- C:\WINDOWS\cnc.ini
[2007.03.14 21:24:42 | 000,000,289 | ---- | C] () -- C:\WINDOWS\spidla.INI
[2007.03.14 20:25:31 | 000,000,694 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.03.09 22:07:33 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Pavel Nezbeda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.07 03:13:12 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.02.20 20:17:09 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.11.16 15:25:24 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.11.16 14:05:48 | 000,004,247 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2006.11.16 14:05:38 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006.07.12 07:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.07.12 07:19:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.07.12 07:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.07.12 07:19:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.07.12 07:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.07.12 07:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2004.09.30 08:17:31 | 000,000,516 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004.08.18 15:00:00 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004.08.18 15:00:00 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2004.08.18 15:00:00 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004.08.18 15:00:00 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2004.08.18 15:00:00 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004.05.13 20:13:40 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\dbodtr6.dll
[2004.05.13 20:12:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\dbextf50.dll
[2002.12.05 17:51:00 | 000,059,392 | R--- | C] () -- C:\WINDOWS\streamhlp.dll
[2002.03.21 13:51:52 | 000,503,808 | R--- | C] () -- C:\WINDOWS\System32\lt_xtrans.dll
[2002.03.21 13:51:52 | 000,286,720 | R--- | C] () -- C:\WINDOWS\System32\MrSIDD.dll
[2002.03.21 13:51:52 | 000,163,840 | R--- | C] () -- C:\WINDOWS\System32\lt_common.dll
[2002.03.21 13:51:52 | 000,126,976 | R--- | C] () -- C:\WINDOWS\System32\lt_trans.dll
[2002.03.21 13:51:52 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\lt_meta.dll
[2002.03.21 13:51:52 | 000,053,248 | R--- | C] () -- C:\WINDOWS\System32\lt_encrypt.dll
[2002.03.21 13:51:52 | 000,020,480 | R--- | C] () -- C:\WINDOWS\System32\lt_messagetext.dll
[2002.03.20 22:01:06 | 000,006,688 | R--- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrDA.dll
[2002.03.20 22:00:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\TransportIrCOMM.dll
========== LOP Check ==========
Re: prosím o kontrolu zamrzá mi počítač
[2007.09.03 00:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.09.05 22:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.07.01 20:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\APM TEC
[2010.07.23 19:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2007.12.10 20:11:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.02.21 21:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverCure
[2009.07.19 18:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.02.21 19:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[2010.09.02 22:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plugins
[2007.12.19 18:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.10.26 21:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2010.09.12 20:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.11.13 00:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.06.10 00:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2007.09.16 20:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ACD Systems
[2007.12.19 18:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Canon
[2010.09.05 22:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
[2009.02.21 19:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\DriverCure
[2008.07.03 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ
[2008.07.03 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ Toolbar
[2007.10.17 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\InfraRecorder
[2009.12.08 17:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\RaceChrono
[2007.12.19 18:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ScanSoft
[2009.07.06 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\SolwaySoftware
[2010.09.12 22:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Spyware Terminator
[2009.04.21 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Windows Live Writer
[2010.09.12 22:17:24 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7FCB6E37-681A-4DB5-907E-FA70A1D2661C}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2007.09.16 20:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ACD Systems
[2010.06.15 12:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Adobe
[2007.03.09 18:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\AdobeUM
[2009.11.19 19:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Avant Profiles
[2007.12.19 18:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Canon
[2010.09.05 22:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
[2007.03.07 03:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CyberLink
[2009.02.21 19:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\DriverCure
[2007.06.10 01:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Google
[2007.03.25 20:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Help
[2008.07.03 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ
[2008.07.03 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ Toolbar
[2007.03.07 02:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Identities
[2007.10.17 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\InfraRecorder
[2007.04.04 16:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia
[2010.08.25 19:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Malwarebytes
[2009.04.01 10:39:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft
[2007.03.14 20:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft Web Folders
[2008.02.29 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla
[2007.10.15 22:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Nero
[2009.12.08 17:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\RaceChrono
[2007.12.19 18:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ScanSoft
[2010.09.12 21:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Skype
[2010.09.12 19:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\skypePM
[2009.07.06 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\SolwaySoftware
[2010.09.12 22:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Spyware Terminator
[2008.07.09 21:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Ventrilo
[2009.04.21 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Windows Live Writer
< %APPDATA%\*.exe /s >
[2008.08.08 21:12:07 | 000,161,862 | R--- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft\Installer\{666719F9-64BA-4686-B7B4-D78DB41CB26C}\_09F601FE97616B7E8A5A93.exe
[2008.08.08 21:12:06 | 000,161,862 | R--- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft\Installer\{666719F9-64BA-4686-B7B4-D78DB41CB26C}\_AF5F6578C0992AF129B240.exe
< MD5 for: AGP440.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 15:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 15:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 15:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: GRPCONV.EXE >
[2004.08.18 15:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=00D0959D8792A594D2F4B4B61718583C -- C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe
[2008.04.14 05:22:24 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=7EEADACDB8053BEEFC6BE88E691A2BD2 -- C:\WINDOWS\ServicePackFiles\i386\grpconv.exe
[2008.04.14 05:22:24 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=7EEADACDB8053BEEFC6BE88E691A2BD2 -- C:\WINDOWS\system32\grpconv.exe
< MD5 for: HAL.DLL >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 15:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 15:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.06.28 11:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: SCECLI.DLL >
[2004.08.18 15:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 15:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 15:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 14:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 15:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 15:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 15:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 15:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 15:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.09.15 11:19:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.09.15 11:19:30 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.09.15 11:19:30 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0\0
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.12 21:29:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\nmp.log
[2010.09.12 21:29:32 | 000,191,471 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.09.12 21:29:23 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< >
< End of report >
[2010.09.05 22:46:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2008.07.01 20:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\APM TEC
[2010.07.23 19:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2007.12.10 20:11:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.02.21 21:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverCure
[2009.07.19 18:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.02.21 19:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
[2010.09.02 22:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plugins
[2007.12.19 18:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.10.26 21:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
[2010.09.12 20:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
[2009.11.13 00:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2007.06.10 00:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2007.09.16 20:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ACD Systems
[2007.12.19 18:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Canon
[2010.09.05 22:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
[2009.02.21 19:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\DriverCure
[2008.07.03 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ
[2008.07.03 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ Toolbar
[2007.10.17 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\InfraRecorder
[2009.12.08 17:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\RaceChrono
[2007.12.19 18:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ScanSoft
[2009.07.06 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\SolwaySoftware
[2010.09.12 22:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Spyware Terminator
[2009.04.21 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Windows Live Writer
[2010.09.12 22:17:24 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7FCB6E37-681A-4DB5-907E-FA70A1D2661C}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2007.09.16 20:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ACD Systems
[2010.06.15 12:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Adobe
[2007.03.09 18:41:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\AdobeUM
[2009.11.19 19:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Avant Profiles
[2007.12.19 18:19:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Canon
[2010.09.05 22:59:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CheckPoint
[2007.03.07 03:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\CyberLink
[2009.02.21 19:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\DriverCure
[2007.06.10 01:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Google
[2007.03.25 20:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Help
[2008.07.03 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ
[2008.07.03 20:18:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ICQ Toolbar
[2007.03.07 02:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Identities
[2007.10.17 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\InfraRecorder
[2007.04.04 16:17:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia
[2010.08.25 19:13:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Malwarebytes
[2009.04.01 10:39:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft
[2007.03.14 20:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft Web Folders
[2008.02.29 14:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Mozilla
[2007.10.15 22:49:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Nero
[2009.12.08 17:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\RaceChrono
[2007.12.19 18:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\ScanSoft
[2010.09.12 21:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Skype
[2010.09.12 19:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\skypePM
[2009.07.06 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\SolwaySoftware
[2010.09.12 22:11:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Spyware Terminator
[2008.07.09 21:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Ventrilo
[2009.04.21 23:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Windows Live Writer
< %APPDATA%\*.exe /s >
[2008.08.08 21:12:07 | 000,161,862 | R--- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft\Installer\{666719F9-64BA-4686-B7B4-D78DB41CB26C}\_09F601FE97616B7E8A5A93.exe
[2008.08.08 21:12:06 | 000,161,862 | R--- | M] () -- C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Microsoft\Installer\{666719F9-64BA-4686-B7B4-D78DB41CB26C}\_AF5F6578C0992AF129B240.exe
< MD5 for: AGP440.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 15:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 15:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 15:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 15:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 15:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 15:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: GRPCONV.EXE >
[2004.08.18 15:00:00 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=00D0959D8792A594D2F4B4B61718583C -- C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe
[2008.04.14 05:22:24 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=7EEADACDB8053BEEFC6BE88E691A2BD2 -- C:\WINDOWS\ServicePackFiles\i386\grpconv.exe
[2008.04.14 05:22:24 | 000,039,424 | ---- | M] (Microsoft Corporation) MD5=7EEADACDB8053BEEFC6BE88E691A2BD2 -- C:\WINDOWS\system32\grpconv.exe
< MD5 for: HAL.DLL >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 15:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 15:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.05.12 22:28:21 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 15:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 15:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 15:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.06.28 11:38:56 | 000,105,088 | R--- | M] (NVIDIA Corporation) MD5=9ECCD189A9554C30A0D18A429778C7BA -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: SCECLI.DLL >
[2004.08.18 15:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 15:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 15:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 14:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2007.10.30 19:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 15:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 15:18:36 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 15:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 15:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 15:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.09.15 11:19:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.09.15 11:19:30 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.09.15 11:19:30 | 000,479,232 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0\0
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.09.12 21:29:20 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\nmp.log
[2010.09.12 21:29:32 | 000,191,471 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2010.09.12 21:29:23 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< >
< End of report >
Re: prosím o kontrolu zamrzá mi počítač
OTL Extras logfile created on: 12.9.2010 22:17:22 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
959.00 Mb Total Physical Memory | 329.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 102.56 Gb Free Space | 68.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FLEXIO-82DE7A7E
Current User Name: Pavel Nezbeda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet 3] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 3\Fotolab Fotosvet 3.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40755BAA-75E1-4BD6-B553-0000000001100}" = Auto diagnostika - VIS
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{666719F9-64BA-4686-B7B4-D78DB41CB26C}" = Eraser XP
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9601039B-E012-42DA-9EF1-42E914734E1A}" = Windows Live Zabezpečení rodiny
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}" = ACDSee 5.0 Standard
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}" = honestech TVR
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"APM TEC" = APM TEC
"AvantBrowser" = Avant Browser (remove only)
"avast5" = avast! Free Antivirus
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVD Shrink_is1" = DVD Shrink 3.2
"DX-Ball 2 v1.25" = DX-Ball 2 v1.25
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fotolab Fotosvet 3" = Fotolab Fotosvet 3
"FTDICOMM" = FTDI USB Serial Converter Drivers
"Hardlock Device Drivers" = Hardlock Device Drivers
"High Quality Photo Resizer_is1" = High Quality Photo Resizer 4.20
"HijackThis" = HijackThis 2.0.2
"hp infomapa" = hp infomapa
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matematika na Divokém západě_is1" = Matematika na Divokém západě
"Mechanical Calculator_is1" = Mechanical Calculator 7 (7.4.2)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.9)" = Mozilla Firefox (2.0.0.9)
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MP Navigator 3.1" = Canon MP Navigator 3.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OBD-Czech" = OBD-Czech 1.8
"Registrace uživatele zařízení Canon MP140 series" = Registrace uživatele zařízení Canon MP140 series
"scaniaV8" = scaniaV8 Screen Saver
"Spyware Terminator_is1" = Spyware Terminator
"SZNToolbar" = Seznam Lištička
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.3.2010 16:02:06 | Computer Name = FLEXIO-82DE7A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
ntdll.dll, verze 5.1.2600.5755, adresa chyby 0x0001b21a.
Error - 31.3.2010 2:32:04 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SkypeSetup.exe, verze 4.2.0.155, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 20.4.2010 15:28:22 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 20.4.2010 16:52:10 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.5.2010 12:04:52 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.5.2010 18:03:45 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.5.2010 16:01:14 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 23.5.2010 7:35:32 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 30.5.2010 14:24:54 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.6.2010 4:00:43 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 11.9.2010 5:56:35 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 11.9.2010 16:43:34 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 11.9.2010 17:04:03 | Computer Name = FLEXIO-82DE7A7E | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{A8E2D872-782B-4C67-A368-C07BB5FFF326}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 11.9.2010 18:18:42 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 6:01:40 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 7:59:08 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 13:37:58 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 13:57:33 | Computer Name = FLEXIO-82DE7A7E | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{A8E2D872-782B-4C67-A368-C07BB5FFF326}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 12.9.2010 15:29:17 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 15:33:02 | Computer Name = FLEXIO-82DE7A7E | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{A8E2D872-782B-4C67-A368-C07BB5FFF326}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
< End of report >
OTL by OldTimer - Version 3.2.12.0 Folder = C:\download
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
959.00 Mb Total Physical Memory | 329.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149.05 Gb Total Space | 102.56 Gb Free Space | 68.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: FLEXIO-82DE7A7E
Current User Name: Pavel Nezbeda
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-3708382433-2616752542-1993103675-1007\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet 3] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 3\Fotolab Fotosvet 3.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00020405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Standard
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series" = Canon MP140 series
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40755BAA-75E1-4BD6-B553-0000000001100}" = Auto diagnostika - VIS
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{666719F9-64BA-4686-B7B4-D78DB41CB26C}" = Eraser XP
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9601039B-E012-42DA-9EF1-42E914734E1A}" = Windows Live Zabezpečení rodiny
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF5E8D43-49AD-4BE7-A941-2BB0A8CACA62}" = ACDSee 5.0 Standard
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE27845A-6438-4DCF-AE3D-44EC96CB31CA}" = honestech TVR
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"APM TEC" = APM TEC
"AvantBrowser" = Avant Browser (remove only)
"avast5" = avast! Free Antivirus
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVD Shrink_is1" = DVD Shrink 3.2
"DX-Ball 2 v1.25" = DX-Ball 2 v1.25
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fotolab Fotosvet 3" = Fotolab Fotosvet 3
"FTDICOMM" = FTDI USB Serial Converter Drivers
"Hardlock Device Drivers" = Hardlock Device Drivers
"High Quality Photo Resizer_is1" = High Quality Photo Resizer 4.20
"HijackThis" = HijackThis 2.0.2
"hp infomapa" = hp infomapa
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Matematika na Divokém západě_is1" = Matematika na Divokém západě
"Mechanical Calculator_is1" = Mechanical Calculator 7 (7.4.2)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (2.0.0.9)" = Mozilla Firefox (2.0.0.9)
"Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1)
"MP Navigator 3.1" = Canon MP Navigator 3.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OBD-Czech" = OBD-Czech 1.8
"Registrace uživatele zařízení Canon MP140 series" = Registrace uživatele zařízení Canon MP140 series
"scaniaV8" = scaniaV8 Screen Saver
"Spyware Terminator_is1" = Spyware Terminator
"SZNToolbar" = Seznam Lištička
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.3.2010 16:02:06 | Computer Name = FLEXIO-82DE7A7E | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
ntdll.dll, verze 5.1.2600.5755, adresa chyby 0x0001b21a.
Error - 31.3.2010 2:32:04 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SkypeSetup.exe, verze 4.2.0.155, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 20.4.2010 15:28:22 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 20.4.2010 16:52:10 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.5.2010 12:04:52 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.5.2010 18:03:45 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 16.5.2010 16:01:14 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 23.5.2010 7:35:32 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 30.5.2010 14:24:54 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 5.6.2010 4:00:43 | Computer Name = FLEXIO-82DE7A7E | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 11.9.2010 5:56:35 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 11.9.2010 16:43:34 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 11.9.2010 17:04:03 | Computer Name = FLEXIO-82DE7A7E | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{A8E2D872-782B-4C67-A368-C07BB5FFF326}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 11.9.2010 18:18:42 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 6:01:40 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 7:59:08 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 13:37:58 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 13:57:33 | Computer Name = FLEXIO-82DE7A7E | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{A8E2D872-782B-4C67-A368-C07BB5FFF326}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 12.9.2010 15:29:17 | Computer Name = FLEXIO-82DE7A7E | Source = Service Control Manager | ID = 7000
Description = Služba Plánovač automatické aktualizace LiveUpdate neuspěla při spuštění
v důsledku následující chyby: %%3
Error - 12.9.2010 15:33:02 | Computer Name = FLEXIO-82DE7A7E | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{A8E2D872-782B-4C67-A368-C07BB5FFF326}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu zamrzá mi počítač
iexplore.exe ve správci úloh má 95- 99 % CPU , když jsem dal ukončit proces tak se objeví varování , ale po odsouhlasení se nic neděje
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu zamrzá mi počítač
přeinstalováno a uvidíme
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu zamrzá mi počítač
tak je to pořád stejné 
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu zamrzá mi počítač
jestli neodvírám zavirované stránky mě napadlo , ale je to pokaždé jinde , ale zjistil jsem že pokud dám kontrolu terminátorem po zamrznutí , dá tuto detekci :
Logfile of Spyware Terminator v2.6.4.165 (db:4.009.014.000)
Scan Time: 14.9.2010 19:24:29 length: 4555 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 36113 (Critical:6)
Filter: No System items, No Safe items, No Invalid items
Running Processes
crypserv.exe [Kenonic Controls Ltd.] : C:\WINDOWS\system32\crypserv.exe
apache.exe [Apache Software Foundation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
apache.exe [Apache Software Foundation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
NBService.exe [Nero AG] : C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
nSvcLog.exe [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
SeaPort.exe [Microsoft Corporation] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
nSvcIp.exe [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
OpwareSE4.exe [Nuance Communications, Inc.] : C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
wltuser.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltuser.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - [Conduit Ltd.] : C:\Program Files\ZoneAlarm\tbZone.dll
02 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - [Microsoft Corporation] : C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
02 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
Toolbars
03 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - [Seznam.cz a.s.] : C:\Program Files\Seznam\Listicka\Toolbar.dll
03 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
03 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - [Conduit Ltd.] : C:\Program Files\ZoneAlarm\tbZone.dll
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SkyTel : [Realtek Semiconductor Corp.] : C:\WINDOWS\SkyTel.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, OpwareSE4 : [Nuance Communications, Inc.] : C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
04 - Startup: %STARTUPALL%\Microsoft Office.lnk [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office\OSA9.EXE
Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
Rozšíření ikon souborů aplikace Outlook - {0006F045-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office\OLKFSTUB.DLL
NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [Philips Semiconductors] : C:\WINDOWS\system32\DRIVERS\SAA713x.sys
23 - [Kenonic Controls Ltd.] : C:\WINDOWS\system32\crypserv.exe
23 - [Apache Software Foundation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
23 - [Aladdin Knowledge Systems Ltd.] : C:\WINDOWS\system32\drivers\hardlock.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [Windows (R) Codename Longhorn DDK provider] : C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
23 - [Nero AG] : C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
23 - : C:\WINDOWS\system32\ckldrv.sys
23 - [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
23 - [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvata.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23 - [Microsoft Corporation] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23 - [Crawler.com] : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
23 - [Philips Semiconductors] : C:\WINDOWS\system32\drivers\WDMTuner.sys
IE URL Search Hooks
ZoneAlarm Toolbar - {{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}} - [Conduit Ltd.] : C:\Program Files\ZoneAlarm\tbZone.dll
Threat Files
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\go.eu.bbelements.com\flash\bbnaut.swf\user_data.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\img.livejasmin.com\wmtr.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\members.livejasmin.com\wmtr.sol
Advanced Files Report
%PROGRAMFILES%\ScanSoft\OmniPageSE4\OpHookSE4.dll [Nuance Communications, Inc.] [OmniPage] MD5=FBA22C413FE8B13BA49D7535174DDBEF SIZE=139264
%SYSDIR%\CNMLM8R.DLL [CANON INC.] [Canon IJ Printer Driver] MD5=4320321B701D4394D24512808913D1B8 SIZE=216064
%SYSDIR%\spool\PRTPROCS\W32X86\CNMPD8R.DLL [CANON INC.] [Canon IJ Printer Driver] MD5=87193FF024AA3FECF574567A90DE082E SIZE=27136
%SYSDIR%\crypserv.exe [Kenonic Controls Ltd.] [CrypKey Software Licensing System] MD5=85A6662B5F12B84D599A74119F04B381 SIZE=52224
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [Apache Software Foundation] [Apache HTTP Server] MD5=B81F8778F5BB485F3B75114F0C99A49F SIZE=20543
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll [Apache Software Foundation] [Apache Portable Runtime] MD5=005FF09CE9462BFA9002803654D4849F SIZE=127050
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll [Apache Software Foundation] [Apache Portable Runtime] MD5=365F65E70F5381162D085E7F6C2EEC32 SIZE=168019
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll [Apache Software Foundation] [Apache Portable Runtime] MD5=2783E1EC4E115F358F5430B30C6A7923 SIZE=36949
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll [Apache Software Foundation] [Apache HTTP Server] MD5=A9A473A7024E043CE5C3A1115E892ABE SIZE=254017
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so [Apache Software Foundation] [Apache HTTP Server] MD5=D3AEA2F00B256AD5E8BA4D70369058C9 SIZE=24655
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so [Apache Software Foundation] [Apache HTTP Server] MD5=0C1304AE6FA935F224CFCFE71C2E53ED SIZE=24660
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so [Apache Software Foundation] [Apache HTTP Server] MD5=60A2F365067028125F4BA35141750AED SIZE=24658
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so MD5=14A9876B2F4F62C6D482485CB86D87A8 SIZE=24691
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll [NVIDIA] [NVIDIA nv_common] MD5=32E0DA15BF9638038A29DF5671B75FB6 SIZE=135168
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so [Apache Software Foundation] [Apache HTTP Server] MD5=BA73A91F92D7BD1B7577B0BA0F8FF9E7 SIZE=28755
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so [Apache Software Foundation] [Apache HTTP Server] MD5=B34FB7A0356DB0D8300BD637AB215CFE SIZE=24657
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so [Apache Software Foundation] [Apache HTTP Server] MD5=08FBB23C474856B47C1159E64D95B6DA SIZE=24661
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so [Apache Software Foundation] [Apache HTTP Server] MD5=50F2981213F32D6AA1E2413DCDF42937 SIZE=24661
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so [Apache Software Foundation] [Apache HTTP Server] MD5=D1A6BC81ECC9CE4B162CE14C719D8477 SIZE=41044
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so [Apache Software Foundation] [Apache HTTP Server] MD5=B3E4A89017B115AB1B5850C3C8BA040E SIZE=28759
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so [Apache Software Foundation] [Apache HTTP Server] MD5=C555E1125C522E972626047C6779FCCF SIZE=28750
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so [Apache Software Foundation] [Apache HTTP Server] MD5=8E4B76FB33783B1EB3DA4972F5D67FA3 SIZE=36952
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so [Apache Software Foundation] [Apache HTTP Server] MD5=29EF46651B3F3DB9A25A8B14FF396607 SIZE=57428
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so [Apache Software Foundation] [Apache HTTP Server] MD5=790D834C8C67305FD2CABF94F2A0BB0C SIZE=24662
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so [Apache Software Foundation] [Apache HTTP Server] MD5=F9D1BA2B90A4C987E1017CA485FE0167 SIZE=118854
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll MD5=40DFD54076168CAA1FBC95C1574A34FA SIZE=159744
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll MD5=38B0B1F97E2DD8AFA73D36265A8A9C28 SIZE=876544
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NBService.exe [Nero AG] [Nero BackItUp] MD5=6D4028D458EAAA1782099750790DC8C9 SIZE=853288
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NB.dll [Nero AG] [Nero BackItUp] MD5=B098131FABCF4206C29B734D0F0E4E5B SIZE=1013032
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NeroAPIGlueLayerUnicode.dll [Nero AG] [NeroAPIGlueLayerUnicode] MD5=DC055E6B4E990A725AA2CB029342B0FD SIZE=140584
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\LBFC.dll [Nero AG] [Nero BackItUp] MD5=6CB002DF7BCF862C6B28E874E28F7AF7 SIZE=410920
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NBHDMgr.dll [Nero AG] [Nero BackItUp] MD5=EEBBE5C90A51E0B9D8AB675A739F81AD SIZE=566568
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [NVIDIA Corporation] [Network Access Manager] MD5=EE0F4D3E3FD2B5DACF7EEDDDBB243973 SIZE=65599
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll [NVIDIA] [NVIDIA nv_common] MD5=32E0DA15BF9638038A29DF5671B75FB6 SIZE=135168
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll [NVIDIA Corporation] [NVIDIA ForceWare Network Access Manager] MD5=BBCE9EC41E0F5A361017D9FC15F209F1 SIZE=425984
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=4533CE2997C238F0766B97BAFEF437E1 SIZE=475136
%PROGRAMFILES%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [Microsoft Corporation] [Microsoft Search Enhancement Pack] MD5=271077B91D7AD1B616F8AFDFE8E3F981 SIZE=240512
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [NVIDIA Corporation] [ActiveArmor Firewall] MD5=ADC2D25754F8CA371AFF9644B8EAA681 SIZE=131131
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll [NVIDIA] [NVIDIA nv_common_firewall] MD5=94E8A179963027D69EC4EB44A566FF10 SIZE=81920
%SYSDIR%\NVRSCS.DLL [NVIDIA Corporation] [NVIDIA Compatible Windows 2000 Display driver, Version 178.13] MD5=1E638FE74A8C370B37D4F5E46A5B4D19 SIZE=245760
%PROGRAMFILES%\Windows Live\Toolbar\wltuser.exe [Microsoft Corporation] [Windows Live Toolbar] MD5=731F05B5C01B3CA9B813561C0B90E722 SIZE=224632
%PROGRAMFILES%\Skype\Toolbars\Shared\SkypePnr.dll [Skype Technologies S.A.] [Skype Toolbars] MD5=30E95F087E834A665E7F43823EF81939 SIZE=3929384
%SYSDIR%\Macromed\Flash\Flash10h.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=F366D1694E4D244A73F4E52817C38D5B SIZE=5712336
%PROGRAMFILES%\Microsoft Silverlight\4.0.50826.0\npctrl.dll [Microsoft Corporation] [Silverlight Plug-In] MD5=D6E82FC927EF412C34012A342FE71980 SIZE=1023816
%PROGRAMFILES%\Microsoft Office\Office\OSA9.EXE [Microsoft Corporation] [Microsoft Office 2000] MD5=BF06ECF369885BCEC58E2D9804E1053B SIZE=65588
deskpan.dll
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 120.64] MD5=AAE353663BB47F80064AFE81482B6920 SIZE=466944
%PROGRAMFILES%\Microsoft Office\Office\OLKFSTUB.DLL [Microsoft Corporation] [Microsoft Outlook] MD5=EEA73A886C870FE0E8D55A9633B4FF2D SIZE=49202
%COMMONFILES%\Nero\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=781BBA40EC7C39F44FD3DC32B074F18D SIZE=1803560
%PROGRAMFILES%\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=ECFEBF7B6958D610F7CFAB8DBF9E028F SIZE=2106664
%PROGRAMFILES%\WinZip\WZSHLSTB.DLL [WinZip Computing LP] [WinZip] MD5=E819E2D346B943F9562436E1ABB50EAE SIZE=5120
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=59A5278FE5651900DBD5762E604E7545 SIZE=791392
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=3B52BE4CAC867A0A7E402AB00712D2D0 SIZE=231304
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=38E8F4ADC13A4634E6EB73AA384B793A SIZE=43912
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Windows Live® Fotogalerie] MD5=73BF3070549E075D5A6318729E3F9BD0 SIZE=139144
%SYSDIR%\DRIVERS\SAA713x.sys [Philips Semiconductors] [SAA713x TV Card] MD5=9F08D38B3E255F5BBB97AD3936425FAF SIZE=289280
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\drivers\hardlock.sys [Aladdin Knowledge Systems Ltd.] [Hardlock Device Driver for Windows NT] MD5=C1CC0C9742B881C42F1CC628E6F9EBD1 SIZE=685056
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=909D03B3B7FB7C830B74F74F4D0EA7CE SIZE=4304384
%SYSDIR%\DRIVERS\KMWDFILTER.sys [Windows (R) Codename Longhorn DDK provider] [Windows (R) Codename Longhorn DDK driver] MD5=566C5FD480FDBCE3BA5CF9FBCFFAEA9A SIZE=17408
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\ckldrv.sys MD5=AAD4636F8F670CD2B8D394ADEC920B5D SIZE=24608
%SYSDIR%\DRIVERS\nvata.sys [NVIDIA Corporation] [NVIDIA nForce(TM) IDE Driver] MD5=9ECCD189A9554C30A0D18A429778C7BA SIZE=105088
%SYSDIR%\DRIVERS\NVENETFD.sys [NVIDIA Corporation] [NVENETFD] MD5=4D6F0D3FB17C1BA64942F415C73ADCDB SIZE=57856
%SYSDIR%\DRIVERS\nvnetbus.sys [NVIDIA Corporation] [NVNETBUS] MD5=921E63AA1E1A20302223D016ACAFB52B SIZE=20480
%SYSDIR%\svchost -k rpcss
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\ZoneLabs\vsmon.exe -service
%SYSDIR%\drivers\WDMTuner.sys [Philips Semiconductors] [TV Card] MD5=C422F2EBED42889E3E918B72645EDCEA SIZE=26880
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=4BE65CE9440542F617CDA4ECF8867FBF SIZE=62304
End of Report
Logfile of Spyware Terminator v2.6.4.165 (db:4.009.014.000)
Scan Time: 14.9.2010 19:24:29 length: 4555 s
Platform: WXP (5.1.0.2600)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 36113 (Critical:6)
Filter: No System items, No Safe items, No Invalid items
Running Processes
crypserv.exe [Kenonic Controls Ltd.] : C:\WINDOWS\system32\crypserv.exe
apache.exe [Apache Software Foundation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
apache.exe [Apache Software Foundation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
NBService.exe [Nero AG] : C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
nSvcLog.exe [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
SeaPort.exe [Microsoft Corporation] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
nSvcIp.exe [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
OpwareSE4.exe [Nuance Communications, Inc.] : C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
wltuser.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltuser.exe
Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =
BHO
02 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - [Conduit Ltd.] : C:\Program Files\ZoneAlarm\tbZone.dll
02 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - [Microsoft Corporation] : C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
02 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
Toolbars
03 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - [Seznam.cz a.s.] : C:\Program Files\Seznam\Listicka\Toolbar.dll
03 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
03 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - [Conduit Ltd.] : C:\Program Files\ZoneAlarm\tbZone.dll
StartUps
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SkyTel : [Realtek Semiconductor Corp.] : C:\WINDOWS\SkyTel.EXE
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, OpwareSE4 : [Nuance Communications, Inc.] : C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
04 - Startup: %STARTUPALL%\Microsoft Office.lnk [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office\OSA9.EXE
Shell Extensions
Desktop Explorer - {1CDB2949-8F65-4355-8456-263E7C208A5D} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
- {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
nView Desktop Context Menu - {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - [NVIDIA Corporation] : C:\WINDOWS\system32\nvshell.dll
Rozšíření ikon souborů aplikace Outlook - {0006F045-0000-0000-C000-000000000046} - [Microsoft Corporation] : C:\Program Files\Microsoft Office\Office\OLKFSTUB.DLL
NeroDigitalIconHandler Class - {B327765E-D724-4347-8B16-78AE18552FC3} - [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
NeroDigitalPropSheetHandler Class - {7F1CF152-04F8-453A-B34C-E609530A9DC8} - [Nero AG] : C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
WinZip - {E0D79304-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79305-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79306-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
WinZip - {E0D79307-84BE-11CE-9641-444553540000} - [WinZip Computing LP] : C:\Program Files\WinZip\WZSHLSTB.DLL
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
Services
23 - [Philips Semiconductors] : C:\WINDOWS\system32\DRIVERS\SAA713x.sys
23 - [Kenonic Controls Ltd.] : C:\WINDOWS\system32\crypserv.exe
23 - [Apache Software Foundation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
23 - [Aladdin Knowledge Systems Ltd.] : C:\WINDOWS\system32\drivers\hardlock.sys
23 - [Realtek Semiconductor Corp.] : C:\WINDOWS\system32\drivers\RtkHDAud.sys
23 - [Windows (R) Codename Longhorn DDK provider] : C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys
23 - [Nero AG] : C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
23 - : C:\WINDOWS\system32\ckldrv.sys
23 - [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
23 - [NVIDIA Corporation] : C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvata.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23 - [NVIDIA Corporation] : C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23 - [Microsoft Corporation] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23 - [Crawler.com] : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
23 - [Philips Semiconductors] : C:\WINDOWS\system32\drivers\WDMTuner.sys
IE URL Search Hooks
ZoneAlarm Toolbar - {{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}} - [Conduit Ltd.] : C:\Program Files\ZoneAlarm\tbZone.dll
Threat Files
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\go.eu.bbelements.com\flash\bbnaut.swf\user_data.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\img.livejasmin.com\wmtr.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\members.livejasmin.com\wmtr.sol
Advanced Files Report
%PROGRAMFILES%\ScanSoft\OmniPageSE4\OpHookSE4.dll [Nuance Communications, Inc.] [OmniPage] MD5=FBA22C413FE8B13BA49D7535174DDBEF SIZE=139264
%SYSDIR%\CNMLM8R.DLL [CANON INC.] [Canon IJ Printer Driver] MD5=4320321B701D4394D24512808913D1B8 SIZE=216064
%SYSDIR%\spool\PRTPROCS\W32X86\CNMPD8R.DLL [CANON INC.] [Canon IJ Printer Driver] MD5=87193FF024AA3FECF574567A90DE082E SIZE=27136
%SYSDIR%\crypserv.exe [Kenonic Controls Ltd.] [CrypKey Software Licensing System] MD5=85A6662B5F12B84D599A74119F04B381 SIZE=52224
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [Apache Software Foundation] [Apache HTTP Server] MD5=B81F8778F5BB485F3B75114F0C99A49F SIZE=20543
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapr.dll [Apache Software Foundation] [Apache Portable Runtime] MD5=005FF09CE9462BFA9002803654D4849F SIZE=127050
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libaprutil.dll [Apache Software Foundation] [Apache Portable Runtime] MD5=365F65E70F5381162D085E7F6C2EEC32 SIZE=168019
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libapriconv.dll [Apache Software Foundation] [Apache Portable Runtime] MD5=2783E1EC4E115F358F5430B30C6A7923 SIZE=36949
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libhttpd.dll [Apache Software Foundation] [Apache HTTP Server] MD5=A9A473A7024E043CE5C3A1115E892ABE SIZE=254017
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_access.so [Apache Software Foundation] [Apache HTTP Server] MD5=D3AEA2F00B256AD5E8BA4D70369058C9 SIZE=24655
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_actions.so [Apache Software Foundation] [Apache HTTP Server] MD5=0C1304AE6FA935F224CFCFE71C2E53ED SIZE=24660
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_alias.so [Apache Software Foundation] [Apache HTTP Server] MD5=60A2F365067028125F4BA35141750AED SIZE=24658
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so MD5=14A9876B2F4F62C6D482485CB86D87A8 SIZE=24691
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\nv_common.dll [NVIDIA] [NVIDIA nv_common] MD5=32E0DA15BF9638038A29DF5671B75FB6 SIZE=135168
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_cgi.so [Apache Software Foundation] [Apache HTTP Server] MD5=BA73A91F92D7BD1B7577B0BA0F8FF9E7 SIZE=28755
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_env.so [Apache Software Foundation] [Apache HTTP Server] MD5=B34FB7A0356DB0D8300BD637AB215CFE SIZE=24657
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_expires.so [Apache Software Foundation] [Apache HTTP Server] MD5=08FBB23C474856B47C1159E64D95B6DA SIZE=24661
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_headers.so [Apache Software Foundation] [Apache HTTP Server] MD5=50F2981213F32D6AA1E2413DCDF42937 SIZE=24661
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_include.so [Apache Software Foundation] [Apache HTTP Server] MD5=D1A6BC81ECC9CE4B162CE14C719D8477 SIZE=41044
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_log_config.so [Apache Software Foundation] [Apache HTTP Server] MD5=B3E4A89017B115AB1B5850C3C8BA040E SIZE=28759
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_mime.so [Apache Software Foundation] [Apache HTTP Server] MD5=C555E1125C522E972626047C6779FCCF SIZE=28750
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_negotiation.so [Apache Software Foundation] [Apache HTTP Server] MD5=8E4B76FB33783B1EB3DA4972F5D67FA3 SIZE=36952
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_rewrite.so [Apache Software Foundation] [Apache HTTP Server] MD5=29EF46651B3F3DB9A25A8B14FF396607 SIZE=57428
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_setenvif.so [Apache Software Foundation] [Apache HTTP Server] MD5=790D834C8C67305FD2CABF94F2A0BB0C SIZE=24662
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_ssl.so [Apache Software Foundation] [Apache HTTP Server] MD5=F9D1BA2B90A4C987E1017CA485FE0167 SIZE=118854
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\SSLEAY32.dll MD5=40DFD54076168CAA1FBC95C1574A34FA SIZE=159744
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\LIBEAY32.dll MD5=38B0B1F97E2DD8AFA73D36265A8A9C28 SIZE=876544
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NBService.exe [Nero AG] [Nero BackItUp] MD5=6D4028D458EAAA1782099750790DC8C9 SIZE=853288
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NB.dll [Nero AG] [Nero BackItUp] MD5=B098131FABCF4206C29B734D0F0E4E5B SIZE=1013032
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NeroAPIGlueLayerUnicode.dll [Nero AG] [NeroAPIGlueLayerUnicode] MD5=DC055E6B4E990A725AA2CB029342B0FD SIZE=140584
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\LBFC.dll [Nero AG] [Nero BackItUp] MD5=6CB002DF7BCF862C6B28E874E28F7AF7 SIZE=410920
%PROGRAMFILES%\Nero\Nero8\Nero BackItUp\NBHDMgr.dll [Nero AG] [Nero BackItUp] MD5=EEBBE5C90A51E0B9D8AB675A739F81AD SIZE=566568
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [NVIDIA Corporation] [Network Access Manager] MD5=EE0F4D3E3FD2B5DACF7EEDDDBB243973 SIZE=65599
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nv_common.dll [NVIDIA] [NVIDIA nv_common] MD5=32E0DA15BF9638038A29DF5671B75FB6 SIZE=135168
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\NMI.dll [NVIDIA Corporation] [NVIDIA ForceWare Network Access Manager] MD5=BBCE9EC41E0F5A361017D9FC15F209F1 SIZE=425984
%SYSDIR%\nvapi.dll [NVIDIA Corporation] [NVIDIA Windows drivers] MD5=4533CE2997C238F0766B97BAFEF437E1 SIZE=475136
%PROGRAMFILES%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [Microsoft Corporation] [Microsoft Search Enhancement Pack] MD5=271077B91D7AD1B616F8AFDFE8E3F981 SIZE=240512
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [NVIDIA Corporation] [ActiveArmor Firewall] MD5=ADC2D25754F8CA371AFF9644B8EAA681 SIZE=131131
%PROGRAMFILES%\NVIDIA Corporation\NetworkAccessManager\bin\nv_common_firewall.dll [NVIDIA] [NVIDIA nv_common_firewall] MD5=94E8A179963027D69EC4EB44A566FF10 SIZE=81920
%SYSDIR%\NVRSCS.DLL [NVIDIA Corporation] [NVIDIA Compatible Windows 2000 Display driver, Version 178.13] MD5=1E638FE74A8C370B37D4F5E46A5B4D19 SIZE=245760
%PROGRAMFILES%\Windows Live\Toolbar\wltuser.exe [Microsoft Corporation] [Windows Live Toolbar] MD5=731F05B5C01B3CA9B813561C0B90E722 SIZE=224632
%PROGRAMFILES%\Skype\Toolbars\Shared\SkypePnr.dll [Skype Technologies S.A.] [Skype Toolbars] MD5=30E95F087E834A665E7F43823EF81939 SIZE=3929384
%SYSDIR%\Macromed\Flash\Flash10h.ocx [Adobe Systems, Inc.] [Shockwave Flash] MD5=F366D1694E4D244A73F4E52817C38D5B SIZE=5712336
%PROGRAMFILES%\Microsoft Silverlight\4.0.50826.0\npctrl.dll [Microsoft Corporation] [Silverlight Plug-In] MD5=D6E82FC927EF412C34012A342FE71980 SIZE=1023816
%PROGRAMFILES%\Microsoft Office\Office\OSA9.EXE [Microsoft Corporation] [Microsoft Office 2000] MD5=BF06ECF369885BCEC58E2D9804E1053B SIZE=65588
deskpan.dll
%SYSDIR%\nvshell.dll [NVIDIA Corporation] [NVIDIA Desktop Explorer, Version 120.64] MD5=AAE353663BB47F80064AFE81482B6920 SIZE=466944
%PROGRAMFILES%\Microsoft Office\Office\OLKFSTUB.DLL [Microsoft Corporation] [Microsoft Outlook] MD5=EEA73A886C870FE0E8D55A9633B4FF2D SIZE=49202
%COMMONFILES%\Nero\Lib\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=781BBA40EC7C39F44FD3DC32B074F18D SIZE=1803560
%PROGRAMFILES%\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=ECFEBF7B6958D610F7CFAB8DBF9E028F SIZE=2106664
%PROGRAMFILES%\WinZip\WZSHLSTB.DLL [WinZip Computing LP] [WinZip] MD5=E819E2D346B943F9562436E1ABB50EAE SIZE=5120
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=59A5278FE5651900DBD5762E604E7545 SIZE=791392
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=3B52BE4CAC867A0A7E402AB00712D2D0 SIZE=231304
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=38E8F4ADC13A4634E6EB73AA384B793A SIZE=43912
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Windows Live® Fotogalerie] MD5=73BF3070549E075D5A6318729E3F9BD0 SIZE=139144
%SYSDIR%\DRIVERS\SAA713x.sys [Philips Semiconductors] [SAA713x TV Card] MD5=9F08D38B3E255F5BBB97AD3936425FAF SIZE=289280
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost -k DcomLaunch
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\drivers\hardlock.sys [Aladdin Knowledge Systems Ltd.] [Hardlock Device Driver for Windows NT] MD5=C1CC0C9742B881C42F1CC628E6F9EBD1 SIZE=685056
%SYSDIR%\drivers\RtkHDAud.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver (HRTF data Copyright 1994 by MIT Media Lab)] MD5=909D03B3B7FB7C830B74F74F4D0EA7CE SIZE=4304384
%SYSDIR%\DRIVERS\KMWDFILTER.sys [Windows (R) Codename Longhorn DDK provider] [Windows (R) Codename Longhorn DDK driver] MD5=566C5FD480FDBCE3BA5CF9FBCFFAEA9A SIZE=17408
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\ckldrv.sys MD5=AAD4636F8F670CD2B8D394ADEC920B5D SIZE=24608
%SYSDIR%\DRIVERS\nvata.sys [NVIDIA Corporation] [NVIDIA nForce(TM) IDE Driver] MD5=9ECCD189A9554C30A0D18A429778C7BA SIZE=105088
%SYSDIR%\DRIVERS\NVENETFD.sys [NVIDIA Corporation] [NVENETFD] MD5=4D6F0D3FB17C1BA64942F415C73ADCDB SIZE=57856
%SYSDIR%\DRIVERS\nvnetbus.sys [NVIDIA Corporation] [NVNETBUS] MD5=921E63AA1E1A20302223D016ACAFB52B SIZE=20480
%SYSDIR%\svchost -k rpcss
%SYSDIR%\drivers\sp_rsdrv2.sys [Crawler.com] [Spyware Terminator] MD5=8831252BCF05FCFB5ABD116A22E552D8 SIZE=142592
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\ZoneLabs\vsmon.exe -service
%SYSDIR%\drivers\WDMTuner.sys [Philips Semiconductors] [TV Card] MD5=C422F2EBED42889E3E918B72645EDCEA SIZE=26880
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=4BE65CE9440542F617CDA4ECF8867FBF SIZE=62304
End of Report
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu zamrzá mi počítač
Myslel jsem např. nějakou flash aplikaci atp. Log ze ST je v pořádku.
Re: prosím o kontrolu zamrzá mi počítač
většinou při kliknutí na odkaz nebo při odevření další záložky , naposled se to stalo když jsem klikl na seznamu na novinky.cz , ST označí toto za škodliví softver a nabídne buďto karanténu nebo odstranění , po kliknutí se ještě zeptá jestli to chci odstranit pomocí ST :
Threat Files
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\go.eu.bbelements.com\flash\bbnaut.swf\user_data.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\img.livejasmin.com\wmtr.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\members.livejasmin.com\wmtr.sol
Threat Files
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\go.eu.bbelements.com\flash\bbnaut.swf\user_data.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\img.livejasmin.com\wmtr.sol
<Tracking Flash Shared Objects> : C:\Documents and Settings\Pavel Nezbeda\Data aplikací\Macromedia\Flash Player\#SharedObjects\KRX8C7FV\members.livejasmin.com\wmtr.sol
Přispějete na provoz fóra?