Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:13:41, on 26.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Opera\opera.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\Program Files\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.etypestart.com/?src=startpag ... .1-x86-SP3
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SpeedUpToolbar BHO - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O2 - BHO: SpeedUpToolbar BHO - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: SpeedUp Toolbar - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0861379890
O18 - Protocol: speeduptoolbar - {A59E71FA-63AB-4695-B7B0-7B97BAA3CF9E} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O20 - AppInit_DLLs:
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7781 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, moc děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, moc děkuji
Zdravím. 
Dej mi minutku, hnedle se na to mrknu.
Dej mi minutku, hnedle se na to mrknu.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, moc děkuji
Přečti si prosím pravidla tohoto fóra! 
Příště prosím log ze RSITu, ne z HJT - je podrobnější a už ho tu delší dobu používáme.
Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary! Jsou to veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti. Aktualizuj MS Internet Explorer na verzi 8. I když používáš prohlížeč Opera, aktualizace řeší spoustu problémů v systému samotném. Fixni v HJT tyto položky:R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.etypestart.com/?src=startpag ... .1-x86-SP3
R3 - URLSearchHook: SpeedUpToolbar BHO - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O2 - BHO: SpeedUpToolbar BHO - {0D52B2CA-C02E-4EC1-8E80-0A5CD2A640BD} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: SpeedUp Toolbar - {005B8FC3-0F7E-45DD-8A2F-E352D67EDBFC} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O18 - Protocol: speeduptoolbar - {A59E71FA-63AB-4695-B7B0-7B97BAA3CF9E} - C:\Program Files\SpeedUpToolbar\IEToolbar.dll
"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\hijackthis.exe
Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Zaškrtni okénko Pro všechny uživatele.
- Zaškrtni okénko Kontrola na havěť "LOP".
- Zaškrtni okénko Kontrola na havěť "Purity".
- Stáři souborů změň z 30 dnů na 7 dnů.
- Do spodního okénka Vlastní skenování/opravy vlož tento script:
Kód: Vybrat vše
safebootminimal
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
*crack* /s
*keygen* /s
*nocd* /s
*nodvd* /s
*activator* /s
*AutoKMS* /s
*minodlogin* /s
*tnod* /s
*serial* /s
*AutoRearm* /s
*w7lxe* /s
*legalizator* /s
*GenuineXP* /s
*registration* /s
*Office 2010* /s
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5- Klikni na tlačítko Prohledat.
- Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
- Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o kontrolu logu, moc děkuji
tak jsem provedl zmíněné postupy ale OTL mi na plchu nevytvořilo žádný výsledek ani mi to nešlo z okna zkopírovat, takže alespoň nový log . . . abych nezapomněl děkuji a také děkuji předem
Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2011-10-26 21:33:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 885 MB (9%) free of 10 GB
Total RAM: 511 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:15, on 26.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0861379890
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5758 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Security Scan for Petr.job
C:\WINDOWS\tasks\qgfnpm.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-07-04 3493720]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-10 7311360]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-12-10 86016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-04-27 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"Nová hodnota #1"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\Trademanager\AliIM.exe"="C:\Program Files\Trademanager\AliIM.exe:*:Enabled:AliIM"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=serwvdrv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2011-10-26 21:33:48 ----DC---- C:\rsit
2011-10-26 20:44:23 ----HDC---- C:\WINDOWS\ie8
2011-10-26 18:27:11 ----A---- C:\Program Files\Firefox Setup 7.0.1.exe
2011-10-26 18:15:08 ----D---- C:\Documents and Settings\Petr\Data aplikací\Mozilla
2011-10-26 09:24:53 ----D---- C:\Program Files\trend micro
2011-10-26 09:24:01 ----A---- C:\Program Files\RSIT.exe
2011-10-26 09:12:52 ----A---- C:\Program Files\hijackthis.exe
2011-10-26 08:58:04 ----D---- C:\WINDOWS\pss
2011-10-24 10:23:23 ----D---- C:\Documents and Settings\Petr\Data aplikací\vlc
2011-10-23 09:23:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
2011-10-23 07:50:13 ----D---- C:\Program Files\Common Files\Java
2011-10-23 07:49:51 ----A---- C:\WINDOWS\system32\javaws.exe
2011-10-23 07:49:51 ----A---- C:\WINDOWS\system32\javaw.exe
2011-10-23 07:49:51 ----A---- C:\WINDOWS\system32\java.exe
2011-10-19 13:56:51 ----D---- C:\Program Files\DivX
2011-10-19 13:55:12 ----A---- C:\Program Files\DivXInstaller.exe
2011-10-16 11:21:14 ----D---- C:\Program Files\CCleaner
2011-10-13 15:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-13 15:24:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-13 15:24:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-05 16:30:14 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-10-05 16:25:20 ----D---- C:\Program Files\FreeTime
2011-10-05 16:13:46 ----A---- C:\WINDOWS\system32\fmcodec.DLL
2011-09-29 17:36:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-09-29 17:31:34 ----D---- C:\Program Files\Google
======List of files/folders modified in the last 1 month======
2011-10-26 21:10:10 ----D---- C:\WINDOWS\Temp
2011-10-26 21:09:18 ----D---- C:\WINDOWS\Prefetch
2011-10-26 21:07:34 ----D---- C:\WINDOWS
2011-10-26 21:04:15 ----RD---- C:\Program Files
2011-10-26 21:02:50 ----SHD---- C:\WINDOWS\Installer
2011-10-26 20:57:45 ----D---- C:\WINDOWS\Debug
2011-10-26 20:56:18 ----D---- C:\WINDOWS\system32
2011-10-26 20:54:56 ----D---- C:\WINDOWS\system32\cs-cz
2011-10-26 20:54:56 ----D---- C:\WINDOWS\Media
2011-10-26 20:54:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-26 20:54:55 ----HD---- C:\WINDOWS\inf
2011-10-26 20:54:55 ----D---- C:\WINDOWS\Help
2011-10-26 20:54:55 ----D---- C:\Program Files\Internet Explorer
2011-10-26 20:54:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-10-26 20:52:56 ----D---- C:\WINDOWS\ie8updates
2011-10-26 20:52:53 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-26 20:50:45 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-26 20:50:28 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-26 19:41:28 ----D---- C:\Program Files\Opera
2011-10-26 17:29:53 ----RD---- C:\Program Files\Skype
2011-10-26 17:25:58 ----RD---- C:\Program Files\Common Files
2011-10-25 16:57:43 ----D---- C:\Documents and Settings\Petr\Data aplikací\dvdcss
2011-10-24 14:38:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-10-23 21:04:07 ----RSD---- C:\WINDOWS\assembly
2011-10-23 09:23:09 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-10-23 07:49:46 ----D---- C:\Program Files\Java
2011-10-20 07:41:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-10-19 14:00:31 ----D---- C:\Documents and Settings\Petr\Data aplikací\DivX
2011-10-16 18:33:37 ----D---- C:\Documents and Settings\Petr\Data aplikací\Skype
2011-10-13 20:11:12 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-13 15:37:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-13 15:35:28 ----D---- C:\WINDOWS\WinSxS
2011-10-13 15:25:18 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-13 15:24:32 ----D---- C:\WINDOWS\system32\drivers
2011-10-13 15:23:08 ----D---- C:\WINDOWS\ie7updates
2011-10-05 15:37:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-10-03 05:06:03 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-09-29 17:36:04 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-03-29 73600]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-27 41600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-04-13 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 CAM1690;USB PC Camera; C:\WINDOWS\System32\Drivers\cam1690.sys [2007-11-21 181888]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2008-04-13 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2008-04-13 220032]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-10 3536768]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2008-04-13 685056]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-10 131139]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2011-10-26 21:33:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 885 MB (9%) free of 10 GB
Total RAM: 511 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:15, on 26.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0861379890
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5758 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Security Scan for Petr.job
C:\WINDOWS\tasks\qgfnpm.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-07-04 3493720]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-10 7311360]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-12-10 86016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2008-04-27 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"Nová hodnota #1"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"C:\Program Files\Trademanager\AliIM.exe"="C:\Program Files\Trademanager\AliIM.exe:*:Enabled:AliIM"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=serwvdrv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2011-10-26 21:33:48 ----DC---- C:\rsit
2011-10-26 20:44:23 ----HDC---- C:\WINDOWS\ie8
2011-10-26 18:27:11 ----A---- C:\Program Files\Firefox Setup 7.0.1.exe
2011-10-26 18:15:08 ----D---- C:\Documents and Settings\Petr\Data aplikací\Mozilla
2011-10-26 09:24:53 ----D---- C:\Program Files\trend micro
2011-10-26 09:24:01 ----A---- C:\Program Files\RSIT.exe
2011-10-26 09:12:52 ----A---- C:\Program Files\hijackthis.exe
2011-10-26 08:58:04 ----D---- C:\WINDOWS\pss
2011-10-24 10:23:23 ----D---- C:\Documents and Settings\Petr\Data aplikací\vlc
2011-10-23 09:23:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
2011-10-23 07:50:13 ----D---- C:\Program Files\Common Files\Java
2011-10-23 07:49:51 ----A---- C:\WINDOWS\system32\javaws.exe
2011-10-23 07:49:51 ----A---- C:\WINDOWS\system32\javaw.exe
2011-10-23 07:49:51 ----A---- C:\WINDOWS\system32\java.exe
2011-10-19 13:56:51 ----D---- C:\Program Files\DivX
2011-10-19 13:55:12 ----A---- C:\Program Files\DivXInstaller.exe
2011-10-16 11:21:14 ----D---- C:\Program Files\CCleaner
2011-10-13 15:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-13 15:24:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-13 15:24:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-05 16:30:14 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-10-05 16:25:20 ----D---- C:\Program Files\FreeTime
2011-10-05 16:13:46 ----A---- C:\WINDOWS\system32\fmcodec.DLL
2011-09-29 17:36:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-09-29 17:31:34 ----D---- C:\Program Files\Google
======List of files/folders modified in the last 1 month======
2011-10-26 21:10:10 ----D---- C:\WINDOWS\Temp
2011-10-26 21:09:18 ----D---- C:\WINDOWS\Prefetch
2011-10-26 21:07:34 ----D---- C:\WINDOWS
2011-10-26 21:04:15 ----RD---- C:\Program Files
2011-10-26 21:02:50 ----SHD---- C:\WINDOWS\Installer
2011-10-26 20:57:45 ----D---- C:\WINDOWS\Debug
2011-10-26 20:56:18 ----D---- C:\WINDOWS\system32
2011-10-26 20:54:56 ----D---- C:\WINDOWS\system32\cs-cz
2011-10-26 20:54:56 ----D---- C:\WINDOWS\Media
2011-10-26 20:54:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-26 20:54:55 ----HD---- C:\WINDOWS\inf
2011-10-26 20:54:55 ----D---- C:\WINDOWS\Help
2011-10-26 20:54:55 ----D---- C:\Program Files\Internet Explorer
2011-10-26 20:54:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-10-26 20:52:56 ----D---- C:\WINDOWS\ie8updates
2011-10-26 20:52:53 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-26 20:50:45 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-26 20:50:28 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-26 19:41:28 ----D---- C:\Program Files\Opera
2011-10-26 17:29:53 ----RD---- C:\Program Files\Skype
2011-10-26 17:25:58 ----RD---- C:\Program Files\Common Files
2011-10-25 16:57:43 ----D---- C:\Documents and Settings\Petr\Data aplikací\dvdcss
2011-10-24 14:38:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-10-23 21:04:07 ----RSD---- C:\WINDOWS\assembly
2011-10-23 09:23:09 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-10-23 07:49:46 ----D---- C:\Program Files\Java
2011-10-20 07:41:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-10-19 14:00:31 ----D---- C:\Documents and Settings\Petr\Data aplikací\DivX
2011-10-16 18:33:37 ----D---- C:\Documents and Settings\Petr\Data aplikací\Skype
2011-10-13 20:11:12 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-13 15:37:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-13 15:35:28 ----D---- C:\WINDOWS\WinSxS
2011-10-13 15:25:18 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-13 15:24:32 ----D---- C:\WINDOWS\system32\drivers
2011-10-13 15:23:08 ----D---- C:\WINDOWS\ie7updates
2011-10-05 15:37:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-10-03 05:06:03 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-09-29 17:36:04 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-03-29 73600]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-27 41600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2008-04-13 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 CAM1690;USB PC Camera; C:\WINDOWS\System32\Drivers\cam1690.sys [2007-11-21 181888]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2008-04-13 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2008-04-13 220032]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-10 3536768]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2008-04-13 685056]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-09-22 43520]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-10 131139]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, moc děkuji
Zkus provést opět akci s OTL, ale proveď ji v Nouzovém režimu.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o kontrolu logu, moc děkuji
výsledeky OTL
logfile created on: 27.10.2011 8:41:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 380,20 Mb Available Physical Memory | 74,33% Memory free
1,22 Gb Paging File | 1,16 Gb Available in Paging File | 95,18% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 1,40 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 11,00 Gb Free Space | 56,32% Space Free | Partition Type: NTFS
Drive E: | 19,53 Gb Total Space | 7,72 Gb Free Space | 39,50% Space Free | Partition Type: NTFS
Drive F: | 25,69 Gb Total Space | 1,13 Gb Free Space | 4,42% Space Free | Partition Type: NTFS
Computer Name: POCITAC | User Name: Petr | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.26 19:45:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
PRC - [2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2001.10.25 18:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV - [2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.07.04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2007.11.21 17:37:06 | 000,181,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1690.sys -- (CAM1690)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004.06.10 22:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = www.alibaba.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/|http://www.google ... s:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2011.10.26 18:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Petr\Data aplikací\Mozilla\Extensions
[2011.10.26 19:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\lll1gyf1.default\extensions
[2011.10.26 19:25:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\lll1gyf1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PETR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LLL1GYF1.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2010.08.03 20:43:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
O1 HOSTS File: ([2001.10.25 18:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Nová hodnota #1 = 0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0861379890 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4D9139C-FAFA-46B2-B698-8E8754140246}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\oledb - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.03 19:31:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{47d9ebdc-9f54-11df-ab2e-00030d000001}\Shell - "" = AutoRun
O33 - MountPoints2\{47d9ebdc-9f54-11df-ab2e-00030d000001}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.26 21:33:48 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.26 21:07:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Petr\Recent
[2011.10.26 20:44:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.10.26 19:44:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2011.10.26 18:27:11 | 006,559,933 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 7.0.1.exe
[2011.10.26 18:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Mozilla
[2011.10.26 18:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2011.10.26 09:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.26 09:12:52 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\hijackthis.exe
[2011.10.26 08:58:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011.10.25 08:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Plocha\Nepoužívané odkazy plochy
[2011.10.24 10:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2011.10.24 10:22:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2011.10.23 09:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
[2011.10.23 07:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.10.23 07:49:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.10.23 07:49:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.10.23 07:49:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.10.19 13:55:12 | 004,780,600 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXInstaller.exe
[2011.08.31 15:14:39 | 002,691,072 | ---- | C] ( ) -- C:\WINDOWS\ulandi.exe
[2010.08.04 00:44:50 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2001.11.24 15:24:00 | 002,207,744 | ---- | C] ( ) -- C:\WINDOWS\System32\VBR6.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.10.27 08:43:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.27 08:38:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.27 08:37:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.27 08:30:37 | 000,043,573 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () -- C:\WINDOWS\tasks\qgfnpm.job
[2011.10.27 08:11:39 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
[2011.10.26 22:44:14 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.10.26 21:29:43 | 000,001,498 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Opera.lnk
[2011.10.26 20:55:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011.10.26 20:55:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011.10.26 19:45:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2011.10.26 18:48:41 | 006,559,933 | ---- | M] (Mozilla) -- C:\Program Files\Firefox Setup 7.0.1.exe
[2011.10.26 09:24:41 | 000,781,383 | ---- | M] () -- C:\Program Files\RSIT.exe
[2011.10.26 09:12:57 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\hijackthis.exe
[2011.10.25 14:02:08 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Petr.job
[2011.10.25 12:10:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.10.24 10:17:26 | 000,141,312 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.20 18:09:37 | 001,858,998 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2 CT.jpg
[2011.10.20 18:07:43 | 000,388,777 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 RTG.jpg
[2011.10.20 18:06:33 | 000,816,590 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 Laboratoř.jpg
[2011.10.20 18:05:17 | 001,365,998 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1.jpg
[2011.10.20 17:59:51 | 000,930,360 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2.jpg
[2011.10.20 17:57:17 | 001,176,874 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.1.jpg
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.27 08:43:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.26 21:29:43 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Opera.lnk
[2011.10.26 09:24:01 | 000,781,383 | ---- | C] () -- C:\Program Files\RSIT.exe
[2011.10.20 18:09:35 | 001,858,998 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2 CT.jpg
[2011.10.20 18:07:42 | 000,388,777 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 RTG.jpg
[2011.10.20 18:06:32 | 000,816,590 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 Laboratoř.jpg
[2011.10.20 18:05:13 | 001,365,998 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1.jpg
[2011.10.20 17:59:34 | 000,930,360 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2.jpg
[2011.10.20 17:56:58 | 001,176,874 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.1.jpg
[2011.08.20 16:01:59 | 000,000,872 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\SRDownloader.nast
[2011.04.16 10:11:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\libiconv
[2011.04.02 11:10:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011.04.02 10:47:56 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2011.04.02 10:47:56 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2011.04.02 10:47:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Petr\Data aplikací\Analog Sync
[2011.04.02 10:47:55 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2010.09.21 19:26:30 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010.09.21 19:16:31 | 000,000,073 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.09.21 19:15:51 | 000,001,264 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ss.ini
[2010.08.28 18:36:21 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\fusioncache.dat
[2010.08.21 10:40:09 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.08.21 10:17:40 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2010.08.19 15:19:46 | 000,621,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.08.04 02:27:07 | 000,141,312 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.04 01:06:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.04 00:44:51 | 000,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe
[2010.08.04 00:44:51 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2010.08.03 21:22:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.08.03 21:20:59 | 000,157,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.03 20:47:55 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.08.03 20:20:01 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.08.03 20:19:15 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.08.03 20:18:40 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010.08.03 19:34:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.08.03 19:27:44 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008.04.14 11:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.11.23 21:27:40 | 000,065,752 | ---- | C] () -- C:\WINDOWS\cam1690a.ini
[2007.11.22 13:13:24 | 000,221,184 | ---- | C] () -- C:\WINDOWS\stic1690.exe
[2007.11.21 17:37:06 | 000,181,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\cam1690.sys
[2007.11.15 17:04:06 | 000,065,673 | ---- | C] () -- C:\WINDOWS\cam1690b.ini
[2007.11.15 17:04:04 | 000,034,388 | ---- | C] () -- C:\WINDOWS\cam1690c.ini
[2007.10.18 11:06:42 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\cam1690.dll
[2007.08.29 15:40:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\cam1690m.dll
[2006.12.31 09:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2005.12.10 03:06:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005.12.10 03:06:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2005.12.10 03:06:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005.12.10 03:06:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005.12.10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005.12.10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005.12.10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005.12.10 03:06:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2005.12.10 03:06:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2005.12.10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.12.10 03:06:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.10.25 18:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 18:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 18:00:00 | 000,450,480 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 18:00:00 | 000,433,218 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 18:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 18:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 18:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 18:00:00 | 000,086,378 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 18:00:00 | 000,067,792 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 18:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 18:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 18:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 18:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 18:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.04.11 09:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\1F2CE
[2011.01.25 00:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.08.03 20:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.02.06 10:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2011.01.26 20:41:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.01.26 20:56:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2011.01.26 20:56:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2011.01.26 20:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2011.10.24 14:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2011.01.27 12:02:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2011.01.26 20:56:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2011.01.26 20:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2011.02.06 20:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Driver Whiz
[2011.06.25 14:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EasyMp3Downloader
[2011.04.02 10:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2010.09.21 19:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeRIP
[2011.04.02 20:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2011.01.24 16:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2011.10.23 09:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
[2011.01.24 16:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2011.06.04 08:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2010.11.18 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.04.02 10:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2011.04.24 22:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.11.12 16:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\AnvSoft
[2010.08.03 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Ashampoo
[2011.04.25 13:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Canon
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\EasyMp3Downloader
[2010.08.17 17:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\esmska
[2011.09.22 22:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\eType
[2010.08.04 10:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GARMIN
[2010.08.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GHISLER
[2011.06.25 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\go
[2011.04.02 11:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nikon
[2011.09.13 12:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy
[2011.04.25 07:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2010.08.21 10:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ScanSoft
[2011.08.20 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Tomato
[2011.09.23 16:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VitySoft
[2010.08.03 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
[2010.08.03 23:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Search
[2011.08.19 16:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\YouTube Downloader
[2011.10.25 12:10:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () -- C:\WINDOWS\Tasks\qgfnpm.job
[2011.10.27 08:11:39 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 10:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< MD5 for: ATAPI.SYS >
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CSRSS.EXE >
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: LSASS.EXE >
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NTFS.SYS >
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 10:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SMSS.EXE >
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 10:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 02:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.09.13 07:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL
[2010.08.25 06:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAD.DLL
[2006.09.13 07:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP86.DLL
[2010.08.25 06:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPAD.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfS2.cty
[2001.10.25 18:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 18:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.10.26 20:55:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2011.10.23 07:49:46 | 000,003,019 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.6.0_29-b11.log
[2011.10.26 20:55:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2011.10.27 08:30:37 | 000,043,573 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2011.10.27 08:38:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2010.08.03 21:20:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.08.03 21:20:19 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.08.03 21:20:18 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\qgfnpm.job
< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[9 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\libiconv
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLes.DAT
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLet.DAT
[2011.04.16 10:11:03 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLev.DAT
[2010.09.21 19:15:51 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\ss.ini
[2010.09.21 19:26:30 | 000,000,033 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2011.07.01 14:08:51 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Symantec\SymInstallStub.exe
[2011.05.29 09:24:00 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\EasyBitsGO.exe
[2011.05.29 09:24:00 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\ezShell64Run.exe
[2011.05.29 09:24:02 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\Svc\GOUpdate.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
logfile created on: 27.10.2011 8:41:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 380,20 Mb Available Physical Memory | 74,33% Memory free
1,22 Gb Paging File | 1,16 Gb Available in Paging File | 95,18% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 1,40 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 11,00 Gb Free Space | 56,32% Space Free | Partition Type: NTFS
Drive E: | 19,53 Gb Total Space | 7,72 Gb Free Space | 39,50% Space Free | Partition Type: NTFS
Drive F: | 25,69 Gb Total Space | 1,13 Gb Free Space | 4,42% Space Free | Partition Type: NTFS
Computer Name: POCITAC | User Name: Petr | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.10.26 19:45:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
PRC - [2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2001.10.25 18:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.07.04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV - [2011.07.04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.07.04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.07.04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.07.04 13:35:12 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.07.04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.07.04 13:32:13 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.07.04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2007.11.21 17:37:06 | 000,181,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1690.sys -- (CAM1690)
DRV - [2007.03.08 14:34:46 | 004,027,840 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.10.17 20:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\videX32.sys -- (videX32)
DRV - [2004.06.10 22:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)
DRV - [2003.07.02 04:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = www.alibaba.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/|http://www.google ... s:official"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2011.10.26 18:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Petr\Data aplikací\Mozilla\Extensions
[2011.10.26 19:25:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\lll1gyf1.default\extensions
[2011.10.26 19:25:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\lll1gyf1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PETR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\LLL1GYF1.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
[2010.08.03 20:43:35 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
O1 HOSTS File: ([2001.10.25 18:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe (VIA Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Nová hodnota #1 = 0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 0861379890 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B4D9139C-FAFA-46B2-B698-8E8754140246}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\oledb - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.03 19:31:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{47d9ebdc-9f54-11df-ab2e-00030d000001}\Shell - "" = AutoRun
O33 - MountPoints2\{47d9ebdc-9f54-11df-ab2e-00030d000001}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2011.10.26 21:33:48 | 000,000,000 | ---D | C] -- C:\rsit
[2011.10.26 21:07:33 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Petr\Recent
[2011.10.26 20:44:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011.10.26 19:44:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2011.10.26 18:27:11 | 006,559,933 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 7.0.1.exe
[2011.10.26 18:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Mozilla
[2011.10.26 18:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2011.10.26 09:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.10.26 09:12:52 | 000,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\hijackthis.exe
[2011.10.26 08:58:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011.10.25 08:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Plocha\Nepoužívané odkazy plochy
[2011.10.24 10:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2011.10.24 10:22:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2011.10.23 09:23:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
[2011.10.23 07:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.10.23 07:49:51 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.10.23 07:49:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.10.23 07:49:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.10.19 13:55:12 | 004,780,600 | ---- | C] (DivX, Inc.) -- C:\Program Files\DivXInstaller.exe
[2011.08.31 15:14:39 | 002,691,072 | ---- | C] ( ) -- C:\WINDOWS\ulandi.exe
[2010.08.04 00:44:50 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2001.11.24 15:24:00 | 002,207,744 | ---- | C] ( ) -- C:\WINDOWS\System32\VBR6.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.10.27 08:43:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.10.27 08:38:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.27 08:37:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.27 08:30:37 | 000,043,573 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () -- C:\WINDOWS\tasks\qgfnpm.job
[2011.10.27 08:11:39 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
[2011.10.26 22:44:14 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.10.26 21:29:43 | 000,001,498 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Opera.lnk
[2011.10.26 20:55:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011.10.26 20:55:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011.10.26 19:45:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2011.10.26 18:48:41 | 006,559,933 | ---- | M] (Mozilla) -- C:\Program Files\Firefox Setup 7.0.1.exe
[2011.10.26 09:24:41 | 000,781,383 | ---- | M] () -- C:\Program Files\RSIT.exe
[2011.10.26 09:12:57 | 000,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\hijackthis.exe
[2011.10.25 14:02:08 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Petr.job
[2011.10.25 12:10:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.10.24 10:17:26 | 000,141,312 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.20 18:09:37 | 001,858,998 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2 CT.jpg
[2011.10.20 18:07:43 | 000,388,777 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 RTG.jpg
[2011.10.20 18:06:33 | 000,816,590 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 Laboratoř.jpg
[2011.10.20 18:05:17 | 001,365,998 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1.jpg
[2011.10.20 17:59:51 | 000,930,360 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2.jpg
[2011.10.20 17:57:17 | 001,176,874 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.1.jpg
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.27 08:43:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.10.26 21:29:43 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Opera.lnk
[2011.10.26 09:24:01 | 000,781,383 | ---- | C] () -- C:\Program Files\RSIT.exe
[2011.10.20 18:09:35 | 001,858,998 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2 CT.jpg
[2011.10.20 18:07:42 | 000,388,777 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 RTG.jpg
[2011.10.20 18:06:32 | 000,816,590 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1 Laboratoř.jpg
[2011.10.20 18:05:13 | 001,365,998 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Vl. str.1.jpg
[2011.10.20 17:59:34 | 000,930,360 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.2.jpg
[2011.10.20 17:56:58 | 001,176,874 | ---- | C] () -- C:\Documents and Settings\Petr\Plocha\Helus Láďa str.1.jpg
[2011.08.20 16:01:59 | 000,000,872 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\SRDownloader.nast
[2011.04.16 10:11:02 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\libiconv
[2011.04.02 11:10:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX2.INI
[2011.04.02 10:47:56 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2011.04.02 10:47:56 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2011.04.02 10:47:56 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Petr\Data aplikací\Analog Sync
[2011.04.02 10:47:55 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2010.09.21 19:26:30 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010.09.21 19:16:31 | 000,000,073 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.09.21 19:15:51 | 000,001,264 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ss.ini
[2010.08.28 18:36:21 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\fusioncache.dat
[2010.08.21 10:40:09 | 000,000,532 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.08.21 10:17:40 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2010.08.19 15:19:46 | 000,621,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.08.04 02:27:07 | 000,141,312 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.04 01:06:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.08.04 00:44:51 | 000,135,168 | R--- | C] () -- C:\WINDOWS\UNDPX2A.exe
[2010.08.04 00:44:51 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2010.08.03 21:22:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.08.03 21:20:59 | 000,157,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.03 20:47:55 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.08.03 20:20:01 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.08.03 20:19:15 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2010.08.03 20:18:40 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2010.08.03 19:34:33 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.08.03 19:27:44 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.05.26 22:22:14 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008.05.26 22:22:10 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008.05.26 22:22:04 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008.05.26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008.05.26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008.04.14 11:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.11.23 21:27:40 | 000,065,752 | ---- | C] () -- C:\WINDOWS\cam1690a.ini
[2007.11.22 13:13:24 | 000,221,184 | ---- | C] () -- C:\WINDOWS\stic1690.exe
[2007.11.21 17:37:06 | 000,181,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\cam1690.sys
[2007.11.15 17:04:06 | 000,065,673 | ---- | C] () -- C:\WINDOWS\cam1690b.ini
[2007.11.15 17:04:04 | 000,034,388 | ---- | C] () -- C:\WINDOWS\cam1690c.ini
[2007.10.18 11:06:42 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\cam1690.dll
[2007.08.29 15:40:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\cam1690m.dll
[2006.12.31 09:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.10.27 08:26:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2005.12.10 03:06:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2005.12.10 03:06:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2005.12.10 03:06:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005.12.10 03:06:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2005.12.10 03:06:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2005.12.10 03:06:00 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2005.12.10 03:06:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2005.12.10 03:06:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2005.12.10 03:06:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2005.12.10 03:06:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.12.10 03:06:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2001.10.25 18:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 18:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 18:00:00 | 000,450,480 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 18:00:00 | 000,433,218 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 18:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 18:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 18:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 18:00:00 | 000,086,378 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 18:00:00 | 000,067,792 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 18:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 18:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 18:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 18:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 18:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011.04.11 09:24:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\1F2CE
[2011.01.25 00:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.08.03 20:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.02.06 10:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2011.01.26 20:41:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.01.26 20:56:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonEPP
[2011.01.26 20:56:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEPPEX2
[2011.01.26 20:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2011.10.24 14:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2011.01.27 12:02:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2011.01.26 20:56:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2011.01.26 20:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2011.02.06 20:42:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Driver Whiz
[2011.06.25 14:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EasyMp3Downloader
[2011.04.02 10:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2010.09.21 19:15:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FreeRIP
[2011.04.02 20:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2011.01.24 16:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2011.10.23 09:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
[2011.01.24 16:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2011.06.04 08:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanWizard
[2010.11.18 20:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.04.02 10:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2011.04.24 22:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.11.12 16:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\AnvSoft
[2010.08.03 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Ashampoo
[2011.04.25 13:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Canon
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\EasyMp3Downloader
[2010.08.17 17:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\esmska
[2011.09.22 22:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\eType
[2010.08.04 10:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GARMIN
[2010.08.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GHISLER
[2011.06.25 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\go
[2011.04.02 11:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nikon
[2011.09.13 12:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy
[2011.04.25 07:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2010.08.21 10:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ScanSoft
[2011.08.20 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Tomato
[2011.09.23 16:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VitySoft
[2010.08.03 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
[2010.08.03 23:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Search
[2011.08.19 16:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\YouTube Downloader
[2011.10.25 12:10:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () -- C:\WINDOWS\Tasks\qgfnpm.job
[2011.10.27 08:11:39 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 10:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< MD5 for: ATAPI.SYS >
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CSRSS.EXE >
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: LSASS.EXE >
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NTFS.SYS >
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 10:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SMSS.EXE >
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 10:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 02:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.09.13 07:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL
[2010.08.25 06:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAD.DLL
[2006.09.13 07:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP86.DLL
[2010.08.25 06:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPAD.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfS2.cty
[2001.10.25 18:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 18:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.10.26 20:55:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2011.10.23 07:49:46 | 000,003,019 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.6.0_29-b11.log
[2011.10.26 20:55:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2011.10.27 08:30:37 | 000,043,573 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2011.10.27 08:38:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2010.08.03 21:20:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.08.03 21:20:19 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.08.03 21:20:18 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\qgfnpm.job
< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[9 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\libiconv
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLes.DAT
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLet.DAT
[2011.04.16 10:11:03 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLev.DAT
[2010.09.21 19:15:51 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\ss.ini
[2010.09.21 19:26:30 | 000,000,033 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2011.07.01 14:08:51 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Symantec\SymInstallStub.exe
[2011.05.29 09:24:00 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\EasyBitsGO.exe
[2011.05.29 09:24:00 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\ezShell64Run.exe
[2011.05.29 09:24:02 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\Svc\GOUpdate.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
Re: Prosím o kontrolu logu, moc děkuji
druhá část logu
< %APPDATA%\*. >
[2010.08.04 00:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ABBYY
[2011.08.21 23:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2010.11.12 16:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\AnvSoft
[2011.04.24 22:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2010.08.21 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ArcSoft
[2010.08.03 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Ashampoo
[2011.04.25 13:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Canon
[2011.10.19 14:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DivX
[2011.10.25 16:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\EasyMp3Downloader
[2010.08.17 17:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\esmska
[2011.09.22 22:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\eType
[2010.08.04 10:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GARMIN
[2010.08.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GHISLER
[2011.06.25 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\go
[2011.06.15 08:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2010.08.03 19:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.03 19:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2010.08.14 20:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Media Player Classic
[2011.08.31 18:03:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2011.10.26 18:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2011.04.02 11:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nikon
[2011.09.13 12:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy
[2011.04.25 07:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2010.08.21 10:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ScanSoft
[2011.10.26 23:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.05.29 08:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.08.03 20:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.08.20 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Tomato
[2011.09.23 16:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VitySoft
[2011.10.25 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2010.08.03 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
[2010.08.03 23:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Search
[2010.08.21 16:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2011.08.19 16:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\YouTube Downloader
< %APPDATA%\*.* >
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Analog Sync
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Petr\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
[2011.09.13 12:46:11 | 000,725,688 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\et-etype-ztb.exe
[2011.09.14 14:29:55 | 002,965,360 | ---- | M] (DSNR Labs ) -- C:\Documents and Settings\Petr\Data aplikací\eType\eType.exe
[2011.04.05 15:47:00 | 000,307,568 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUninstall.exe
[2011.09.14 14:29:39 | 002,180,608 | ---- | M] (DSNR Labs) -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUpdate.exe
[2010.09.19 14:13:22 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\lzma.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_01674E926B1663894ADF2F.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_6FEFF9B68218417F98F549.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_90A49C01A1FE9CA1A4225D.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_C5405B10EB9F169777519C.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_E691E9AC3D2D574DBCB141.exe
[2011.05.12 14:49:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\ARPPRODUCTICON.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\UNINST_Uninstall_J_A3E10C17D54A4735B4E6E3B73680365E.exe
[2011.08.19 15:55:00 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\LatestDLMgr.exe
[2011.08.02 00:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\pcspeedup.exe
[2011.09.13 12:20:39 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\LatestDLMgr.exe
[2010.10.15 22:41:18 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\SpeedstarterCZ.exe
[2010.10.23 01:29:06 | 001,472,552 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\ZrychleniPocitace.exe
< %SYSTEMDRIVE%\*.exe >
< *crack* /s >
< *keygen* /s >
< *nocd* /s >
[2007.01.08 11:21:28 | 000,700,660 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook07.onepkg
[2007.01.08 11:21:30 | 002,548,414 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook06.onepkg
[2007.01.08 11:21:14 | 000,064,973 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook03.onepkg
< *nodvd* /s >
< *activator* /s >
< *AutoKMS* /s >
< *minodlogin* /s >
< *tnod* /s >
< *serial* /s >
[2011.08.31 12:01:54 | 000,000,298 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\fanserial.wordpress.com.idx
[2011.07.14 16:26:33 | 000,000,363 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2011.07.20 21:25:24 | 000,000,341 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.07.14 16:26:33 | 000,000,073 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\serialy.kinotip.cz.idx
[2011.07.20 21:26:40 | 000,000,670 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\www.serialzone.cz.idx
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.13 15:35:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.06 14:07:54 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 15:47:29 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 15:44:18 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2010.08.03 23:38:34 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 09:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *AutoRearm* /s >
< *w7lxe* /s >
< *legalizator* /s >
< *GenuineXP* /s >
< *registration* /s >
[2002.09.25 21:03:12 | 000,026,076 | ---- | M] () -- \Program Files\Common Files\Adobe\Web\Adoberegistrationcze.html
[2011.10.23 07:50:16 | 000,001,529 | ---- | M] () -- \Program Files\Java\jre6\lib\servicetag\registration.xml
[3 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
< *Office 2010* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
"AutoInstallMinorUpdates" = 1
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-23 17:16:56
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.27 08:43:23 | 000,000,512 | ---- | M] () MD5=3EDD8CB351DE60436AF507A16412D9FA -- C:\PhysicalMBR.bin
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 10:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< MD5 for: ATAPI.SYS >
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CSRSS.EXE >
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: LSASS.EXE >
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NTFS.SYS >
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 10:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SMSS.EXE >
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 10:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 02:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.09.13 07:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL
[2010.08.25 06:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAD.DLL
[2006.09.13 07:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP86.DLL
[2010.08.25 06:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPAD.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfS2.cty
[2001.10.25 18:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 18:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.10.26 20:55:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2011.10.23 07:49:46 | 000,003,019 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.6.0_29-b11.log
[2011.10.26 20:55:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2011.10.27 08:30:37 | 000,043,573 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2011.10.27 08:38:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2010.08.03 21:20:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.08.03 21:20:19 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.08.03 21:20:18 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\qgfnpm.job
< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[9 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\libiconv
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLes.DAT
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLet.DAT
[2011.04.16 10:11:03 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLev.DAT
[2010.09.21 19:15:51 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\ss.ini
[2010.09.21 19:26:30 | 000,000,033 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2011.07.01 14:08:51 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Symantec\SymInstallStub.exe
[2011.05.29 09:24:00 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\EasyBitsGO.exe
[2011.05.29 09:24:00 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\ezShell64Run.exe
[2011.05.29 09:24:02 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\Svc\GOUpdate.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2010.08.04 00:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ABBYY
[2011.08.21 23:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2010.11.12 16:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\AnvSoft
[2011.04.24 22:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2010.08.21 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ArcSoft
[2010.08.03 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Ashampoo
[2011.04.25 13:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Canon
[2011.10.19 14:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DivX
[2011.10.25 16:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\EasyMp3Downloader
[2010.08.17 17:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\esmska
[2011.09.22 22:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\eType
[2010.08.04 10:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GARMIN
[2010.08.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GHISLER
[2011.06.25 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\go
[2011.06.15 08:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2010.08.03 19:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.03 19:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2010.08.14 20:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Media Player Classic
[2011.08.31 18:03:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2011.10.26 18:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2011.04.02 11:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nikon
[2011.09.13 12:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy
[2011.04.25 07:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2010.08.21 10:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ScanSoft
[2011.10.26 23:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.05.29 08:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.08.03 20:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.08.20 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Tomato
[2011.09.23 16:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VitySoft
[2011.10.25 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2010.08.03 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
[2010.08.03 23:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Search
[2010.08.21 16:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2011.08.19 16:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\YouTube Downloader
< %APPDATA%\*.* >
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Analog Sync
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Petr\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
[2011.09.13 12:46:11 | 000,725,688 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\et-etype-ztb.exe
[2011.09.14 14:29:55 | 002,965,360 | ---- | M] (DSNR Labs ) -- C:\Documents and Settings\Petr\Data aplikací\eType\eType.exe
[2011.04.05 15:47:00 | 000,307,568 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUninstall.exe
[2011.09.14 14:29:39 | 002,180,608 | ---- | M] (DSNR Labs) -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUpdate.exe
[2010.09.19 14:13:22 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\lzma.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_01674E926B1663894ADF2F.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_6FEFF9B68218417F98F549.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_90A49C01A1FE9CA1A4225D.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_C5405B10EB9F169777519C.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_E691E9AC3D2D574DBCB141.exe
[2011.05.12 14:49:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\ARPPRODUCTICON.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\UNINST_Uninstall_J_A3E10C17D54A4735B4E6E3B73680365E.exe
[2011.08.19 15:55:00 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\LatestDLMgr.exe
[2011.08.02 00:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\pcspeedup.exe
[2011.09.13 12:20:39 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\LatestDLMgr.exe
[2010.10.15 22:41:18 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\SpeedstarterCZ.exe
[2010.10.23 01:29:06 | 001,472,552 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\ZrychleniPocitace.exe
< %SYSTEMDRIVE%\*.exe >
< *crack* /s >
< *keygen* /s >
< *nocd* /s >
[2007.01.08 11:21:28 | 000,700,660 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook07.onepkg
[2007.01.08 11:21:30 | 002,548,414 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook06.onepkg
[2007.01.08 11:21:14 | 000,064,973 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook03.onepkg
< *nodvd* /s >
< *activator* /s >
< *AutoKMS* /s >
< *minodlogin* /s >
< *tnod* /s >
< *serial* /s >
[2011.08.31 12:01:54 | 000,000,298 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\fanserial.wordpress.com.idx
[2011.07.14 16:26:33 | 000,000,363 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2011.07.20 21:25:24 | 000,000,341 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.07.14 16:26:33 | 000,000,073 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\serialy.kinotip.cz.idx
[2011.07.20 21:26:40 | 000,000,670 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\www.serialzone.cz.idx
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.13 15:35:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.06 14:07:54 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 15:47:29 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 15:44:18 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2010.08.03 23:38:34 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 09:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *AutoRearm* /s >
< *w7lxe* /s >
< *legalizator* /s >
< *GenuineXP* /s >
< *registration* /s >
[2002.09.25 21:03:12 | 000,026,076 | ---- | M] () -- \Program Files\Common Files\Adobe\Web\Adoberegistrationcze.html
[2011.10.23 07:50:16 | 000,001,529 | ---- | M] () -- \Program Files\Java\jre6\lib\servicetag\registration.xml
[3 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
< *Office 2010* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
"AutoInstallMinorUpdates" = 1
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-23 17:16:56
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.27 08:43:23 | 000,000,512 | ---- | M] () MD5=3EDD8CB351DE60436AF507A16412D9FA -- C:\PhysicalMBR.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
< End of report >
< %APPDATA%\*. >
[2010.08.04 00:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ABBYY
[2011.08.21 23:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2010.11.12 16:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\AnvSoft
[2011.04.24 22:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2010.08.21 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ArcSoft
[2010.08.03 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Ashampoo
[2011.04.25 13:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Canon
[2011.10.19 14:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DivX
[2011.10.25 16:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\EasyMp3Downloader
[2010.08.17 17:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\esmska
[2011.09.22 22:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\eType
[2010.08.04 10:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GARMIN
[2010.08.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GHISLER
[2011.06.25 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\go
[2011.06.15 08:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2010.08.03 19:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.03 19:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2010.08.14 20:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Media Player Classic
[2011.08.31 18:03:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2011.10.26 18:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2011.04.02 11:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nikon
[2011.09.13 12:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy
[2011.04.25 07:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2010.08.21 10:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ScanSoft
[2011.10.26 23:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.05.29 08:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.08.03 20:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.08.20 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Tomato
[2011.09.23 16:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VitySoft
[2011.10.25 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2010.08.03 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
[2010.08.03 23:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Search
[2010.08.21 16:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2011.08.19 16:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\YouTube Downloader
< %APPDATA%\*.* >
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Analog Sync
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Petr\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
[2011.09.13 12:46:11 | 000,725,688 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\et-etype-ztb.exe
[2011.09.14 14:29:55 | 002,965,360 | ---- | M] (DSNR Labs ) -- C:\Documents and Settings\Petr\Data aplikací\eType\eType.exe
[2011.04.05 15:47:00 | 000,307,568 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUninstall.exe
[2011.09.14 14:29:39 | 002,180,608 | ---- | M] (DSNR Labs) -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUpdate.exe
[2010.09.19 14:13:22 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\lzma.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_01674E926B1663894ADF2F.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_6FEFF9B68218417F98F549.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_90A49C01A1FE9CA1A4225D.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_C5405B10EB9F169777519C.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_E691E9AC3D2D574DBCB141.exe
[2011.05.12 14:49:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\ARPPRODUCTICON.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\UNINST_Uninstall_J_A3E10C17D54A4735B4E6E3B73680365E.exe
[2011.08.19 15:55:00 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\LatestDLMgr.exe
[2011.08.02 00:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\pcspeedup.exe
[2011.09.13 12:20:39 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\LatestDLMgr.exe
[2010.10.15 22:41:18 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\SpeedstarterCZ.exe
[2010.10.23 01:29:06 | 001,472,552 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\ZrychleniPocitace.exe
< %SYSTEMDRIVE%\*.exe >
< *crack* /s >
< *keygen* /s >
< *nocd* /s >
[2007.01.08 11:21:28 | 000,700,660 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook07.onepkg
[2007.01.08 11:21:30 | 002,548,414 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook06.onepkg
[2007.01.08 11:21:14 | 000,064,973 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook03.onepkg
< *nodvd* /s >
< *activator* /s >
< *AutoKMS* /s >
< *minodlogin* /s >
< *tnod* /s >
< *serial* /s >
[2011.08.31 12:01:54 | 000,000,298 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\fanserial.wordpress.com.idx
[2011.07.14 16:26:33 | 000,000,363 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2011.07.20 21:25:24 | 000,000,341 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.07.14 16:26:33 | 000,000,073 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\serialy.kinotip.cz.idx
[2011.07.20 21:26:40 | 000,000,670 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\www.serialzone.cz.idx
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.13 15:35:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.06 14:07:54 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 15:47:29 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 15:44:18 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2010.08.03 23:38:34 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 09:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *AutoRearm* /s >
< *w7lxe* /s >
< *legalizator* /s >
< *GenuineXP* /s >
< *registration* /s >
[2002.09.25 21:03:12 | 000,026,076 | ---- | M] () -- \Program Files\Common Files\Adobe\Web\Adoberegistrationcze.html
[2011.10.23 07:50:16 | 000,001,529 | ---- | M] () -- \Program Files\Java\jre6\lib\servicetag\registration.xml
[3 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
< *Office 2010* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
"AutoInstallMinorUpdates" = 1
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-23 17:16:56
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.27 08:43:23 | 000,000,512 | ---- | M] () MD5=3EDD8CB351DE60436AF507A16412D9FA -- C:\PhysicalMBR.bin
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 10:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< MD5 for: ATAPI.SYS >
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CSRSS.EXE >
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\csrss.exe
[2008.04.14 10:52:18 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=628CE66E3FD35BFC7969DBAC245DC069 -- C:\WINDOWS\system32\dllcache\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: LSASS.EXE >
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NTFS.SYS >
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008.04.14 02:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 10:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SMSS.EXE >
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SPOOLSV.EXE >
[2010.08.17 15:19:36 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=258DD5D4283FD9F9A7166BE9AE45CE73 -- C:\WINDOWS\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\dllcache\spoolsv.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) MD5=60784F891563FB1B767F70117FC2428F -- C:\WINDOWS\system32\spoolsv.exe
[2008.04.14 10:52:50 | 000,057,856 | ---- | M] (Microsoft Corporation) MD5=CB1090BCA0E7B40D0B5B4E4D66531809 -- C:\WINDOWS\$NtUninstallKB2347290$\spoolsv.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 02:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2006.09.13 07:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD86.DLL
[2010.08.25 06:00:00 | 000,027,648 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAD.DLL
[2006.09.13 07:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP86.DLL
[2010.08.25 06:00:00 | 000,073,216 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPAD.DLL
[2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008.07.06 14:06:10 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
< %systemroot%\system32\drivers\*.sys /5 >
< %systemroot%\system32\drivers\*.sys /X >
[2007.04.02 21:36:04 | 000,129,045 | ---- | M] () -- C:\WINDOWS\system32\drivers\cxthsfS2.cty
[2001.10.25 18:00:00 | 003,440,660 | ---- | M] () -- C:\WINDOWS\system32\drivers\gm.dls
[2001.10.25 18:00:00 | 000,000,646 | ---- | M] () -- C:\WINDOWS\system32\drivers\gmreadme.txt
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.* /5 >
[2011.10.26 20:55:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2011.10.23 07:49:46 | 000,003,019 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.6.0_29-b11.log
[2011.10.26 20:55:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2011.10.27 08:30:37 | 000,043,573 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2011.10.27 08:38:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\config\*.sav >
[2010.08.03 21:20:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.08.03 21:20:19 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.08.03 21:20:18 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\Tasks\*.job /lockedfiles >
[2011.10.27 08:30:27 | 000,000,306 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\qgfnpm.job
< %systemroot%\*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[9 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
< %systemroot%\*. /mp /s >
< %ALLUSERSPROFILE%\Data Aplikací\*.* >
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\desktop.ini
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\libiconv
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLes.DAT
[2011.04.16 10:11:02 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLet.DAT
[2011.04.16 10:11:03 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\PKP_DLev.DAT
[2010.09.21 19:15:51 | 000,001,264 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\ss.ini
[2010.09.21 19:26:30 | 000,000,033 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >
[2011.06.06 22:45:23 | 001,560,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Data Aplikací\Adobe\Setup\{AC76BA86-7AD7-1029-7B44-AA1000000001}\setup.exe
[2011.07.01 14:08:51 | 000,292,792 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\All Users\Data Aplikací\DivX\Symantec\SymInstallStub.exe
[2011.05.29 09:24:00 | 000,423,296 | ---- | M] (EasyBits Software AS) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\EasyBitsGO.exe
[2011.05.29 09:24:00 | 000,014,208 | ---- | M] () -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\ezShell64Run.exe
[2011.05.29 09:24:02 | 000,718,208 | ---- | M] (EasyBits Media) -- C:\Documents and Settings\All Users\Data Aplikací\Easybits GO\Svc\GOUpdate.exe
< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >
< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >
< %APPDATA%\*. >
[2010.08.04 00:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ABBYY
[2011.08.21 23:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2010.11.12 16:31:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\AnvSoft
[2011.04.24 22:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Apple Computer
[2010.08.21 11:04:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ArcSoft
[2010.08.03 20:57:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Ashampoo
[2011.04.25 13:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Canon
[2011.10.19 14:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DivX
[2011.10.25 16:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\dvdcss
[2011.08.20 16:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\EasyMp3Downloader
[2010.08.17 17:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\esmska
[2011.09.22 22:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\eType
[2010.08.04 10:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GARMIN
[2010.08.03 20:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\GHISLER
[2011.06.25 10:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\go
[2011.06.15 08:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2010.08.03 19:37:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.03 19:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2010.08.14 20:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Media Player Classic
[2011.08.31 18:03:29 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2011.10.26 18:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2011.04.02 11:08:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nikon
[2011.09.13 12:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy
[2011.04.25 07:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Opera
[2010.08.21 10:40:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ScanSoft
[2011.10.26 23:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.05.29 08:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.08.03 20:40:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.08.20 16:24:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Tomato
[2011.09.23 16:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VitySoft
[2011.10.25 18:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\vlc
[2010.08.03 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Desktop Search
[2010.08.03 23:57:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Windows Search
[2010.08.21 16:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\WinRAR
[2011.08.19 16:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\YouTube Downloader
< %APPDATA%\*.* >
[2011.04.16 10:11:02 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Analog Sync
[2010.08.03 21:21:42 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Petr\Data aplikací\desktop.ini
< %APPDATA%\*.exe /s >
[2011.09.13 12:46:11 | 000,725,688 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\et-etype-ztb.exe
[2011.09.14 14:29:55 | 002,965,360 | ---- | M] (DSNR Labs ) -- C:\Documents and Settings\Petr\Data aplikací\eType\eType.exe
[2011.04.05 15:47:00 | 000,307,568 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUninstall.exe
[2011.09.14 14:29:39 | 002,180,608 | ---- | M] (DSNR Labs) -- C:\Documents and Settings\Petr\Data aplikací\eType\eTypeUpdate.exe
[2010.09.19 14:13:22 | 000,083,968 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\eType\lzma.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_01674E926B1663894ADF2F.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_6FEFF9B68218417F98F549.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_90A49C01A1FE9CA1A4225D.exe
[2011.10.23 20:56:37 | 000,004,846 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_C5405B10EB9F169777519C.exe
[2011.10.23 20:56:37 | 000,105,489 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{4C77974A-75A5-44AE-9CA2-550E651D92F8}\_E691E9AC3D2D574DBCB141.exe
[2011.05.12 14:49:31 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\ARPPRODUCTICON.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
[2011.05.12 14:49:31 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Petr\Data aplikací\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\UNINST_Uninstall_J_A3E10C17D54A4735B4E6E3B73680365E.exe
[2011.08.19 15:55:00 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\LatestDLMgr.exe
[2011.08.02 00:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_3361F8EE516C4AADBF21887FBCF81B29\pcspeedup.exe
[2011.09.13 12:20:39 | 000,416,160 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\LatestDLMgr.exe
[2010.10.15 22:41:18 | 000,043,440 | ---- | M] () -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\SpeedstarterCZ.exe
[2010.10.23 01:29:06 | 001,472,552 | ---- | M] (Speedchecker Limited ) -- C:\Documents and Settings\Petr\Data aplikací\OpenCandy\OpenCandy_B08CA7DD0A664267B29A84B28936688D\ZrychleniPocitace.exe
< %SYSTEMDRIVE%\*.exe >
< *crack* /s >
< *keygen* /s >
< *nocd* /s >
[2007.01.08 11:21:28 | 000,700,660 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook07.onepkg
[2007.01.08 11:21:30 | 002,548,414 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook06.onepkg
[2007.01.08 11:21:14 | 000,064,973 | ---- | M] () -- \Program Files\Microsoft Office\Templates\1029\ONENOTE\12\Notebook Templates\Notebook03.onepkg
< *nodvd* /s >
< *activator* /s >
< *AutoKMS* /s >
< *minodlogin* /s >
< *tnod* /s >
< *serial* /s >
[2011.08.31 12:01:54 | 000,000,298 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\fanserial.wordpress.com.idx
[2011.07.14 16:26:33 | 000,000,363 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fserialy.kinotip.cz%2Ffavicon.png
[2011.07.20 21:25:24 | 000,000,341 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2011.07.14 16:26:33 | 000,000,073 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\serialy.kinotip.cz.idx
[2011.07.20 21:26:40 | 000,000,670 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Opera\Opera\icons\www.serialzone.cz.idx
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.10.13 15:35:28 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.06 14:07:54 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 15:47:29 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 15:44:18 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2010.08.03 23:38:34 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 09:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *AutoRearm* /s >
< *w7lxe* /s >
< *legalizator* /s >
< *GenuineXP* /s >
< *registration* /s >
[2002.09.25 21:03:12 | 000,026,076 | ---- | M] () -- \Program Files\Common Files\Adobe\Web\Adoberegistrationcze.html
[2011.10.23 07:50:16 | 000,001,529 | ---- | M] () -- \Program Files\Java\jre6\lib\servicetag\registration.xml
[3 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
< *Office 2010* /s >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >
"AutoInstallMinorUpdates" = 1
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-23 17:16:56
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.10.27 08:43:23 | 000,000,512 | ---- | M] () MD5=3EDD8CB351DE60436AF507A16412D9FA -- C:\PhysicalMBR.bin
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
< End of report >
Re: Prosím o kontrolu logu, moc děkuji
Extras.txt
Extras logfile created on: 27.10.2011 8:41:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 380,20 Mb Available Physical Memory | 74,33% Memory free
1,22 Gb Paging File | 1,16 Gb Available in Paging File | 95,18% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 1,40 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 11,00 Gb Free Space | 56,32% Space Free | Partition Type: NTFS
Drive E: | 19,53 Gb Total Space | 7,72 Gb Free Space | 39,50% Space Free | Partition Type: NTFS
Drive F: | 25,69 Gb Total Space | 1,13 Gb Free Space | 4,42% Space Free | Partition Type: NTFS
Computer Name: POCITAC | User Name: Petr | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\Trademanager\AliIM.exe" = C:\Program Files\Trademanager\AliIM.exe:*:Enabled:AliIM
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{14F93701-6965-4E38-880A-BE09D262922D}" = HD Photo Plug-In (BETA) for Adobe® Photoshop® software
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C77974A-75A5-44AE-9CA2-550E651D92F8}" = Day Organizer, ver. 2.2.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{8527C3D5-BA1D-46E9-88D2-AF25544311A3}" = USB Video Camera
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"avast" = avast! Free Antivirus
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.52.1100" = Opera 11.52
"VLC media player" = VLC media player 1.0.2
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3857720430.www.pcspeedup.com" = SilverlightTester Application
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.10.2011 11:04:43 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:02:45 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:02:45 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:07:50 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:07:50 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 14:53:21 | Computer Name = POCITAC | Source = Application Error | ID = 1000
Description = Chybující aplikace iesetup.exe, verze 0.0.0.0, chybující modul sqmapi.dll,
verze 0.0.0.0, adresa chyby 0x00012039.
[ System Events ]
Error - 27.10.2011 2:26:28 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD AmdK7 aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT
RasAcd
Rdbss
Tcpip
Error - 27.10.2011 2:28:45 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 27.10.2011 2:31:39 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7000
Description = Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 27.10.2011 2:38:34 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 27.10.2011 2:38:38 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD AmdK7 aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT
RasAcd
Rdbss
Tcpip
< End of report >
Extras logfile created on: 27.10.2011 8:41:39 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,48 Mb Total Physical Memory | 380,20 Mb Available Physical Memory | 74,33% Memory free
1,22 Gb Paging File | 1,16 Gb Available in Paging File | 95,18% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,77 Gb Total Space | 1,40 Gb Free Space | 14,37% Space Free | Partition Type: NTFS
Drive D: | 19,53 Gb Total Space | 11,00 Gb Free Space | 56,32% Space Free | Partition Type: NTFS
Drive E: | 19,53 Gb Total Space | 7,72 Gb Free Space | 39,50% Space Free | Partition Type: NTFS
Drive F: | 25,69 Gb Total Space | 1,13 Gb Free Space | 4,42% Space Free | Partition Type: NTFS
Computer Name: POCITAC | User Name: Petr | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe" = C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh
"C:\Program Files\Trademanager\AliIM.exe" = C:\Program Files\Trademanager\AliIM.exe:*:Enabled:AliIM
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{14F93701-6965-4E38-880A-BE09D262922D}" = HD Photo Plug-In (BETA) for Adobe® Photoshop® software
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C77974A-75A5-44AE-9CA2-550E651D92F8}" = Day Organizer, ver. 2.2.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{8527C3D5-BA1D-46E9-88D2-AF25544311A3}" = USB Video Camera
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"avast" = avast! Free Antivirus
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CCleaner" = CCleaner (remove only)
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.52.1100" = Opera 11.52
"VLC media player" = VLC media player 1.0.2
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast-Ethernet Adapter
"WebSTAR DPC2100 Uninstall" = Scientific-Atlanta WebSTAR 2000 series Cable Modem
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3857720430.www.pcspeedup.com" = SilverlightTester Application
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.10.2011 11:04:43 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:02:45 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:02:45 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:07:50 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 12:07:50 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 13:24:24 | Computer Name = POCITAC | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 26.10.2011 14:53:21 | Computer Name = POCITAC | Source = Application Error | ID = 1000
Description = Chybující aplikace iesetup.exe, verze 0.0.0.0, chybující modul sqmapi.dll,
verze 0.0.0.0, adresa chyby 0x00012039.
[ System Events ]
Error - 27.10.2011 2:26:28 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD AmdK7 aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT
RasAcd
Rdbss
Tcpip
Error - 27.10.2011 2:28:45 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 27.10.2011 2:31:39 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7000
Description = Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2
Error - 27.10.2011 2:38:34 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
Error - 27.10.2011 2:38:38 | Computer Name = POCITAC | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31
Error - 27.10.2011 2:39:29 | Computer Name = POCITAC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: Aavmker4 AFD AmdK7 aswRdr aswSnx aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT
RasAcd
Rdbss
Tcpip
< End of report >
Re: Prosím o kontrolu logu, moc děkuji
Tak jak? Jsem kozlík šikula, že?
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, moc děkuji
Ano, Kozlíku 
, sice jsi mi tam vložil jednu část logu dvakrát, ale na podruhé už by to šlo, vítej ve svém threadu. 
Jdeme na to.
Následující soubory otestuj na Jottiho stránkách.
Znovu spusť OTL.
, sice jsi mi tam vložil jednu část logu dvakrát, ale na podruhé už by to šlo, vítej ve svém threadu. Jdeme na to.
Následující soubory otestuj na Jottiho stránkách.
- C:\WINDOWS\ulandi.exe
C:\WINDOWS\System32\VBR6.exe
C:\WINDOWS\stic1690.exe
C:\WINDOWS\System32\ChCfg.exe - Klikni na Vybrat....
- Najdi soubor, který chci otestovat.
- Klikni na Odeslat soubor a vyčkej na dokončení scanu.
- Výsledek analýzy mi sem vlož (jako odkaz).
Znovu spusť OTL.
- Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
- Do spodního okénka Vlastní skenování/opravy vlož tento skript:
Kód: Vybrat vše
:OTL
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = www.alibaba.com
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O18 - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18 - Protocol\Handler\msdaipp\oledb - No CLSID value found
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[21 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[11 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[9 C:\WINDOWS\Temp\_avast_\*.tmp files -> C:\WINDOWS\Temp\_avast_\*.tmp -> ]
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
:Files
%windir%\*.tmp /s
%windir%\system32\SET*.tmp /s
%windir%\system32\*.tmp.dll /s
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar
C:\WINDOWS\tasks\qgfnpm.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job
C:\WINDOWS\tasks\Norton Security Scan for Petr.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]- Klikni na tlačítko [Opravit].
- Po dokončení skenu se objeví log, ten mi sem vlož.
- Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o kontrolu logu, moc děkuji
log po opravě, jen malá poznámka, musel jsem pak restartovat, zamrznul comp, to je běžné?
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\0x00000001\ deleted successfully.
File Protocol\Handler\ipp\0x00000001 - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ deleted successfully.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ deleted successfully.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP269.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP288.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP419.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP419.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP49.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP501.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP528.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5D0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP813.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP94.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF.tmp\System.Web.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI12C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI130.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1D6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI23C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI71.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_1C690.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_1C690.tmp folder deleted successfully.
C:\WINDOWS\Temp\_avast_\unp119537443.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp138923685.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp1782830.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp193801290.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp203805724.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp30575190.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp83640135.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp96398715.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar\Update folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar\Languages folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar folder moved successfully.
C:\WINDOWS\tasks\qgfnpm.job moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job moved successfully.
C:\WINDOWS\tasks\Norton Security Scan for Petr.job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 41227 bytes
User: NetworkService
->Temp folder emptied: 1759114 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Petr
->Temp folder emptied: 2832 bytes
->Temporary Internet Files folder emptied: 5275893 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 27248125 bytes
->Opera cache emptied: 11526393 bytes
->Flash cache emptied: 456 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 232715 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 103858105 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 307799 bytes
Total Files Cleaned = 143,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Petr
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.31.0 log created on 10292011_114126
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\0x00000001\ deleted successfully.
File Protocol\Handler\ipp\0x00000001 - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ deleted successfully.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ deleted successfully.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP269.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP288.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP419.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP419.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP49.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP501.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP528.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5D0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP813.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP94.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF.tmp\System.Web.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI12C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI12F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI130.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1D6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI23C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI71.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_1C690.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_1C690.tmp folder deleted successfully.
C:\WINDOWS\Temp\_avast_\unp119537443.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp138923685.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp1782830.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp193801290.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp203805724.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp30575190.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp83640135.tmp deleted successfully.
C:\WINDOWS\Temp\_avast_\unp96398715.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:661DFA1C deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar\Update folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar\Languages folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SpeedUpToolbar folder moved successfully.
C:\WINDOWS\tasks\qgfnpm.job moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{137784BD-0DCF-40A1-91CE-C340ED88FC3A}.job moved successfully.
C:\WINDOWS\tasks\Norton Security Scan for Petr.job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 41227 bytes
User: NetworkService
->Temp folder emptied: 1759114 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Petr
->Temp folder emptied: 2832 bytes
->Temporary Internet Files folder emptied: 5275893 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 27248125 bytes
->Opera cache emptied: 11526393 bytes
->Flash cache emptied: 456 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 232715 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 103858105 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 307799 bytes
Total Files Cleaned = 143,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Petr
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.31.0 log created on 10292011_114126
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, moc děkuji
Běžné to není, ale nic, čeho by ses měl obávat. Některým uživatelům to projede v pořádku, některým to dokonce nejde spustit vůbec, je to podle systému i hardware a podobně. Restart by proběhl stejně, zadal jsem to do příkazů. 
Soubory jsou čisté, takže pohoda. 
Jinak nám OTL provedlo, co mělo, tak můžeme dočistit a máme hotovo. 
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stáhni a spusť.
- Klikni na CleanUp a potvrď YES.
- Program uklidí a může (nemusí) restartovat PC.
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stáhni a spusť.
- Klikni na Start a potvrď OK.
- Program uklidí a může (nemusí) restartovat PC.
- Po použití utilitu smaž.
Pokud nemáš, stáhni CCleaner z tohoto odkazu.
- Panel čistič
- Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
- Panel registry
- Klikni na Hledej problémy.
- Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
- Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
- Panel nástroje
- Zde můžeš odinstalovat nepotřebné programy.
CCleaner doporučuji používat cca jednou za týden.... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Prosím o kontrolu logu, moc děkuji
OTC hotovo
TFC hotovo
CCleaner hotovo
moc děkuji frčí to jak ďábel:-))) místo na disku také dostatečné
TFC hotovo
CCleaner hotovo
moc děkuji frčí to jak ďábel:-))) místo na disku také dostatečné
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu, moc děkuji
Super, to mám radost. Není větší potěšení než spokojený zákazník.
Děkuji osobně i za super závěrečnou SZ.
Jinak opravdu není vůbec zač a rádo se stalo.
Přeji pěkný den. 
Není větší potěšení než spokojený zákazník. Děkuji osobně i za super závěrečnou SZ.
Jinak opravdu není vůbec zač a rádo se stalo.
Přeji pěkný den. --- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Přispějete na provoz fóra?