VIRY.CZ

Mam problem se spoustenim ruznych souboru a ted mi dokonce zacala blbnout grafika


Logfile of random's system information tool 1.06 (written by random/random)
Run by Honza at 2010-04-26 17:49:29
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 37 GB (48%) free of 76 GB
Total RAM: 1535 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:49:49, on 26.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QIP\qip.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Honza\Plocha\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [NvRegisterMCTrayNview] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvMCRegisterApp c:\progra~1\NVIDIA~1\nview\nView.dll
O4 - HKLM\..\RunOnce: [NvRegisterMCTray] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvMCRegisterApp C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\RunOnce: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3137 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"=sstray.exe /r []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NvRegisterMCTrayNview"=C:\WINDOWS\system32\NVMCTRAY.DLL [2010-04-03 110696]
"NvRegisterMCTray"=C:\WINDOWS\system32\NVMCTRAY.DLL [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Hry\World of Warcraft\Repair.exe"="C:\Hry\World of Warcraft\Repair.exe:*:Enabled:Repair"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{612ed953-4adc-11df-a829-000c761d01c1}]
shell\AutoRun\command - G:\POZNAO///kazemzdravo.exe
shell\open\command - G:\POZNAO///kazemzdravo.exe


======List of files/folders created in the last 1 months======

2010-04-26 17:49:30 ----D---- C:\Program Files\trend micro
2010-04-26 17:49:29 ----D---- C:\rsit
2010-04-26 17:47:38 ----SHD---- C:\Config.Msi
2010-04-26 17:42:59 ----A---- C:\WINDOWS\system32\SET4B7.tmp
2010-04-26 17:42:59 ----A---- C:\WINDOWS\system32\SET4A5.tmp
2010-04-26 17:42:59 ----A---- C:\WINDOWS\system32\SET4A2.tmp
2010-04-26 17:27:57 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-04-26 17:27:57 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-04-26 17:27:56 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-04-26 17:27:56 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-04-26 17:27:55 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-26 17:27:55 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-26 17:27:54 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-26 17:27:53 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-26 17:27:53 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-26 17:27:53 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-26 17:27:52 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-26 17:27:51 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-26 17:27:51 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-26 17:27:51 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-26 17:27:50 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-26 17:27:50 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-26 17:27:50 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-26 17:27:49 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-26 17:27:49 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-26 17:27:49 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-26 17:27:48 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-26 17:27:47 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-26 17:27:47 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-26 17:27:47 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-26 17:27:47 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-26 17:27:46 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-26 17:27:46 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-26 17:27:45 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-26 17:27:45 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-26 17:27:45 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-26 17:27:44 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-26 17:27:44 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-26 17:27:44 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-04-26 17:27:43 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-26 17:27:43 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-26 17:27:42 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-26 17:27:42 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-26 17:27:42 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-26 17:27:41 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-26 17:27:40 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-26 17:27:40 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-26 17:27:39 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-26 17:27:39 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-26 17:27:39 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-26 17:27:38 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-26 17:27:37 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-26 17:27:37 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-26 17:27:37 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-26 17:27:36 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-26 17:27:35 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-26 17:27:35 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-26 17:27:35 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-26 17:27:34 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-04-26 17:27:34 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-04-26 17:27:33 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-04-26 17:27:33 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-04-26 17:27:33 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-04-26 17:27:33 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-04-26 17:27:32 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-04-26 17:27:31 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-04-26 17:27:31 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-04-26 17:27:30 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-04-26 17:27:29 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-04-26 17:27:29 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-04-26 17:27:28 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-04-26 17:27:28 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-04-26 17:27:28 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-04-26 17:27:28 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-04-26 17:27:27 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-04-26 17:27:27 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-04-26 17:27:27 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-04-26 17:27:27 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-04-26 17:27:26 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-04-26 17:27:26 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-04-26 17:27:25 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-04-26 17:27:25 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-04-26 17:27:25 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-04-26 17:27:24 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-04-26 17:27:24 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-04-26 17:27:23 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-04-26 17:27:23 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-04-26 17:27:23 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-04-26 17:27:22 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-04-26 17:26:42 ----D---- C:\WINDOWS\LastGood
2010-04-26 17:20:36 ----HD---- C:\WINDOWS\msdownld.tmp
2010-04-26 17:20:30 ----D---- C:\WINDOWS\Logs
2010-04-26 00:39:41 ----D---- C:\Program Files\ESET
2010-04-26 00:39:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-04-18 16:10:13 ----D---- C:\Documents and Settings\Honza\Data aplikací\BSplayer Pro
2010-04-18 16:10:13 ----D---- C:\Documents and Settings\Honza\Data aplikací\BSplayer
2010-04-18 16:10:11 ----D---- C:\Program Files\BSplayer
2010-04-18 15:56:37 ----D---- C:\Program Files\XP Codec Pack
2010-04-18 13:43:39 ----A---- C:\WINDOWS\system32\MediaIO1.dll
2010-04-18 13:43:38 ----D---- C:\Program Files\3GP Player
2010-04-18 13:43:38 ----A---- C:\WINDOWS\system32\MioPlayer2.dll
2010-04-08 22:26:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-04-08 22:26:09 ----D---- C:\Program Files\Common Files\Adobe
2010-04-08 22:26:09 ----D---- C:\Program Files\Adobe
2010-04-03 19:23:18 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-04-03 19:23:16 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-04-03 19:23:16 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-04-03 19:23:16 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-04-03 19:23:16 ----A---- C:\WINDOWS\system32\nvcolor.exe
2010-04-03 19:23:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-04-03 19:23:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrsth.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-04-03 19:22:58 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-04-03 19:22:56 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-04-03 19:22:54 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-04-03 19:22:54 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-04-03 19:22:54 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-04-03 19:22:54 ----A---- C:\WINDOWS\system32\nvrsar.dll

======List of files/folders modified in the last 1 months======

2010-04-26 17:49:30 ----RD---- C:\Program Files
2010-04-26 17:49:30 ----AD---- C:\WINDOWS\Temp
2010-04-26 17:49:26 ----D---- C:\WINDOWS\Prefetch
2010-04-26 17:47:58 ----D---- C:\WINDOWS\system32
2010-04-26 17:47:47 ----D---- C:\WINDOWS\Help
2010-04-26 17:47:38 ----SHD---- C:\WINDOWS\Installer
2010-04-26 17:46:39 ----D---- C:\Program Files\NVIDIA Corporation
2010-04-26 17:46:21 ----D---- C:\WINDOWS
2010-04-26 17:46:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-26 17:46:04 ----D---- C:\WINDOWS\system32\drivers
2010-04-26 17:45:54 ----HD---- C:\WINDOWS\inf
2010-04-26 17:27:58 ----D---- C:\WINDOWS\system32\DirectX
2010-04-26 17:26:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-26 17:15:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-25 22:47:29 ----A---- C:\WINDOWS\system32\svchost.exe
2010-04-19 17:22:27 ----D---- C:\Program Files\QIP
2010-04-18 19:14:16 ----A---- C:\WINDOWS\win.ini
2010-04-18 13:43:47 ----SD---- C:\Documents and Settings\Honza\Data aplikací\Microsoft
2010-04-08 22:28:37 ----D---- C:\Documents and Settings\Honza\Data aplikací\Adobe
2010-04-08 22:26:22 ----D---- C:\WINDOWS\WinSxS
2010-04-08 22:26:09 ----D---- C:\Program Files\Common Files
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-04-04 00:55:31 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-04-02 16:54:38 ----A---- C:\WINDOWS\system32\NVUninst.exe
2010-03-28 12:37:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-31 95872]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-31 140216]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-12-23 40704]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-12-23 316672]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
S3 flqlmlzq;flqlmlzq; \??\C:\WINDOWS\System32\Drivers\flqlmlzq.sys []
S3 hgzkybff;hgzkybff; \??\C:\WINDOWS\System32\Drivers\hgzkybff.sys []
S3 owljzcyc;owljzcyc; \??\C:\WINDOWS\System32\Drivers\owljzcyc.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 zskcplcz;zskcplcz; \??\C:\WINDOWS\System32\Drivers\zskcplcz.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]

-----------------EOF-----------------

Zdravím


Vložte do PC všechny flash disky, které používáte.

Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

• Spusťte, poté zvolte jazyk E - Enter
• Zvolte 2 - Enter (je možný restart PC)
• Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte, poté do spodního políčka vložte následující skript.

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Co si myslite ze s tim je?


############################## | UsbFix V6.109 |

User : Honza (Administrators) # JOHN
Update on 26/04/2010 by El Desaparecido , C_XX & Chimay8
Start at: 18:07:49 | 26.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) XP 2500+
Systém Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Windows Firewall Status : Enabled
AV : ESET NOD32 Antivirus 4.2 4.2 [ Enabled | Updated ]

A:\ -> Disketová jednotka 3 1/2"
C:\ -> Místní pevný disk # 74,52 Go (36,11 Go free) # NTFS
D:\ -> Disk CD-ROM
E:\ -> Disk CD-ROM # 390,2 Mo (0 Mo free) [MODEM_V34] # CDFS
F:\ -> Disk CD-ROM
G:\ -> Vyměnitelný disk # 55,67 Go (1,16 Go free) [HONZA'S IPO] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\WINDOWS\System32\sstray.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\031.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\063.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\064.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\085.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\104.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\123.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\128.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\181.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\263.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\267.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\282.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\291.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\339.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\379.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\424.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\482.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\508.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\556.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\578.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\585.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\631.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\646.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\677.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\726.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\744.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\776.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\785.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\810.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\905.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\909.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\947.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\963.exe
Deleted ! C:\DOCUME~1\Honza\LOCALS~1\Temp\65930.exe
Deleted ! C:\Recycler\S-1-5-21-1343024091-790525478-839522115-1003
Deleted ! G:\Recycler\S-1-5-21-1482476501-1644491937-682003330-1013

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\...\Explorer\MountPoints2\{612ed953-4adc-11df-a829-000c761d01c1}\Shell\AutoRun\Command

################## | Listing of the present files |

[10.03.2010 18:48|--a------|0] C:\AUTOEXEC.BAT
[10.03.2010 18:43|---hs----|211] C:\boot.ini
[25.10.2001 16:00|-rahs----|4952] C:\Bootfont.bin
[10.03.2010 18:48|--a------|0] C:\CONFIG.SYS
[10.03.2010 18:48|-rahs----|0] C:\IO.SYS
[10.03.2010 18:48|-rahs----|0] C:\MSDOS.SYS
[03.08.2004 22:38|-rahs----|47564] C:\NTDETECT.COM
[03.08.2004 22:59|-rahs----|250048] C:\ntldr
[?|?|?] C:\pagefile.sys
[26.04.2010 18:09|--a------|3380] C:\UsbFix.txt
[07.11.2002 10:16|-r-------|1274] E:\Readme.txt
[07.11.2002 10:16|-r-------|1668] E:\readmeC.txt
[28.03.2010 18:03|--a------|2437678] G:\Republic of Bulgaria.pptx

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# G:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_JOHN.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.109 ! |

Pár virů tam vidím. Počkám na log z OTL.

OTL.txt :

OTL logfile created on: 26.4.2010 18:13:48 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Honza\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 36,12 Gb Free Space | 48,46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 55,67 Gb Total Space | 1,16 Gb Free Space | 2,09% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHN
Current User Name: Honza
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.26 18:11:43 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza\Plocha\OTL.exe
PRC - [2010.03.31 08:23:00 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.03.01 21:42:48 | 000,835,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2010.04.26 18:11:43 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza\Plocha\OTL.exe
MOD - [2004.08.17 15:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.03.31 08:27:24 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.03.31 08:23:00 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)


========== Driver Services (SafeList) ==========

DRV - [2010.04.04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.03.31 08:23:56 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.03.31 08:22:32 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.03.31 08:17:48 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2003.12.23 19:33:00 | 000,316,672 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2003.12.23 19:33:00 | 000,040,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2003.03.19 16:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2002.11.27 21:52:00 | 000,080,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1343024091-790525478-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.04.26 00:39:45 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2001.10.25 16:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [nForce Tray Options] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-790525478-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1343024091-790525478-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 255
O7 - HKU\S-1-5-21-1343024091-790525478-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\Honza\Data aplikací\zwog.exe) - C:\Documents and Settings\Honza\Data aplikací\zwog.exe File not found
O20 - HKU\S-1-5-21-1343024091-790525478-839522115-1003 Winlogon: Shell - (C:\Documents and Settings\Honza\Data aplikací\zwog.exe) - C:\Documents and Settings\Honza\Data aplikací\zwog.exe File not found
O20 - HKU\S-1-5-21-1343024091-790525478-839522115-1003 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1343024091-790525478-839522115-1003 Winlogon: Shell - (C:\Documents and Settings\Honza\csrss.exe) - C:\Documents and Settings\Honza\csrss.exe File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.10 18:48:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.04.26 18:09:31 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.26 18:09:32 | 000,000,000 | RHSD | M] - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:852e69b6b) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.03.10 19:25:20 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\WINDOWS\System32\ffdshow.ax ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)

========== Files/Folders - Created Within 30 Days ==========

[2010.04.26 18:11:30 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honza\Plocha\OTL.exe
[2010.04.26 18:09:31 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010.04.26 18:01:17 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010.04.26 17:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.26 17:49:29 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.26 17:47:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.04.26 17:34:47 | 111,159,872 | ---- | C] (NVIDIA Corporation) -- C:\Documents and Settings\Honza\Plocha\197.45_desktop_winxp_32bit_international_whql.exe
[2010.04.26 17:27:57 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.04.26 17:27:57 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.04.26 17:27:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.04.26 17:27:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.04.26 17:27:55 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.04.26 17:27:55 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.04.26 17:27:54 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.04.26 17:27:53 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.04.26 17:27:53 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010.04.26 17:27:53 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.04.26 17:27:52 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.04.26 17:27:51 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010.04.26 17:27:51 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010.04.26 17:27:51 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010.04.26 17:27:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.04.26 17:27:50 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.04.26 17:27:50 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.04.26 17:27:49 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010.04.26 17:27:49 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010.04.26 17:27:49 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.04.26 17:27:48 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010.04.26 17:27:47 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010.04.26 17:27:47 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010.04.26 17:27:47 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010.04.26 17:27:47 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010.04.26 17:27:46 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010.04.26 17:27:46 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010.04.26 17:27:45 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010.04.26 17:27:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010.04.26 17:27:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010.04.26 17:27:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010.04.26 17:27:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010.04.26 17:27:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010.04.26 17:27:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010.04.26 17:27:43 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010.04.26 17:27:42 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010.04.26 17:27:42 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010.04.26 17:27:42 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010.04.26 17:27:41 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010.04.26 17:27:40 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010.04.26 17:27:40 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010.04.26 17:27:39 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010.04.26 17:27:39 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010.04.26 17:27:39 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010.04.26 17:27:38 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010.04.26 17:27:37 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010.04.26 17:27:37 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010.04.26 17:27:37 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010.04.26 17:27:36 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010.04.26 17:27:35 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010.04.26 17:27:35 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010.04.26 17:27:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010.04.26 17:27:34 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010.04.26 17:27:34 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010.04.26 17:27:33 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010.04.26 17:27:33 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010.04.26 17:27:33 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010.04.26 17:27:33 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010.04.26 17:27:32 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010.04.26 17:27:31 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010.04.26 17:27:31 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010.04.26 17:27:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010.04.26 17:27:29 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010.04.26 17:27:29 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010.04.26 17:27:28 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.04.26 17:27:28 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.04.26 17:27:28 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010.04.26 17:27:28 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010.04.26 17:27:27 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010.04.26 17:27:27 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010.04.26 17:27:27 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010.04.26 17:27:27 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010.04.26 17:27:26 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010.04.26 17:27:26 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010.04.26 17:27:25 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010.04.26 17:27:25 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010.04.26 17:27:25 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010.04.26 17:27:24 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010.04.26 17:27:24 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010.04.26 17:27:23 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2010.04.26 17:27:23 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010.04.26 17:27:23 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010.04.26 17:27:22 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010.04.26 17:20:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010.04.26 17:20:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.04.26 17:20:16 | 000,305,672 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Honza\Plocha\dxwebsetup.exe
[2010.04.26 00:42:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Local Settings\Data aplikací\ESET
[2010.04.26 00:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.04.26 00:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.04.18 23:32:57 | 001,223,680 | ---- | C] (Spojka WoW) -- C:\Documents and Settings\Honza\Plocha\SWL2.exe
[2010.04.18 19:33:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\WoW_3.3.0.11159_to_3.3.2.11403_enGB_patch
[2010.04.18 19:16:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\WoW_3.3.0.10958_to_3.3.0.11159_enGB_patch
[2010.04.18 19:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\WoW-3.2.2.-to-3.3.0-enGB-patch
[2010.04.18 18:58:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\Zombieland (2009) DVDRip XviD-MAX
[2010.04.18 18:57:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\Unleashed - Jet li
[2010.04.18 18:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\Undisputed II - Last Man Standing 2006 DVDRip-Pcconsultant2007
[2010.04.18 18:55:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\Live.Free.Or.Die.Hard[2007]DvDrip[Eng]-aXXo
[2010.04.18 18:55:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\Couples Retreat.2009.DvdRip.Xvid {1337x)-Noir
[2010.04.18 18:54:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\All Eminem Albums
[2010.04.18 18:53:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\2012[2009]DvDrip[Eng]-FXG
[2010.04.18 16:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Data aplikací\BSplayer Pro
[2010.04.18 16:10:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Data aplikací\BSplayer
[2010.04.18 16:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\BSplayer
[2010.04.18 15:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\XP Codec Pack
[2010.04.18 13:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\3GP Player
[2010.04.08 22:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Local Settings\Data aplikací\Adobe
[2010.04.08 22:26:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Adobe
[2010.04.08 22:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.04.08 22:26:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.04.08 22:23:51 | 027,386,256 | ---- | C] ( ) -- C:\Documents and Settings\Honza\Plocha\AdbeRdr930_en_US.exe
[2010.04.05 17:23:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honza\Plocha\h16-antivirus
[2010.04.03 19:23:18 | 000,278,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010.04.03 19:23:16 | 013,670,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010.04.03 19:23:16 | 000,145,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2010.04.03 19:23:16 | 000,110,696 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010.04.03 19:23:00 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2010.04.03 19:23:00 | 000,126,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2010.04.03 19:22:58 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2010.04.03 19:22:58 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2010.04.03 19:22:58 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2010.04.03 19:22:58 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2010.04.03 19:22:58 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2010.04.03 19:22:58 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2010.04.03 19:22:58 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2010.04.03 19:22:56 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2010.04.03 19:22:56 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2010.04.03 19:22:56 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2010.04.03 19:22:56 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2010.04.03 19:22:56 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2010.04.03 19:22:56 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2010.04.03 19:22:56 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2010.04.03 19:22:56 | 000,274,432 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2010.04.03 19:22:56 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2010.04.03 19:22:56 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2010.04.03 19:22:56 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2010.04.03 19:22:56 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2010.04.03 19:22:54 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2010.04.03 19:22:54 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2010.04.03 19:22:54 | 000,249,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2010.04.03 19:22:54 | 000,081,920 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010.03.31 08:23:56 | 000,095,872 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010.03.31 08:22:32 | 000,114,984 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010.03.31 08:17:48 | 000,140,216 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2004.11.24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.26 18:11:43 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honza\Plocha\OTL.exe
[2010.04.26 18:09:36 | 000,048,520 | ---- | M] () -- C:\UsbFix_Upload_Me_JOHN.zip
[2010.04.26 18:07:42 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.04.26 18:07:17 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.26 18:07:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.26 18:06:26 | 001,835,008 | -H-- | M] () -- C:\Documents and Settings\Honza\NTUSER.DAT
[2010.04.26 18:00:32 | 001,777,578 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\UsbFix.exe
[2010.04.26 17:49:15 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\RSIT.exe
[2010.04.26 17:42:37 | 111,159,872 | ---- | M] (NVIDIA Corporation) -- C:\Documents and Settings\Honza\Plocha\197.45_desktop_winxp_32bit_international_whql.exe
[2010.04.26 17:30:14 | 000,006,144 | ---- | M] () -- C:\Documents and Settings\Honza\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.26 17:20:16 | 000,305,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Honza\Plocha\dxwebsetup.exe
[2010.04.26 15:08:45 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.04.26 00:37:37 | 039,249,408 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\eav_nt32_csy.msi
[2010.04.25 22:47:32 | 000,044,544 | -H-- | M] () -- C:\WINDOWS\System32\secupdat.dat
[2010.04.25 22:47:32 | 000,044,544 | -H-- | M] () -- C:\Documents and Settings\Honza\secupdat.dat
[2010.04.25 22:47:29 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svchost.exe
[2010.04.25 22:46:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.18 23:30:53 | 000,000,679 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\World of Warcraft.lnk
[2010.04.18 23:26:52 | 012,212,837 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\Wow.exe
[2010.04.18 19:40:09 | 006,409,338 | -H-- | M] () -- C:\Documents and Settings\Honza\Local Settings\Data aplikací\IconCache.db
[2010.04.18 19:14:16 | 000,000,498 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.18 16:11:44 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\BS.Player FREE.lnk
[2010.04.18 16:09:41 | 013,288,152 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\bsplayer252.1031_clip.exe
[2010.04.18 15:56:46 | 000,000,755 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\Media Player Classic.lnk
[2010.04.18 15:56:06 | 007,858,598 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\XP-Codec-Pack_2.5.1.exe
[2010.04.18 14:13:35 | 000,695,549 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\SWL2.zip
[2010.04.18 13:21:54 | 003,340,188 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\wow-322a-to-330engb.zip
[2010.04.18 13:20:23 | 000,005,382 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\wow_3.2.2a_to_3.3.2_11403_enGB_en_US.zip
[2010.04.08 22:26:27 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.04.08 22:24:55 | 027,386,256 | ---- | M] ( ) -- C:\Documents and Settings\Honza\Plocha\AdbeRdr930_en_US.exe
[2010.04.08 22:23:15 | 000,264,310 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\kuzelosecky.pdf
[2010.04.08 22:04:13 | 001,858,853 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\bcb6_flyer_sample.jpg
[2010.04.05 18:01:38 | 000,084,480 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\OSUDOVÁ DATA VE VÝVOJI.doc
[2010.04.05 17:23:08 | 134,715,427 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\h16-antivirus.rar
[2010.04.04 00:55:31 | 014,757,888 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvoglnt.dll
[2010.04.04 00:55:31 | 011,647,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2010.04.04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2010.04.04 00:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_mini.sys
[2010.04.04 00:55:31 | 006,432,128 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2010.04.04 00:55:31 | 004,075,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuda.dll
[2010.04.04 00:55:31 | 002,646,632 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvenc.dll
[2010.04.04 00:55:31 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010.04.04 00:55:31 | 002,030,184 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcuvid.dll
[2010.04.04 00:55:31 | 001,097,728 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvapi.dll
[2010.04.04 00:55:31 | 000,227,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcodins.dll
[2010.04.04 00:55:31 | 000,227,944 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcod.dll
[2010.04.04 00:55:31 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010.04.04 00:55:31 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010.04.03 19:23:18 | 000,278,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmccs.dll
[2010.04.03 19:23:16 | 013,670,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcpl.dll
[2010.04.03 19:23:16 | 000,145,000 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcolor.exe
[2010.04.03 19:23:16 | 000,110,696 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvmctray.dll
[2010.04.03 19:23:00 | 000,229,376 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2010.04.03 19:23:00 | 000,126,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2010.04.03 19:22:58 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2010.04.03 19:22:58 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2010.04.03 19:22:58 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2010.04.03 19:22:58 | 000,270,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssl.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssk.dll
[2010.04.03 19:22:58 | 000,258,048 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspl.dll
[2010.04.03 19:22:58 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsth.dll
[2010.04.03 19:22:58 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2010.04.03 19:22:58 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2010.04.03 19:22:56 | 000,335,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2010.04.03 19:22:56 | 000,286,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2010.04.03 19:22:56 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2010.04.03 19:22:56 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2010.04.03 19:22:56 | 000,282,624 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsel.dll
[2010.04.03 19:22:56 | 000,278,528 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2010.04.03 19:22:56 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2010.04.03 19:22:56 | 000,274,432 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsesm.dll
[2010.04.03 19:22:56 | 000,266,240 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2010.04.03 19:22:56 | 000,262,144 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshu.dll
[2010.04.03 19:22:56 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2010.04.03 19:22:56 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2010.04.03 19:22:54 | 000,335,872 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2010.04.03 19:22:54 | 000,253,952 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2010.04.03 19:22:54 | 000,249,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrscs.dll
[2010.04.03 19:22:54 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwddi.dll
[2010.04.03 19:22:32 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010.04.02 16:54:38 | 000,600,680 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVUninst.exe
[2010.03.31 08:23:56 | 000,095,872 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010.03.31 08:22:32 | 000,114,984 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010.03.31 08:17:48 | 000,140,216 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.03.30 20:57:06 | 000,092,559 | ---- | M] () -- C:\Documents and Settings\Honza\Plocha\001.pdf
[2010.03.28 12:37:45 | 000,714,754 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 12:37:45 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 12:37:45 | 000,309,716 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 12:37:45 | 000,046,016 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 12:37:45 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.26 18:09:35 | 000,048,520 | ---- | C] () -- C:\UsbFix_Upload_Me_JOHN.zip
[2010.04.26 18:00:17 | 001,777,578 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\UsbFix.exe
[2010.04.26 17:48:38 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\RSIT.exe
[2010.04.26 00:36:38 | 039,249,408 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\eav_nt32_csy.msi
[2010.04.22 11:42:47 | 000,044,544 | -H-- | C] () -- C:\WINDOWS\System32\secupdat.dat
[2010.04.22 11:42:47 | 000,044,544 | -H-- | C] () -- C:\Documents and Settings\Honza\secupdat.dat
[2010.04.18 23:25:40 | 012,212,837 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\Wow.exe
[2010.04.18 16:11:44 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\BS.Player FREE.lnk
[2010.04.18 16:09:24 | 013,288,152 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\bsplayer252.1031_clip.exe
[2010.04.18 15:56:46 | 000,000,755 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\Media Player Classic.lnk
[2010.04.18 15:56:44 | 000,421,888 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2010.04.18 15:54:52 | 007,858,598 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\XP-Codec-Pack_2.5.1.exe
[2010.04.18 15:51:58 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Honza\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.18 14:13:35 | 000,695,549 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\SWL2.zip
[2010.04.18 13:43:39 | 006,294,528 | ---- | C] () -- C:\WINDOWS\System32\MediaIO1.dll
[2010.04.18 13:43:38 | 009,974,784 | ---- | C] () -- C:\WINDOWS\System32\MioPlayer2.dll
[2010.04.18 13:21:18 | 003,340,188 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\wow-322a-to-330engb.zip
[2010.04.18 13:20:23 | 000,005,382 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\wow_3.2.2a_to_3.3.2_11403_enGB_en_US.zip
[2010.04.08 22:26:26 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.04.08 22:23:15 | 000,264,310 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\kuzelosecky.pdf
[2010.04.08 22:04:13 | 001,858,853 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\bcb6_flyer_sample.jpg
[2010.04.05 18:01:38 | 000,084,480 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\OSUDOVÁ DATA VE VÝVOJI.doc
[2010.04.05 17:07:56 | 134,715,427 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\h16-antivirus.rar
[2010.04.03 19:22:32 | 000,276,202 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010.04.03 19:22:32 | 000,066,714 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010.03.30 20:57:06 | 000,092,559 | ---- | C] () -- C:\Documents and Settings\Honza\Plocha\001.pdf
[2010.03.10 20:01:53 | 000,018,253 | ---- | C] () -- C:\WINDOWS\System32\ssnvfx.ini
[2008.12.19 17:15:58 | 004,338,246 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2008.12.17 19:41:18 | 000,884,237 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2008.12.17 19:22:58 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2008.12.17 19:22:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.12.17 19:17:34 | 000,239,247 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2008.12.17 18:59:54 | 000,560,802 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2008.12.11 13:27:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2004.10.03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2004.08.17 15:49:10 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.07.17 11:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

========== LOP Check ==========

[2010.03.10 20:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.04.26 00:39:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.04.18 16:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\BSplayer
[2010.04.18 16:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\BSplayer Pro
[2010.03.10 20:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Opera

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 15:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.04.08 22:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Adobe
[2010.04.18 16:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\BSplayer
[2010.04.18 16:10:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\BSplayer Pro
[2010.03.10 18:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Identities
[2010.03.10 20:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Macromedia
[2010.04.18 13:43:47 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honza\Data aplikací\Microsoft
[2010.03.10 20:31:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Opera
[2010.03.16 16:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\Ventrilo
[2010.03.25 17:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honza\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\Honza\Data aplikací\BSplayer\Haali media splitter\uninstall.exe


< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2001.10.25 16:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2010.04.25 22:47:29 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2010.04.25 22:47:29 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=7399D854596BFEFEED6B60879F28CE07 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys

< MD5 for: USERINIT.EXE >
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.03.10 19:28:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.03.10 19:28:30 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.03.10 19:28:30 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.04.26 15:08:45 | 000,002,504 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2010.04.26 18:07:42 | 000,276,202 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.04.25 22:47:32 | 000,044,544 | -H-- | M] () -- C:\WINDOWS\system32\secupdat.dat
[2010.04.25 22:47:29 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
[2010.04.25 22:46:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Honza\Plocha\RSIT.exe:SummaryInformation
@Alternate Data Stream - 756538 bytes -> C:\WINDOWS\Temp:temp

EXTRAS.TXT:

OTL Extras logfile created on: 26.4.2010 18:13:48 - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Documents and Settings\Honza\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 72,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 36,12 Gb Free Space | 48,46% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 390,20 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
Drive G: | 55,67 Gb Total Space | 1,16 Gb Free Space | 2,09% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JOHN
Current User Name: Honza
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Hry\World of Warcraft\Repair.exe" = C:\Hry\World of Warcraft\Repair.exe:*:Enabled:Repair -- (Blizzard Entertainment, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{022F6097-A053-4B1B-BE50-3AADE4116B92}" = Opera 10.50
"{08B38E56-09A1-4155-906C-FA5A6495C34B}" = ESET NOD32 Antivirus
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BSPlayerf" = BS.Player FREE
"HijackThis" = HijackThis 2.0.2
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"XP Codec Pack" = XP Codec Pack

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1343024091-790525478-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8092

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22.4.2010 19:22:31 | Computer Name = JOHN | Source = Application Error | ID = 1000
Description = Chybující aplikace 394.exe, verze 0.0.0.0, chybující modul 394.exe,
verze 0.0.0.0, adresa chyby 0x000044b2.

Error - 25.4.2010 18:24:28 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.507.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.4.2010 18:24:28 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.507.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.4.2010 18:34:20 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.507.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.4.2010 18:43:08 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.507.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.4.2010 18:49:57 | Computer Name = JOHN | Source = Application Error | ID = 1000
Description = Chybující aplikace AvastSvc.exe, verze 5.0.507.0, chybující modul
ntdll.dll, verze 5.1.2600.2180, adresa chyby 0x00010c27.

Error - 26.4.2010 9:04:10 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 26.4.2010 9:04:10 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.2180, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 26.4.2010 9:04:38 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.507.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 26.4.2010 9:08:28 | Computer Name = JOHN | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AvastUI.exe, verze 5.0.507.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 25.4.2010 16:47:03 | Computer Name = JOHN | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
ICF.

Error - 25.4.2010 18:00:09 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Antivirus byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 25.4.2010 18:00:09 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Mail Scanner byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 25.4.2010 18:00:09 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Web Scanner byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 25.4.2010 18:26:49 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Antivirus byla neočekávaně ukončena. Tento stav nastal
již 2krát.

Error - 25.4.2010 18:26:49 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Mail Scanner byla neočekávaně ukončena. Tento stav nastal
již 2krát.

Error - 25.4.2010 18:26:49 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Web Scanner byla neočekávaně ukončena. Tento stav nastal
již 2krát.

Error - 25.4.2010 18:50:47 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Antivirus byla neočekávaně ukončena. Tento stav nastal
již 3krát.

Error - 25.4.2010 18:50:47 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Mail Scanner byla neočekávaně ukončena. Tento stav nastal
již 3krát.

Error - 25.4.2010 18:50:47 | Computer Name = JOHN | Source = Service Control Manager | ID = 7034
Description = Služba avast! Web Scanner byla neočekávaně ukončena. Tento stav nastal
již 3krát.

Spusťte OTL a do spodního okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Soubor C:\UsbFix_Upload_Me_JOHN.zip prosím uložte na http://chiquitine.changelog.fr/Sample/Upload.php

Grafika se z zblbla tak ze se po nacitaci obrazovce Windows XP "odpoji" monitor

Tak diky za pomoc ale stejne to vypada ze budu muset preinstalovat windows, protoze ze se do nich uz ani nedostanu abych to opravil

Zkoušel jste nouzový režim

Zkusil jsem to v nouzovem rezimu. Udelal jsem co jste napsal, ale porad me to nechce pustit do normalnich Windows. Take jsem zkusil v nouzovem rezimu preinstalovat ovladace graficke karty, na chvilku me to pustilo do Windows zacali se preinstalovavat ovladace samy od sebe pak se to restartovalo a zas me to do Windows nepusti. Proste jakoby to odpojilo graickou kartu pri spousteni Windows... Nevite co s tim?

Jakou máte grafickou kartu a základní desku

Graficka karta 6600GT a zakladni deska FSB400...jsou to uz hrozne stare soucastky.

Máte na desce integrovanou grafickou kartu

To nevim, ale myslim ze ne. Zatim to vypada ze mi odesla graficka karta...