Zdravim mám takový tušení, že tam něco bude, tak to prosím někdo zkontrolujte.Ďekuju vopred.
Logfile of random's system information tool 1.07 (written by random/random)
Run by Simon at 2010-05-27 14:17:58
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 115 GB (72%) free of 160 GB
Total RAM: 2301 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:14, on 27.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Simon\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Simon.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1082687109
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (file missing)
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
--
End of file - 7963 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2006-05-26 282624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2006-09-10 218032]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-29 2145000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-09-10 86960]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-09-10 218032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Simon^Start Menu^Programs^Startup^MagicDisc.lnk]
C:\PROGRA~1\MAGICD~1\MAGICD~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Simon^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]
C:\Documents and Settings\Simon\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
""=
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\B]
shell\AutoRun\command - B:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6673148c-3033-11df-b11c-0019d1454686}]
shell\AutoRun\command - J:\StartUp.exe
======List of files/folders created in the last 1 months======
2010-05-27 14:17:58 ----D---- C:\rsit
2010-05-27 14:17:58 ----D---- C:\Program Files\trend micro
2010-05-26 18:48:10 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-05-26 18:48:09 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-05-26 18:47:54 ----D---- C:\Documents and Settings\Simon\Application Data\TuneUp Software
2010-05-26 18:47:47 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-05-26 18:47:35 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-05-26 18:47:27 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-05-26 18:40:11 ----D---- C:\Program Files\Transform XP to Vista
2010-05-26 17:23:05 ----D---- C:\Program Files\Hunting Unlimited 2008
2010-05-26 16:08:13 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-05-26 13:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-24 16:19:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-24 15:13:02 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-05-24 15:03:37 ----D---- C:\Program Files\Lavalys
2010-05-23 19:35:17 ----D---- C:\Program Files\mp3DirectCut
2010-05-23 16:30:45 ----D---- C:\Documents and Settings\Simon\Application Data\Apple Computer
2010-05-20 19:46:01 ----D---- C:\Documents and Settings\Simon\Application Data\Malwarebytes
2010-05-20 19:45:51 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-05-20 15:46:32 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-20 15:46:32 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-19 18:55:00 ----D---- C:\Program Files\ESET
2010-05-17 16:51:22 ----D---- C:\Program Files\AML Products
2010-05-17 16:51:22 ----A---- C:\WINDOWS\system32\mfc70.dll
2010-05-17 16:46:58 ----D---- C:\Documents and Settings\Simon\Application Data\Uniblue
2010-05-17 16:42:05 ----D---- C:\Qoobox
2010-05-16 10:16:15 ----D---- C:\Program Files\Need for Speed Most Wanted
2010-05-12 16:41:14 ----HD---- C:\WINDOWS\system32\win
2010-05-12 16:40:39 ----A---- C:\WINDOWS\fishing_beta_0.1.3i.exe
2010-05-12 15:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-05 19:29:44 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2010-05-05 18:22:32 ----A---- C:\WINDOWS\wowCP.ini
2010-05-05 17:46:25 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-05-04 14:26:58 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2010-05-02 11:13:22 ----D---- C:\Config.Msi
======List of files/folders modified in the last 1 months======
2010-05-27 14:18:07 ----D---- C:\WINDOWS\Temp
2010-05-27 14:17:58 ----D---- C:\Program Files
2010-05-27 13:59:55 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-26 19:27:56 ----D---- C:\WINDOWS\system32\config
2010-05-26 19:25:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-26 18:53:52 ----D---- C:\WINDOWS
2010-05-26 18:48:12 ----SHD---- C:\WINDOWS\Installer
2010-05-26 18:48:10 ----D---- C:\WINDOWS\system32
2010-05-26 14:42:26 ----D---- C:\Program Files\Metin2_CZ
2010-05-26 13:23:31 ----HD---- C:\WINDOWS\inf
2010-05-25 19:12:58 ----D---- C:\Documents and Settings\Simon\Application Data\Skype
2010-05-25 19:08:11 ----D---- C:\Documents and Settings\Simon\Application Data\skypePM
2010-05-25 15:01:44 ----D---- C:\Documents and Settings\Simon\Application Data\BitTorrent
2010-05-24 19:01:55 ----D---- C:\WINDOWS\system32\wbem
2010-05-24 19:01:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-24 18:14:33 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-24 18:08:28 ----D---- C:\WINDOWS\system32\DirectX
2010-05-24 16:19:29 ----D---- C:\WINDOWS\system32\drivers
2010-05-24 15:04:05 ----D---- C:\WINDOWS\Registration
2010-05-23 15:09:34 ----D---- C:\divx
2010-05-23 14:47:46 ----D---- C:\WINDOWS\Debug
2010-05-23 14:46:27 ----D---- C:\WINDOWS\Prefetch
2010-05-23 14:42:01 ----D---- C:\Program Files\Google
2010-05-21 13:36:04 ----D---- C:\WINDOWS\Config
2010-05-21 13:35:12 ----D---- C:\Program Files\Common Files\eBay
2010-05-19 19:56:19 ----D---- C:\Documents and Settings\Simon\Application Data\ICQ
2010-05-17 16:54:27 ----D---- C:\Program Files\Codec Pack - All In 1
2010-05-17 16:54:26 ----D---- C:\Program Files\Mozilla Firefox
2010-05-16 11:43:58 ----D---- C:\Documents and Settings\Simon\Application Data\Hamachi
2010-05-16 10:16:04 ----RSD---- C:\WINDOWS\assembly
2010-05-13 15:49:41 ----D---- C:\WINDOWS\Minidump
2010-05-12 15:00:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-12 15:00:49 ----D---- C:\Program Files\Outlook Express
2010-05-12 13:00:37 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-05 17:46:25 ----D---- C:\Program Files\Common Files
2010-05-04 14:32:45 ----D---- C:\Program Files\DivX
2010-05-04 14:31:36 ----D---- C:\Program Files\Common Files\DivX Shared
2010-05-01 13:58:44 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-30 13:30:49 ----D---- C:\WINDOWS\WinSxS
2010-04-30 13:26:15 ----D---- C:\Program Files\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-29 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-29 95872]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-02-04 51072]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-06 281760]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-29 140216]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-06 25888]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-12-31 25280]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2007-09-05 92544]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 ATE_PROCMON;ATE_PROCMON; \??\C:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 a4mxh40y;a4mxh40y; C:\WINDOWS\system32\drivers\a4mxh40y.sys []
S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 LLRING0;LLRING0; \??\C:\Program Files\ZhyperMU\zhypermu season 4 3d\MuGuard\llck1.sys []
S3 msgame;Sidewinder HID to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\msgame.sys [2001-08-17 35200]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-03 41728]
S3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-05-26 1177032]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2009-08-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2009-08-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2009-08-21 24960]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-29 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-04-15 66872]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-30 135664]
S2 STacSV;SigmaTel Audio Service; C:\WINDOWS\system32\STacSV.exe [2006-05-26 86016]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-29 33560]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-26 435016]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Zdravím 
Doporučuji odinstalovat:
C:\Program Files\BitTorrent\bittorrent.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
V logu nevidím firewall, doinstalujte 
Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Jsou s PC nějaké problémy 
Doporučuji odinstalovat:C:\Program Files\BitTorrent\bittorrent.exe
P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523 Jsou s PC nějaké problémy 
Re: Prosím o kontrolu.
Urobil som čo bolo napísané.
A problémy s PC mám také 2 najzávadnejšie a to:
Celkové spomalenie, pravdepodobne už trochu starší zlý procesor :/
A druhý sa týka internetu :
Ked idem na net, asi prvých 10 obnovení stránok sa načíta hneď, v priebehu okamžiku.
Ale už ďalšie čakám niekedy aj 5 sekúnd na jednu čo mi nikdy nerobilo. (a to napr. aj Google !)
Vždy pri čakaní mi dole píše Zisťuje sa adresa XXXXXXXX , ale vždy mi ju po nejakej dobre , 2-5 sek. nájde.
Iné je keby naozaj neexistovala ale ona existuje a nenačita ju až neskor.
Nikdy som tento problem nemal.
.
A problémy s PC mám také 2 najzávadnejšie a to:
Celkové spomalenie, pravdepodobne už trochu starší zlý procesor :/
A druhý sa týka internetu :
Ked idem na net, asi prvých 10 obnovení stránok sa načíta hneď, v priebehu okamžiku.
Ale už ďalšie čakám niekedy aj 5 sekúnd na jednu čo mi nikdy nerobilo. (a to napr. aj Google !)
Vždy pri čakaní mi dole píše Zisťuje sa adresa XXXXXXXX , ale vždy mi ju po nejakej dobre , 2-5 sek. nájde.
Iné je keby naozaj neexistovala ale ona existuje a nenačita ju až neskor.
Nikdy som tento problem nemal.
.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT - Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: Prosím o kontrolu.
Musel sem to dát na servr , protože to obsahuje více znaku jak je povoleno.
Dal sem to projistotu do raru a heslo. Po vašem stažení to smažu , kdyby cosi
OTL.txt
heslo: OTLkontrolaOTL
Extra.txt
heslo: OTLkontrolaExtra
Ješte mám pripomínku- Po tom jak se udelal ten Scan v ZoneAlarm sem musel dát restartovat PC.
Od této instalace sem zjistil, že se mi omnoho déle zapíná PC . Je to kvuli tomu že to všechno kontroluje nebo je neco špatne? (Prominte sem amatér
)
Dal sem to projistotu do raru a heslo. Po vašem stažení to smažu , kdyby cosi
OTL.txt
Kód: Vybrat vše
http://uloz.to/4938183/otl.rarExtra.txt
Kód: Vybrat vše
http://uloz.to/4938182/extra.rarJešte mám pripomínku- Po tom jak se udelal ten Scan v ZoneAlarm sem musel dát restartovat PC.
Od této instalace sem zjistil, že se mi omnoho déle zapíná PC . Je to kvuli tomu že to všechno kontroluje nebo je neco špatne? (Prominte sem amatér
)-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Extra.txt
Kód: Vybrat vše
OTL Extras logfile created on: 27.5.2010 15:47:12 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Simon\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 111,56 Gb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 9,31 Gb Free Space | 95,28% Space Free | Partition Type: NTFS
Drive E: | 30,05 Gb Total Space | 29,68 Gb Free Space | 98,75% Space Free | Partition Type: NTFS
Drive F: | 27,49 Gb Total Space | 26,95 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC
Current User Name: Simon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Metin2_CZ\metin2.bin" = C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2 -- ()
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DAB1E4F-2096-4FD6-84FB-FD0CF512D3ED}" = ESET NOD32 Antivirus
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E369F1-6A92-47B5-86D5-474A7E06B3DC}" = ALFA 16.02.00
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90CA0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinštalovať LG PC Suite III
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50
"GameSpy Arcade" = GameSpy Arcade
"Hunting Unlimited 2008" = Hunting Unlimited 2008 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR archivátor
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2.4.2010 13:49:56 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x002f763f.
Error - 4.4.2010 6:34:37 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie javaw.exe, verzia 6.0.190.4, zlyhanie modulu java.dll,
verzia 6.0.190.4, adresa zlyhania 0x00005875.
Error - 5.4.2010 8:54:35 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x00354b1c.
Error - 8.4.2010 13:00:10 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x003f7c82.
Error - 10.4.2010 9:02:03 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x003f382b.
Error - 11.4.2010 6:34:24 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie javaw.exe, verzia 6.0.190.4, zlyhanie modulu java.dll,
verzia 6.0.190.4, adresa zlyhania 0x00005875.
Error - 12.4.2010 9:04:49 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x0013368b.
Error - 15.4.2010 12:41:30 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Sims3Launcher.exe, verzia 0.0.0.11190, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.4.2010 5:02:25 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Bully.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.4.2010 5:08:27 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Bully.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
[ System Events ]
Error - 22.5.2010 7:38:44 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 22.5.2010 7:43:54 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 22.5.2010 7:49:04 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 23.5.2010 10:21:44 | Computer Name = ORIORO | Source = Service Control Manager | ID = 7038
Description = Služba ALG sa nemohla s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft Management
Console).
Error - 23.5.2010 10:21:44 | Computer Name = ORIORO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1069
Error - 24.5.2010 9:13:23 | Computer Name = PC | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070652: Update for Microsoft Office Outlook 2003 Junk Email Filter
(KB981725).
Error - 24.5.2010 9:13:41 | Computer Name = PC | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070652: Security Update for Microsoft Office 2003 (KB976382).
Error - 25.5.2010 13:04:59 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Služba ALG sa nemohla s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft Management
Console).
Error - 25.5.2010 13:04:59 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1069
Error - 26.5.2010 12:48:10 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby TuneUp Theme Extension zlyhalo kvôli nasledujúcej
chybe: %%1083
< End of report >Re: Prosím o kontrolu.
Prominte ale to OTL si musíte stahnout zo serveru
OTL.txt
heslo: OTLkontrolaOTL
, jelikož má vice znaku .
" Vaše zpráva obsahuje 73222 znaků. Maximální povolený počet znaků je 60000."
OTL.txt
Kód: Vybrat vše
http://uloz.to/4938183/otl.rar, jelikož má vice znaku .
" Vaše zpráva obsahuje 73222 znaků. Maximální povolený počet znaků je 60000."
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
A nedávejte je do "Code".Caroprd111 píše:Logy prosím rozdělte do více příspěvků.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Kousek logu dáte do další zprávy. Jako to udělal uživatel zde: http://www.viry.cz/forum/viewtopic.php? ... d%C4%9Blte
Re: Prosím o kontrolu.
Tak tady je 1. část z OTL.txt
OTL logfile created on: 27.5.2010 15:47:12 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Simon\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 111,56 Gb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 9,31 Gb Free Space | 95,28% Space Free | Partition Type: NTFS
Drive E: | 30,05 Gb Total Space | 29,68 Gb Free Space | 98,75% Space Free | Partition Type: NTFS
Drive F: | 27,49 Gb Total Space | 26,95 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC
Current User Name: Simon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.27 15:46:00 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon\My Documents\Preberanie\OTL.exe
PRC - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.05.20 18:10:18 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010.05.18 16:01:32 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2010.05.07 18:06:04 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.05.07 18:04:20 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.04.01 20:07:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.29 17:12:18 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.03.29 17:11:50 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.09.10 22:56:24 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2001.08.18 00:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe
========== Modules (SafeList) ==========
MOD - [2010.05.27 15:46:00 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon\My Documents\Preberanie\OTL.exe
MOD - [2010.05.18 16:01:40 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009.07.12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009.07.12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Disabled | Stopped] -- -- (NetTcpPortSharing)
SRV - File not found [Auto | Stopped] -- -- (clr_optimization_v4.0.30319_32)
SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
SRV - [2010.05.26 18:48:07 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010.05.07 18:04:20 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.05.07 18:01:04 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.29 17:16:36 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.03.29 17:12:18 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2006.05.26 16:58:54 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
========== Driver Services (SafeList) ==========
DRV - [2010.05.18 16:01:28 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010.04.28 14:25:41 | 000,002,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\ZhyperMU\zhypermu season 4 3d\MuGuard\llck1.sys -- (LLRING0)
DRV - [2010.03.29 17:13:44 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.03.29 17:12:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.03.29 17:07:30 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.03.06 11:55:38 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.06 11:55:38 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.02.04 22:55:43 | 000,051,072 | ---- | M] (Identcode Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\ANGELNT.SYS -- (Angelnt)
DRV - [2010.01.12 13:03:34 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.01.01 19:31:54 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.31 18:48:25 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.08.21 02:08:00 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2009.08.21 02:08:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2009.08.21 02:08:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009.08.09 23:25:56 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008.04.13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.09.05 02:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2006.05.26 16:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.12.03 02:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2001.08.17 15:02:40 | 000,035,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msgame.sys -- (msgame)
DRV - [2001.08.17 14:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 14:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 14:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 14:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [1999.12.17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.223.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.05.27 15:33:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.12 16:45:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.26 18:53:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.05.24 15:13:03 | 000,000,000 | ---D | M]
[2010.04.12 16:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mozilla\Extensions
[2010.05.27 15:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions
[2010.04.27 17:00:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.27 15:33:47 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010.05.24 15:03:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.05.27 15:02:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.27 15:37:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.24 09:45:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 19:40:34 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.04.01 19:40:34 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.04.01 19:40:34 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.04.01 19:40:34 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.04.01 19:40:34 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.04.01 19:40:34 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml
O1 HOSTS File: ([2010.05.20 16:08:14 | 000,395,292 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13652 more lines...
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O7 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1082687109 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.30 08:16:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6673148c-3033-11df-b11c-0019d1454686}\Shell\AutoRun\command - "" = J:\StartUp.exe -- File not found
O33 - MountPoints2\B\Shell - "" = AutoRun
O33 - MountPoints2\B\Shell\AutoRun\command - "" = B:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.12.30 08:45:30 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65878755301654528)
========== Files/Folders - Created Within 30 Days ==========
[2010.05.27 15:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\CheckPoint
[2010.05.27 15:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\My Documents\ForceField Shared Files
[2010.05.27 15:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm
[2010.05.27 15:33:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Local Settings\Application Data\ZoneAlarm
[2010.05.27 15:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.05.27 15:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.05.27 15:33:19 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.05.27 15:33:18 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.05.27 15:33:18 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.05.27 15:33:15 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.05.27 15:33:14 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.05.27 15:33:14 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.05.27 15:33:14 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.05.27 15:33:14 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.05.27 15:33:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.05.27 15:33:13 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.05.27 15:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010.05.27 15:32:25 | 000,712,192 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.05.27 15:32:25 | 000,228,352 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.05.27 15:32:25 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.05.27 15:32:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010.05.27 15:28:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Simon\Recent
[2010.05.27 15:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.05.27 15:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Desktop\GaMeS
[2010.05.27 14:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.27 14:17:58 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.26 18:48:10 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.05.26 18:48:09 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.05.26 18:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\TuneUp Software
[2010.05.26 18:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010.05.26 18:47:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.05.26 18:47:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.05.26 18:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Transform XP to Vista
[2010.05.26 17:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\My Documents\Hunting Unlimited 2008
[2010.05.26 17:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\Hunting Unlimited 2008
[2010.05.26 16:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2010.05.26 16:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.05.24 18:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\The Club Game Save Data
[2010.05.24 17:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Local Settings\Application Data\kaneandlynchdemo
[2010.05.24 16:19:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.24 16:19:27 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.24 16:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.24 15:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.05.24 15:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.05.23 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\mp3DirectCut
[2010.05.23 16:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\Apple Computer
[2010.05.20 19:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\Malwarebytes
[2010.05.20 19:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.20 15:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.05.20 15:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.05.19 18:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.05.17 16:51:22 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010.05.17 16:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\AML Products
[2010.05.17 16:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\Uniblue
[2010.05.17 16:42:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.16 10:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\My Documents\NFS Most Wanted
[2010.05.16 10:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\Need for Speed Most Wanted
[2010.05.12 16:41:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\win
[2010.05.05 19:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.05.05 17:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.05.04 14:26:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.05.02 11:13:22 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2009.12.30 08:46:14 | 000,059,392 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
OTL logfile created on: 27.5.2010 15:47:12 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Simon\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 111,56 Gb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 9,31 Gb Free Space | 95,28% Space Free | Partition Type: NTFS
Drive E: | 30,05 Gb Total Space | 29,68 Gb Free Space | 98,75% Space Free | Partition Type: NTFS
Drive F: | 27,49 Gb Total Space | 26,95 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC
Current User Name: Simon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.05.27 15:46:00 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon\My Documents\Preberanie\OTL.exe
PRC - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010.05.20 18:10:18 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010.05.18 16:01:32 | 000,730,600 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2010.05.07 18:06:04 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010.05.07 18:04:20 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010.04.01 20:07:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.29 17:12:18 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.03.29 17:11:50 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.09.10 22:56:24 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2001.08.18 00:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe
========== Modules (SafeList) ==========
MOD - [2010.05.27 15:46:00 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Simon\My Documents\Preberanie\OTL.exe
MOD - [2010.05.18 16:01:40 | 000,640,488 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2009.07.12 02:12:06 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
MOD - [2009.07.12 02:09:20 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
MOD - [2008.04.14 02:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Disabled | Stopped] -- -- (NetTcpPortSharing)
SRV - File not found [Auto | Stopped] -- -- (clr_optimization_v4.0.30319_32)
SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
SRV - [2010.05.26 18:48:07 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.05.20 18:11:48 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010.05.18 16:01:36 | 000,493,032 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010.05.07 18:04:20 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.05.07 18:01:04 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.03.29 17:16:36 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.03.29 17:12:18 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2006.05.26 16:58:54 | 000,086,016 | ---- | M] (SigmaTel, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
========== Driver Services (SafeList) ==========
DRV - [2010.05.18 16:01:28 | 000,026,352 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2010.04.28 14:25:41 | 000,002,688 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\ZhyperMU\zhypermu season 4 3d\MuGuard\llck1.sys -- (LLRING0)
DRV - [2010.03.29 17:13:44 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.03.29 17:12:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.03.29 17:07:30 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.03.06 11:55:38 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.06 11:55:38 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.02.04 22:55:43 | 000,051,072 | ---- | M] (Identcode Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\ANGELNT.SYS -- (Angelnt)
DRV - [2010.01.12 13:03:34 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.01.01 19:31:54 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.12.31 18:48:25 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.08.21 02:08:00 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2009.08.21 02:08:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2009.08.21 02:08:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009.08.09 23:25:56 | 000,029,696 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VClone.sys -- (VClone)
DRV - [2008.04.13 20:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.09.05 02:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2006.05.26 16:59:12 | 001,177,032 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005.12.03 02:38:04 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2001.08.17 15:02:40 | 000,035,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msgame.sys -- (msgame)
DRV - [2001.08.17 14:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 14:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 14:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 14:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [1999.12.17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.223.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.05.27 15:33:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.12 16:45:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.26 18:53:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.05.24 15:13:03 | 000,000,000 | ---D | M]
[2010.04.12 16:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mozilla\Extensions
[2010.05.27 15:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions
[2010.04.27 17:00:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.27 15:33:47 | 000,000,000 | ---D | M] (ZoneAlarm Toolbar) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}
[2010.05.24 15:03:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.05.27 15:02:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Simon\Application Data\Mozilla\Firefox\Profiles\t3mbl37d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.27 15:37:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.24 09:45:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.01 19:40:34 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.04.01 19:40:34 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.04.01 19:40:34 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.04.01 19:40:34 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.04.01 19:40:34 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.04.01 19:40:34 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml
O1 HOSTS File: ([2010.05.20 16:08:14 | 000,395,292 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13652 more lines...
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O7 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 1
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1082687109 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.30 08:16:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6673148c-3033-11df-b11c-0019d1454686}\Shell\AutoRun\command - "" = J:\StartUp.exe -- File not found
O33 - MountPoints2\B\Shell - "" = AutoRun
O33 - MountPoints2\B\Shell\AutoRun\command - "" = B:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.12.30 08:45:30 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\WINDOWS\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (65878755301654528)
========== Files/Folders - Created Within 30 Days ==========
[2010.05.27 15:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\CheckPoint
[2010.05.27 15:33:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\My Documents\ForceField Shared Files
[2010.05.27 15:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm
[2010.05.27 15:33:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Local Settings\Application Data\ZoneAlarm
[2010.05.27 15:33:33 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.05.27 15:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2010.05.27 15:33:19 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.05.27 15:33:18 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.05.27 15:33:18 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.05.27 15:33:15 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.05.27 15:33:14 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.05.27 15:33:14 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.05.27 15:33:14 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.05.27 15:33:14 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.05.27 15:33:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2010.05.27 15:33:13 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.05.27 15:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2010.05.27 15:32:25 | 000,712,192 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.05.27 15:32:25 | 000,228,352 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.05.27 15:32:25 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.05.27 15:32:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010.05.27 15:28:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Simon\Recent
[2010.05.27 15:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.05.27 15:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Desktop\GaMeS
[2010.05.27 14:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.27 14:17:58 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.26 18:48:10 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2010.05.26 18:48:09 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2010.05.26 18:47:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\TuneUp Software
[2010.05.26 18:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010
[2010.05.26 18:47:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.05.26 18:47:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.05.26 18:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Transform XP to Vista
[2010.05.26 17:28:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\My Documents\Hunting Unlimited 2008
[2010.05.26 17:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\Hunting Unlimited 2008
[2010.05.26 16:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2010.05.26 16:08:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.05.24 18:08:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\The Club Game Save Data
[2010.05.24 17:47:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Local Settings\Application Data\kaneandlynchdemo
[2010.05.24 16:19:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.24 16:19:27 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.24 16:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.24 15:13:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.05.24 15:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.05.23 19:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\mp3DirectCut
[2010.05.23 16:30:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\Apple Computer
[2010.05.20 19:46:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\Malwarebytes
[2010.05.20 19:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.20 15:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010.05.20 15:46:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.05.19 18:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.05.17 16:51:22 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010.05.17 16:51:22 | 000,000,000 | ---D | C] -- C:\Program Files\AML Products
[2010.05.17 16:46:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\Application Data\Uniblue
[2010.05.17 16:42:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.16 10:28:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Simon\My Documents\NFS Most Wanted
[2010.05.16 10:16:15 | 000,000,000 | ---D | C] -- C:\Program Files\Need for Speed Most Wanted
[2010.05.12 16:41:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\win
[2010.05.05 19:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.05.05 17:46:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.05.04 14:26:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.05.02 11:13:22 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2009.12.30 08:46:14 | 000,059,392 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
Re: Prosím o kontrolu.
2. část
========== Files - Modified Within 30 Days ==========
[2010.05.27 15:43:02 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.05.27 15:42:30 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.27 15:42:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.27 15:42:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.27 15:41:24 | 005,242,880 | ---- | M] () -- C:\Documents and Settings\Simon\NTUSER.DAT
[2010.05.27 15:35:49 | 003,175,906 | -H-- | M] () -- C:\Documents and Settings\Simon\Local Settings\Application Data\IconCache.db
[2010.05.27 15:34:19 | 000,421,442 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.05.27 15:33:20 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.05.27 15:33:20 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\ZoneAlarm Security.lnk
[2010.05.27 15:27:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\CCleaner.lnk
[2010.05.27 15:16:00 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.27 15:03:16 | 000,604,666 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.27 15:03:16 | 000,504,422 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.27 15:03:16 | 000,088,268 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.26 19:25:41 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Simon\NTUSER.DAT_tureg_old
[2010.05.26 17:10:27 | 005,012,288 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\Stormae-Alors On Danse.mp3
[2010.05.26 17:06:34 | 003,082,942 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\Guru Josh Project - Infinity 2008.mp3
[2010.05.25 19:15:04 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Simon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 19:05:38 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.05.25 14:27:09 | 148,893,096 | ---- | M] () -- C:\Documents and Settings\Simon\My Documents\Kung Fu Bear- Unedited Footage(NOT FAKE_).avi
[2010.05.24 16:19:33 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.24 15:06:28 | 000,122,000 | ---- | M] () -- C:\Documents and Settings\Simon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010.05.24 15:05:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.24 15:05:14 | 000,374,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.23 21:09:13 | 007,267,597 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\1254133830_hit_parade_black-eyed-peas-i-gotta-feeling.mp3
[2010.05.20 18:10:06 | 001,238,528 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.05.20 18:10:02 | 000,110,080 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.05.20 18:10:02 | 000,103,936 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.05.20 18:10:02 | 000,069,120 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.05.20 18:10:02 | 000,043,008 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.05.20 18:10:00 | 000,712,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.05.20 18:10:00 | 000,302,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.05.20 18:10:00 | 000,228,352 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.05.20 18:10:00 | 000,112,128 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.05.20 18:10:00 | 000,107,520 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.05.20 18:10:00 | 000,058,368 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.05.20 16:08:14 | 000,395,292 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.17 16:51:23 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\AML Free Registry Cleaner.lnk
[2010.05.16 19:43:27 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Simon\ntuser.ini
[2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.05.05 18:27:51 | 000,000,140 | ---- | M] () -- C:\WINDOWS\wowCP.ini
[2010.05.04 14:32:29 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010.05.04 14:32:17 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.27 17:36:19 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\Microsoft Office Word 2003.lnk
========== Files Created - No Company Name ==========
[2010.05.27 15:33:20 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.05.27 15:33:20 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\ZoneAlarm Security.lnk
[2010.05.27 15:33:13 | 000,421,442 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.05.27 15:27:29 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\CCleaner.lnk
[2010.05.26 19:28:01 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Simon\NTUSER.DAT_tureg_new.LOG
[2010.05.26 18:48:05 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.05.26 18:48:05 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities.lnk
[2010.05.25 14:25:42 | 148,893,096 | ---- | C] () -- C:\Documents and Settings\Simon\My Documents\Kung Fu Bear- Unedited Footage(NOT FAKE_).avi
[2010.05.24 16:53:36 | 003,082,942 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\Guru Josh Project - Infinity 2008.mp3
[2010.05.24 16:19:33 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.24 14:18:18 | 005,012,288 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\Stormae-Alors On Danse.mp3
[2010.05.23 21:09:11 | 007,267,597 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\1254133830_hit_parade_black-eyed-peas-i-gotta-feeling.mp3
[2010.05.17 16:51:23 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\AML Free Registry Cleaner.lnk
[2010.05.12 16:40:39 | 000,403,047 | ---- | C] () -- C:\WINDOWS\fishing_beta_0.1.3i.exe
[2010.05.05 18:22:32 | 000,000,140 | ---- | C] () -- C:\WINDOWS\wowCP.ini
[2010.05.04 14:32:29 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010.05.04 14:32:17 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010.03.16 16:47:55 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.03.16 15:36:23 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.03.16 15:35:30 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.03.15 16:09:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010.02.25 15:58:30 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.02.25 15:58:29 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.02.04 17:13:06 | 000,000,405 | ---- | C] () -- C:\WINDOWS\System32\ANGELDOS.SYS
[2010.02.01 18:09:32 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.01.05 15:59:04 | 000,000,384 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.01.02 12:24:14 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.01.01 20:29:54 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.01.01 19:31:54 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.12.30 12:45:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\plugSpk.INI
[2009.12.30 08:55:51 | 000,000,084 | ---- | C] () -- C:\WINDOWS\ctnet.ini
[2009.12.30 08:45:33 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2009.12.30 08:43:28 | 000,000,195 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.18 00:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.06 12:16:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\angel32.dll
========== LOP Check ==========
[2010.01.01 19:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.05.24 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.02.21 19:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2010.01.13 18:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.04.24 19:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010.01.01 15:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.05.26 18:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.02.24 10:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010.05.26 18:47:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.04.12 18:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Atari
[2010.04.22 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer
[2010.03.02 20:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer Pro
[2010.05.27 15:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\CheckPoint
[2009.12.30 18:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Codemasters
[2010.03.06 11:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\DAEMON Tools Lite
[2010.04.12 12:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Desktop Sidebar
[2010.01.09 19:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\GetRightToGo
[2010.05.19 19:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ICQ
[2010.02.01 14:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LangSoft
[2009.12.31 11:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Leadertech
[2010.04.08 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LG Electronics
[2010.03.17 16:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mount&Blade
[2010.02.27 16:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\SystemRequirementsLab
[2010.02.02 17:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Toolbar4
[2010.03.08 17:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Tropico 3
[2010.05.26 18:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\TuneUp Software
[2010.05.17 16:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Uniblue
[2010.04.02 18:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ValuSoft
[2010.02.05 17:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\VitySoft
[2010.02.21 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Windows Search
[2010.04.08 18:10:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Simon\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"ISUSScheduler" = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start -- [2006.09.10 23:56:26 | 000,086,960 | ---- | M] (Macrovision Corporation)
"ISUSPM" = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler -- [2006.09.10 22:56:24 | 000,218,032 | ---- | M] (Macrovision Corporation)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.03.04 19:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.01.05 16:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2010.02.21 17:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.04.11 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.05.05 19:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.01.01 19:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.05.04 14:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.05.24 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.02.21 19:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2010.01.13 18:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.04.24 19:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.12.30 17:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010.01.01 15:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.05.20 19:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.26 16:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.02.23 19:00:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.01.23 19:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Games
[2010.01.24 11:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.01.08 17:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010.01.08 17:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010.02.21 18:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010.01.05 16:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2009.12.30 20:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.05.24 15:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.03.30 19:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.01.08 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010.01.02 16:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010.05.26 18:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.02.24 10:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009.12.30 09:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.05.26 18:47:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.05.04 14:31:35 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.05.04 14:32:10 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.05.04 14:32:17 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010.05.04 14:32:18 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010.02.18 19:26:14 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
[2010.02.18 19:27:03 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
[2010.05.04 14:32:19 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.05.04 14:32:44 | 000,056,766 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.05.04 14:32:18 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.05.04 14:32:20 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.05.04 14:32:20 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.05.04 14:32:21 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.05.04 14:32:10 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010.05.04 14:32:09 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.05.04 14:32:39 | 000,057,679 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010.05.04 14:31:40 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.05.04 14:26:57 | 001,180,952 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.05.04 14:32:16 | 000,054,629 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010.05.04 14:32:24 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010.05.04 14:32:39 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.05.04 14:32:44 | 000,056,978 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
< %APPDATA%\*. >
[2009.12.30 20:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Adobe
[2010.01.05 19:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Ahead
[2010.05.23 16:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Apple Computer
[2010.04.12 18:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Atari
[2010.04.22 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer
[2010.03.02 20:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer Pro
[2010.05.27 15:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\CheckPoint
[2009.12.30 18:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Codemasters
[2010.03.06 11:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\DAEMON Tools Lite
[2010.04.12 12:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Desktop Sidebar
[2010.01.19 20:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\DivX
[2010.01.09 19:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\GetRightToGo
[2010.02.05 16:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Google
[2010.05.16 11:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Hamachi
[2010.02.15 14:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Help
[2010.05.19 19:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ICQ
[2009.12.30 08:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Identities
[2010.04.18 17:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\InstallShield
[2010.02.01 14:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LangSoft
[2009.12.31 11:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Leadertech
[2010.04.08 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LG Electronics
[2009.12.30 09:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Macromedia
[2010.05.20 19:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Malwarebytes
[2010.04.15 17:11:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Simon\Application Data\Microsoft
[2010.01.23 19:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Microsoft Games
[2010.03.17 16:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mount&Blade
[2010.04.12 16:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mozilla
[2010.01.01 15:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Nero
[2010.05.25 19:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Skype
[2010.05.25 19:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\skypePM
[2009.12.31 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Sun
[2010.02.27 16:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\SystemRequirementsLab
[2010.02.02 17:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Toolbar4
[2010.03.08 17:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Tropico 3
[2010.05.26 18:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\TuneUp Software
[2010.05.17 16:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Uniblue
[2010.04.02 18:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ValuSoft
[2010.02.05 17:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\VitySoft
[2010.02.21 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Windows Search
[2009.12.30 10:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\WinRAR
[2010.04.08 18:10:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Simon\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\uninstall.exe
[2009.09.30 13:20:28 | 000,024,576 | ---- | M] ((주)테크노니아) -- C:\Documents and Settings\Simon\Application Data\LG Electronics\LG PC Suite III\UpdateHelper.exe
[2010.02.23 11:25:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Simon\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< MD5 for: AGP440.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.02.28 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.02.28 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 14:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.02.28 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.02.28 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.02.28 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.01 19:31:54 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.12.30 08:57:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.12.30 08:57:48 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.12.30 08:57:47 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.05.27 15:43:02 | 000,271,490 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.05.27 15:03:16 | 000,088,268 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.05.27 15:03:16 | 000,504,422 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.05.27 15:03:16 | 000,604,666 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.26 13:23:31 | 000,011,798 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2010.05.27 15:34:19 | 000,421,442 | ---- | M] () -- C:\WINDOWS\system32\vsconfig.xml
[2010.05.27 15:33:20 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\system32\zllictbl.dat
< End of report >
========== Files - Modified Within 30 Days ==========
[2010.05.27 15:43:02 | 000,271,490 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.05.27 15:42:30 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.27 15:42:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.27 15:42:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.27 15:41:24 | 005,242,880 | ---- | M] () -- C:\Documents and Settings\Simon\NTUSER.DAT
[2010.05.27 15:35:49 | 003,175,906 | -H-- | M] () -- C:\Documents and Settings\Simon\Local Settings\Application Data\IconCache.db
[2010.05.27 15:34:19 | 000,421,442 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.05.27 15:33:20 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.05.27 15:33:20 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\ZoneAlarm Security.lnk
[2010.05.27 15:27:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\CCleaner.lnk
[2010.05.27 15:16:00 | 000,000,998 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.27 15:03:16 | 000,604,666 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.27 15:03:16 | 000,504,422 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.27 15:03:16 | 000,088,268 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.26 19:25:41 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Simon\NTUSER.DAT_tureg_old
[2010.05.26 17:10:27 | 005,012,288 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\Stormae-Alors On Danse.mp3
[2010.05.26 17:06:34 | 003,082,942 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\Guru Josh Project - Infinity 2008.mp3
[2010.05.25 19:15:04 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Simon\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 19:05:38 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010.05.25 14:27:09 | 148,893,096 | ---- | M] () -- C:\Documents and Settings\Simon\My Documents\Kung Fu Bear- Unedited Footage(NOT FAKE_).avi
[2010.05.24 16:19:33 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.24 15:06:28 | 000,122,000 | ---- | M] () -- C:\Documents and Settings\Simon\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010.05.24 15:05:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.24 15:05:14 | 000,374,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.23 21:09:13 | 007,267,597 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\1254133830_hit_parade_black-eyed-peas-i-gotta-feeling.mp3
[2010.05.20 18:10:06 | 001,238,528 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010.05.20 18:10:02 | 000,110,080 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2010.05.20 18:10:02 | 000,103,936 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010.05.20 18:10:02 | 000,069,120 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010.05.20 18:10:02 | 000,043,008 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010.05.20 18:10:00 | 000,712,192 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010.05.20 18:10:00 | 000,302,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010.05.20 18:10:00 | 000,228,352 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010.05.20 18:10:00 | 000,112,128 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2010.05.20 18:10:00 | 000,107,520 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010.05.20 18:10:00 | 000,058,368 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010.05.20 16:08:14 | 000,395,292 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.17 16:51:23 | 000,000,781 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\AML Free Registry Cleaner.lnk
[2010.05.16 19:43:27 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Simon\ntuser.ini
[2010.05.13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010.05.05 18:27:51 | 000,000,140 | ---- | M] () -- C:\WINDOWS\wowCP.ini
[2010.05.04 14:32:29 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010.05.04 14:32:17 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.27 17:36:19 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Simon\Desktop\Microsoft Office Word 2003.lnk
========== Files Created - No Company Name ==========
[2010.05.27 15:33:20 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010.05.27 15:33:20 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\ZoneAlarm Security.lnk
[2010.05.27 15:33:13 | 000,421,442 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010.05.27 15:27:29 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\CCleaner.lnk
[2010.05.26 19:28:01 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Simon\NTUSER.DAT_tureg_new.LOG
[2010.05.26 18:48:05 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.05.26 18:48:05 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TuneUp Utilities.lnk
[2010.05.25 14:25:42 | 148,893,096 | ---- | C] () -- C:\Documents and Settings\Simon\My Documents\Kung Fu Bear- Unedited Footage(NOT FAKE_).avi
[2010.05.24 16:53:36 | 003,082,942 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\Guru Josh Project - Infinity 2008.mp3
[2010.05.24 16:19:33 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.24 14:18:18 | 005,012,288 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\Stormae-Alors On Danse.mp3
[2010.05.23 21:09:11 | 007,267,597 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\1254133830_hit_parade_black-eyed-peas-i-gotta-feeling.mp3
[2010.05.17 16:51:23 | 000,000,781 | ---- | C] () -- C:\Documents and Settings\Simon\Desktop\AML Free Registry Cleaner.lnk
[2010.05.12 16:40:39 | 000,403,047 | ---- | C] () -- C:\WINDOWS\fishing_beta_0.1.3i.exe
[2010.05.05 18:22:32 | 000,000,140 | ---- | C] () -- C:\WINDOWS\wowCP.ini
[2010.05.04 14:32:29 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010.05.04 14:32:17 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010.03.16 16:47:55 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.03.16 15:36:23 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.03.16 15:35:30 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.03.15 16:09:29 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010.02.25 15:58:30 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.02.25 15:58:29 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2010.02.04 17:13:06 | 000,000,405 | ---- | C] () -- C:\WINDOWS\System32\ANGELDOS.SYS
[2010.02.01 18:09:32 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.01.05 15:59:04 | 000,000,384 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.01.02 12:24:14 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.01.01 20:29:54 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.01.01 19:31:54 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.12.30 12:45:26 | 000,000,036 | ---- | C] () -- C:\WINDOWS\plugSpk.INI
[2009.12.30 08:55:51 | 000,000,084 | ---- | C] () -- C:\WINDOWS\ctnet.ini
[2009.12.30 08:45:33 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2009.12.30 08:43:28 | 000,000,195 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.09.18 00:55:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003.04.09 16:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.11.06 12:16:26 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\angel32.dll
========== LOP Check ==========
[2010.01.01 19:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.05.24 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.02.21 19:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2010.01.13 18:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.04.24 19:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010.01.01 15:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.05.26 18:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.02.24 10:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2010.05.26 18:47:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.04.12 18:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Atari
[2010.04.22 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer
[2010.03.02 20:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer Pro
[2010.05.27 15:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\CheckPoint
[2009.12.30 18:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Codemasters
[2010.03.06 11:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\DAEMON Tools Lite
[2010.04.12 12:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Desktop Sidebar
[2010.01.09 19:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\GetRightToGo
[2010.05.19 19:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ICQ
[2010.02.01 14:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LangSoft
[2009.12.31 11:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Leadertech
[2010.04.08 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LG Electronics
[2010.03.17 16:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mount&Blade
[2010.02.27 16:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\SystemRequirementsLab
[2010.02.02 17:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Toolbar4
[2010.03.08 17:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Tropico 3
[2010.05.26 18:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\TuneUp Software
[2010.05.17 16:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Uniblue
[2010.04.02 18:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ValuSoft
[2010.02.05 17:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\VitySoft
[2010.02.21 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Windows Search
[2010.04.08 18:10:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Simon\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 02:12:16 | 000,015,360 | ---- | M] (Microsoft Corporation)
"ISUSScheduler" = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start -- [2006.09.10 23:56:26 | 000,086,960 | ---- | M] (Macrovision Corporation)
"ISUSPM" = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler -- [2006.09.10 22:56:24 | 000,218,032 | ---- | M] (Macrovision Corporation)
< c:\windows\*.* /U >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.03.04 19:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.01.05 16:21:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2010.02.21 17:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.04.11 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.05.05 19:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.01.01 19:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010.05.04 14:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.05.24 15:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010.02.21 19:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Firefly Studios
[2010.01.13 18:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010.04.24 19:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2009.12.30 17:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2010.01.01 15:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2010.05.20 19:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010.05.26 16:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.02.23 19:00:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2010.01.23 19:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Games
[2010.01.24 11:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2010.01.08 17:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010.01.08 17:03:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2010.02.21 18:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010.01.05 16:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2009.12.30 20:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.05.24 15:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010.03.30 19:07:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.01.08 17:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2010.01.02 16:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2010.05.26 18:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
[2010.02.24 10:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft
[2009.12.30 09:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.05.26 18:47:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2010.05.04 14:31:35 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.05.04 14:32:10 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.05.04 14:32:17 | 000,054,128 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
[2010.05.04 14:32:18 | 000,054,153 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
[2010.02.18 19:26:14 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
[2010.02.18 19:27:03 | 000,530,625 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
[2010.05.04 14:32:19 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.05.04 14:32:44 | 000,056,766 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.05.04 14:32:18 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.05.04 14:32:20 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.05.04 14:32:20 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.05.04 14:32:21 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.05.04 14:32:10 | 000,054,101 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
[2010.05.04 14:32:09 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.05.04 14:32:39 | 000,057,679 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Player\Uninstaller.exe
[2010.05.04 14:31:40 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.05.04 14:26:57 | 001,180,952 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.05.04 14:32:16 | 000,054,629 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
[2010.05.04 14:32:24 | 000,084,040 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
[2010.05.04 14:32:39 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.05.04 14:32:44 | 000,056,978 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
< %APPDATA%\*. >
[2009.12.30 20:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Adobe
[2010.01.05 19:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Ahead
[2010.05.23 16:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Apple Computer
[2010.04.12 18:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Atari
[2010.04.22 14:28:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer
[2010.03.02 20:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\BSplayer Pro
[2010.05.27 15:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\CheckPoint
[2009.12.30 18:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Codemasters
[2010.03.06 11:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\DAEMON Tools Lite
[2010.04.12 12:59:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Desktop Sidebar
[2010.01.19 20:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\DivX
[2010.01.09 19:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\GetRightToGo
[2010.02.05 16:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Google
[2010.05.16 11:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Hamachi
[2010.02.15 14:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Help
[2010.05.19 19:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ICQ
[2009.12.30 08:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Identities
[2010.04.18 17:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\InstallShield
[2010.02.01 14:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LangSoft
[2009.12.31 11:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Leadertech
[2010.04.08 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\LG Electronics
[2009.12.30 09:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Macromedia
[2010.05.20 19:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Malwarebytes
[2010.04.15 17:11:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Simon\Application Data\Microsoft
[2010.01.23 19:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Microsoft Games
[2010.03.17 16:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mount&Blade
[2010.04.12 16:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Mozilla
[2010.01.01 15:24:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Nero
[2010.05.25 19:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Skype
[2010.05.25 19:08:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\skypePM
[2009.12.31 13:43:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Sun
[2010.02.27 16:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\SystemRequirementsLab
[2010.02.02 17:15:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Toolbar4
[2010.03.08 17:39:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Tropico 3
[2010.05.26 18:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\TuneUp Software
[2010.05.17 16:46:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Uniblue
[2010.04.02 18:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\ValuSoft
[2010.02.05 17:22:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\VitySoft
[2010.02.21 18:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\Windows Search
[2009.12.30 10:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Simon\Application Data\WinRAR
[2010.04.08 18:10:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Simon\Application Data\{D94BA408-F110-488B-A65E-3AE7945F79E6}
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\FFDShow\unins000.exe
[2009.11.14 19:11:36 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\dsmux.exe
[2009.11.14 19:33:40 | 000,357,888 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\gdsmux.exe
[2009.11.14 19:11:36 | 000,136,704 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.02.23 16:00:42 | 000,042,288 | ---- | M] () -- C:\Documents and Settings\Simon\Application Data\BSplayer\Haali media splitter\uninstall.exe
[2009.09.30 13:20:28 | 000,024,576 | ---- | M] ((주)테크노니아) -- C:\Documents and Settings\Simon\Application Data\LG Electronics\LG PC Suite III\UpdateHelper.exe
[2010.02.23 11:25:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Simon\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
< MD5 for: AGP440.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.02.28 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: CDROM.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.02.28 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.02.28 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=10654F9DDCEA9C46CFB77554231BE73B -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 02:11:51 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=3D4E199942E29207970E04315D02AD3B -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 02:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2006.02.28 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 02:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.02.28 14:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.02.28 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.02.28 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.12.30 09:56:34 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.13 20:36:41 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=05A299EC56E52649B1CF2FC52D20F2D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
[2001.08.17 14:58:02 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2006.02.28 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=E504F706CCB699C2596E9A3DA1596E87 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.02.28 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=84885F9B82F4D55C6146EBF6065D75D2 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 02:12:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=BF2466B3E18E970D8A976FB95FC1CA85 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.02.28 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 02:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.02.28 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.02.28 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 02:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 02:12:36 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2006.02.28 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=BD7FB0957C716F1A60333AEE04DE2178 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 02:12:36 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
[2006.02.28 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=8F078AE4ED187AAABC0A305146DE6716 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2006.02.28 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 02:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 02:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 02:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll
[2006.02.28 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=2ED0B7F12A60F90092081C50FA0EC2B2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.01 19:31:54 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.12.30 08:57:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.12.30 08:57:48 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.12.30 08:57:47 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2010.05.27 15:43:02 | 000,271,490 | ---- | M] () -- C:\WINDOWS\system32\NvApps.xml
[2010.05.27 15:03:16 | 000,088,268 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.05.27 15:03:16 | 000,504,422 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.05.27 15:03:16 | 000,604,666 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.05.26 13:23:31 | 000,011,798 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2010.05.27 15:34:19 | 000,421,442 | ---- | M] () -- C:\WINDOWS\system32\vsconfig.xml
[2010.05.27 15:33:20 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\system32\zllictbl.dat
< End of report >
Re: Prosím o kontrolu.
Extra. txt
OTL Extras logfile created on: 27.5.2010 15:47:12 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Simon\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 111,56 Gb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 9,31 Gb Free Space | 95,28% Space Free | Partition Type: NTFS
Drive E: | 30,05 Gb Total Space | 29,68 Gb Free Space | 98,75% Space Free | Partition Type: NTFS
Drive F: | 27,49 Gb Total Space | 26,95 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC
Current User Name: Simon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Metin2_CZ\metin2.bin" = C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2 -- ()
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DAB1E4F-2096-4FD6-84FB-FD0CF512D3ED}" = ESET NOD32 Antivirus
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E369F1-6A92-47B5-86D5-474A7E06B3DC}" = ALFA 16.02.00
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90CA0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinštalovať LG PC Suite III
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50
"GameSpy Arcade" = GameSpy Arcade
"Hunting Unlimited 2008" = Hunting Unlimited 2008 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR archivátor
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2.4.2010 13:49:56 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x002f763f.
Error - 4.4.2010 6:34:37 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie javaw.exe, verzia 6.0.190.4, zlyhanie modulu java.dll,
verzia 6.0.190.4, adresa zlyhania 0x00005875.
Error - 5.4.2010 8:54:35 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x00354b1c.
Error - 8.4.2010 13:00:10 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x003f7c82.
Error - 10.4.2010 9:02:03 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x003f382b.
Error - 11.4.2010 6:34:24 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie javaw.exe, verzia 6.0.190.4, zlyhanie modulu java.dll,
verzia 6.0.190.4, adresa zlyhania 0x00005875.
Error - 12.4.2010 9:04:49 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x0013368b.
Error - 15.4.2010 12:41:30 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Sims3Launcher.exe, verzia 0.0.0.11190, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.4.2010 5:02:25 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Bully.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.4.2010 5:08:27 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Bully.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
[ System Events ]
Error - 22.5.2010 7:38:44 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 22.5.2010 7:43:54 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 22.5.2010 7:49:04 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 23.5.2010 10:21:44 | Computer Name = ORIORO | Source = Service Control Manager | ID = 7038
Description = Služba ALG sa nemohla s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft Management
Console).
Error - 23.5.2010 10:21:44 | Computer Name = ORIORO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1069
Error - 24.5.2010 9:13:23 | Computer Name = PC | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070652: Update for Microsoft Office Outlook 2003 Junk Email Filter
(KB981725).
Error - 24.5.2010 9:13:41 | Computer Name = PC | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070652: Security Update for Microsoft Office 2003 (KB976382).
Error - 25.5.2010 13:04:59 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Služba ALG sa nemohla s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft Management
Console).
Error - 25.5.2010 13:04:59 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1069
Error - 26.5.2010 12:48:10 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby TuneUp Theme Extension zlyhalo kvôli nasledujúcej
chybe: %%1083
< End of report >
OTL Extras logfile created on: 27.5.2010 15:47:12 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Documents and Settings\Simon\My Documents\Preberanie
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 77,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 111,56 Gb Free Space | 71,40% Space Free | Partition Type: NTFS
Drive D: | 9,77 Gb Total Space | 9,31 Gb Free Space | 95,28% Space Free | Partition Type: NTFS
Drive E: | 30,05 Gb Total Space | 29,68 Gb Free Space | 98,75% Space Free | Partition Type: NTFS
Drive F: | 27,49 Gb Total Space | 26,95 Gb Free Space | 98,01% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC
Current User Name: Simon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Metin2_CZ\metin2.bin" = C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2 -- ()
"C:\Program Files\Metin2_CZ\metin2client.bin" = C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade -- (IGN Entertainment, Inc.)
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon -- (Check Point Software Technologies LTD)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DAB1E4F-2096-4FD6-84FB-FD0CF512D3ED}" = ESET NOD32 Antivirus
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69E369F1-6A92-47B5-86D5-474A7E06B3DC}" = ALFA 16.02.00
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{90CA0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D137B59C-551C-4659-8AA8-206FA650BF40}" = LG USB Modem Drivers
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinštalovať LG PC Suite III
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50
"GameSpy Arcade" = GameSpy Arcade
"Hunting Unlimited 2008" = Hunting Unlimited 2008 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR archivátor
"ZoneAlarm" = ZoneAlarm
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2.4.2010 13:49:56 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x002f763f.
Error - 4.4.2010 6:34:37 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie javaw.exe, verzia 6.0.190.4, zlyhanie modulu java.dll,
verzia 6.0.190.4, adresa zlyhania 0x00005875.
Error - 5.4.2010 8:54:35 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x00354b1c.
Error - 8.4.2010 13:00:10 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x003f7c82.
Error - 10.4.2010 9:02:03 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x003f382b.
Error - 11.4.2010 6:34:24 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie javaw.exe, verzia 6.0.190.4, zlyhanie modulu java.dll,
verzia 6.0.190.4, adresa zlyhania 0x00005875.
Error - 12.4.2010 9:04:49 | Computer Name = PC | Source = Application Error | ID = 1000
Description = Zlyhanie aplikácie gta_sa.exe, verzia 0.0.0.0, zlyhanie modulu gta_sa.exe,
verzia 0.0.0.0, adresa zlyhania 0x0013368b.
Error - 15.4.2010 12:41:30 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Sims3Launcher.exe, verzia 0.0.0.11190, zablokovaný
modul hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.4.2010 5:02:25 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Bully.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
Error - 17.4.2010 5:08:27 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikácia Bully.exe, verzia 0.0.0.0, zablokovaný modul
hungapp, verzia 0.0.0.0, adresa zablokovania 0x00000000.
[ System Events ]
Error - 22.5.2010 7:38:44 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 22.5.2010 7:43:54 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 22.5.2010 7:49:04 | Computer Name = ORIORO | Source = NetBT | ID = 4321
Description = Názov DOMOV :1d sa nedá zaregistrovať v rozhraní s adresou
IP 192.168.0.2. Počítač s adresou IP 192.168.0.2 nepovolil vyžiadanie názvu týmto
počítačom.
Error - 23.5.2010 10:21:44 | Computer Name = ORIORO | Source = Service Control Manager | ID = 7038
Description = Služba ALG sa nemohla s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft Management
Console).
Error - 23.5.2010 10:21:44 | Computer Name = ORIORO | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1069
Error - 24.5.2010 9:13:23 | Computer Name = PC | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070652: Update for Microsoft Office Outlook 2003 Junk Email Filter
(KB981725).
Error - 24.5.2010 9:13:41 | Computer Name = PC | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070652: Security Update for Microsoft Office 2003 (KB976382).
Error - 25.5.2010 13:04:59 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Služba ALG sa nemohla s aktuálne nakonfigurovaným heslom prihlásiť
ako NT AUTHORITY\LocalService kvôli nasledujúcej chybe: %%5 Ak chcete zabezpečiť
správne nakonfigurovanie služby, použite zásuvný modul konzoly MMC (Microsoft Management
Console).
Error - 25.5.2010 13:04:59 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Application Layer Gateway Service zlyhalo kvôli nasledujúcej
chybe: %%1069
Error - 26.5.2010 12:48:10 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby TuneUp Theme Extension zlyhalo kvôli nasledujúcej
chybe: %%1083
< End of report >
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu.
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
SRV - File not found [On_Demand | Stopped] -- -- (WPFFontCache_v0400)
SRV - File not found [Disabled | Stopped] -- -- (NetTcpPortSharing)
SRV - File not found [Auto | Stopped] -- -- (clr_optimization_v4.0.30319_32)
SRV - File not found [On_Demand | Stopped] -- -- (aspnet_state)
IE - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\URLSearchHook: - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No CLSID value found.
O3 - HKU\S-1-5-21-1708537768-776561741-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O33 - MountPoints2\B\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS]
[CREATERESTOREPOINT]
Re: Prosím o kontrolu.
All processes killed
========== OTL ==========
Service WPFFontCache_v0400 stopped successfully!
Service WPFFontCache_v0400 deleted successfully!
Service NetTcpPortSharing stopped successfully!
Service NetTcpPortSharing deleted successfully!
Service clr_optimization_v4.0.30319_32 stopped successfully!
Service clr_optimization_v4.0.30319_32 deleted successfully!
Service aspnet_state stopped successfully!
Service aspnet_state deleted successfully!
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ not found.
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\B\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 1055896 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 992312 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Simon
->Temp folder emptied: 75576619 bytes
->Temporary Internet Files folder emptied: 727851 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 194943657 bytes
->Flash cache emptied: 1818 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 416772 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 261,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Simon
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.5.0 log created on 05272010_194343
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
Service WPFFontCache_v0400 stopped successfully!
Service WPFFontCache_v0400 deleted successfully!
Service NetTcpPortSharing stopped successfully!
Service NetTcpPortSharing deleted successfully!
Service clr_optimization_v4.0.30319_32 stopped successfully!
Service clr_optimization_v4.0.30319_32 deleted successfully!
Service aspnet_state stopped successfully!
Service aspnet_state deleted successfully!
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}\ not found.
Registry value HKEY_USERS\S-1-5-21-1708537768-776561741-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\B\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 1055896 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 992312 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Simon
->Temp folder emptied: 75576619 bytes
->Temporary Internet Files folder emptied: 727851 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 194943657 bytes
->Flash cache emptied: 1818 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 416772 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 261,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Simon
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
OTL by OldTimer - Version 3.2.5.0 log created on 05272010_194343
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Přispějete na provoz fóra?