Ahoj, prosím o kontrolu logu, děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by User 3 at 2012-01-27 12:04:58
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 53 GB (69%) free of 76 GB
Total RAM: 495 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:02, on 27.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\User 3\Plocha\RSIT.exe
C:\Program Files\trend micro\User 3.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 4392 bytes
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{A89AED22-9133-424c-88E7-C8235C5FF302}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-03-01 577536]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-11-24 98304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\67083867309921550315285524447684]
C:\Program Files\Antivirus 2009\av2009.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disk Knight]
C:\WINDOWS\Knight.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe]
dxdllreg.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task]
C:\Program Files\QuickTime\qttask.exe [2007-11-24 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^nabídka start^programy^po spuštění^adobe reader speed launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^nabídka start^programy^po spuštění^hp digital imaging monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^user 3^nabídka start^programy^po spuštění^rncsys32.exe]
C:\Documents and Settings\User 3\Nabídka Start\Programy\Po spuštění\rncsys32.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\User 3\Plocha\sdc203\StrongDC.exe"="C:\Documents and Settings\User 3\Plocha\sdc203\StrongDC.exe:*:Enabled:StrongDC++"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"\"="C:\WINDOWS\TEMP\8.tmp:*:Enabled:KL"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.LEAD"=LCODCCMP.DLL
"vidc.tscc"=tsccvid.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
======List of files/folders created in the last 1 month======
2012-01-27 12:04:59 ----D---- C:\Program Files\trend micro
2012-01-27 12:04:58 ----D---- C:\rsit
======List of files/folders modified in the last 1 month======
2012-01-27 12:04:59 ----RD---- C:\Program Files
2012-01-27 12:04:50 ----D---- C:\WINDOWS\Prefetch
2012-01-27 11:52:59 ----D---- C:\WINDOWS\Temp
2012-01-27 07:00:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-26 19:50:03 ----D---- C:\WINDOWS\system32
2012-01-26 19:50:01 ----D---- C:\Program Files\Mozilla Firefox
2012-01-11 20:23:57 ----D---- C:\WINDOWS\system32\CatRoot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-12-24 715248]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-10-19 43672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 ddnt;ddnt; \??\C:\WINDOWS\system32\drivers\ddnt.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-03-01 3959360]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-17 606556]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-01-18 80512]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 2a99bad0;2a99bad0; C:\WINDOWS\System32\drivers\2a99bad0.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim a pekny den preji 
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Děkuji a vkládám oba logy z OTL.
Extras.txt
OTL Extras logfile created on: 29.1.2012 10:39:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\User 3\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
494,73 Mb Total Physical Memory | 118,73 Mb Available Physical Memory | 24,00% Memory free
1,13 Gb Paging File | 0,88 Gb Available in Paging File | 77,82% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 51,44 Gb Free Space | 69,02% Space Free | Partition Type: NTFS
Drive D: | 669,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER1 | User Name: User 3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Documents and Settings\User 3\Plocha\sdc203\StrongDC.exe" = C:\Documents and Settings\User 3\Plocha\sdc203\StrongDC.exe:*:Enabled:StrongDC++
"\" = C:\WINDOWS\TEMP\8.tmp:*:Enabled:KL
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B7BA3EE-D7AC-494E-999D-DA58D6D01DAC}" = LG_MobileSync
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{22F7F88D-F703-4BC1-AB33-3058607EA9AA}" = Nápověda ACTIVstudio PE (CZE)
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{45A54FAD-AADB-4CD2-9E56-2507A15F013D}" = Opera 9.23
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Ultra Edition
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{5628829F-3318-4DDA-988D-D301832F1611}" = Singles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B4D050BA-F0A6-4F57-A0AC-CDCE03EA9B62}" = ACTIVstudio Professional Edition
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{D8DBFDAE-2865-473C-B7E2-48C5CE2DAAB1}" = Prostředky ACTIVstudio (CZE)
"{E69D87A4-3C84-4580-9315-5ECE4817E9D8}" = Příručky ACTIVstudio PE (CZE)
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alex the Allegator 4_is1" = Alex4 v1.0
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.4
"Český jazyk - Přijímací zkoušky na střední školy" = Český jazyk - Přijímací zkoušky na střední školy
"FlyOrDie™ GemJam™ Gold_is1" = FlyOrDie GemJam Gold 1.15b
"ft_Transport Tycoon Deluxe" = Transport Tycoon Deluxe
"HijackThis" = HijackThis 1.99.1
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{22F7F88D-F703-4BC1-AB33-3058607EA9AA}" = Nápověda ACTIVstudio PE (CZE) v2.5.2
"InstallShield_{B4D050BA-F0A6-4F57-A0AC-CDCE03EA9B62}" = ACTIVstudio Professional Edition v2.5.101
"InstallShield_{D8DBFDAE-2865-473C-B7E2-48C5CE2DAAB1}" = Prostředky ACTIVstudio (CZE) v2.5.1
"InstallShield_{E69D87A4-3C84-4580-9315-5ECE4817E9D8}" = Příručky ACTIVstudio PE (CZE) v2.5.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MotoGP_is1" = MotoGP
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Přijímací zkoušky na střední školy" = Přijímací zkoušky na střední školy
"QuickTime" = QuickTime
"Santa Claus in Trouble" = Santa Claus in Trouble
"Sbírka úloh z fyziky pro SŠ_is1" = Prometheus Sbírka úloh z fyziky pro SŠ 1.0
"Shockwave" = Shockwave
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25.6.2009 12:47:53 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace 8.tmp, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x10006c7e.
Error - 26.6.2009 4:16:11 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace 8.tmp, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x10006c7e.
Error - 27.6.2009 10:06:37 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace 8.tmp, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x10006c7e.
Error - 28.6.2009 8:47:22 | Computer Name = USER1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace nero.exe, verze 7.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.10.2009 9:07:24 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3526, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00350100.
Error - 22.10.2009 11:41:19 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3526, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x07eb6dd2.
Error - 24.10.2009 14:53:16 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3526, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x0652c5e2.
Error - 1.11.2009 13:51:43 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3576, chybující modul
js3250.dll, verze 4.0.0.0, adresa chyby 0x0000a3a3.
Error - 3.12.2009 14:28:06 | Computer Name = USER1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 11.0.5604.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.12.2009 14:29:14 | Computer Name = USER1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.0.3576, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 28.1.2012 15:28:06 | Computer Name = USER1 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 15:28:06 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 15:28:06 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Mozilla Firefox\components\browsercomps.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 28.1.2012 16:40:49 | Computer Name = USER1 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 16:40:49 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 16:40:49 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Mozilla Firefox\components\browsercomps.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 29.1.2012 5:35:43 | Computer Name = USER1 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 29.1.2012 5:35:48 | Computer Name = USER1 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 29.1.2012 5:35:48 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 29.1.2012 5:35:48 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Mozilla Firefox\components\browsercomps.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
< End of report >
OTL.txt
OTL logfile created on: 29.1.2012 10:39:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\User 3\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
494,73 Mb Total Physical Memory | 118,73 Mb Available Physical Memory | 24,00% Memory free
1,13 Gb Paging File | 0,88 Gb Available in Paging File | 77,82% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 51,44 Gb Free Space | 69,02% Space Free | Partition Type: NTFS
Drive D: | 669,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER1 | User Name: User 3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.01.29 10:37:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User 3\Plocha\OTL.exe
PRC - [2012.01.15 21:29:15 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.03.01 09:22:04 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003.08.04 16:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.15 21:29:14 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.06.02 17:27:49 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2004.01.05 13:04:56 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2009.09.29 17:18:19 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\2a99bad0.sys -- (2a99bad0)
DRV - [2007.12.24 12:29:41 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.11.24 17:14:27 | 000,007,072 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ddnt.sys -- (ddnt)
DRV - [2007.10.19 16:58:38 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2006.03.01 08:39:10 | 003,959,360 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.01.18 11:41:00 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004.08.17 14:45:18 | 000,606,556 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003.07.16 07:27:40 | 000,043,264 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.3&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.15 21:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.12 14:32:02 | 000,000,000 | ---D | M]
[2009.03.26 16:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Extensions
[2012.01.04 21:29:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\extensions
[2012.01.04 21:29:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.24 15:23:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-1.xml
[2009.03.26 16:58:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-10.xml
[2009.04.23 07:11:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-11.xml
[2009.05.01 08:18:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-12.xml
[2009.06.20 12:58:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-13.xml
[2009.07.24 18:27:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-14.xml
[2009.08.21 17:23:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-15.xml
[2009.09.11 19:50:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-16.xml
[2009.10.30 15:18:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-17.xml
[2009.12.20 17:29:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-18.xml
[2010.01.08 21:51:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-19.xml
[2008.03.27 17:10:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-2.xml
[2010.02.20 12:15:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-20.xml
[2010.04.01 11:26:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-21.xml
[2011.04.10 15:11:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-22.xml
[2011.05.03 19:20:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-23.xml
[2011.06.23 20:42:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-24.xml
[2011.08.20 20:15:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-25.xml
[2011.08.31 14:36:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-26.xml
[2011.09.08 13:52:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-27.xml
[2011.09.14 18:05:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-28.xml
[2011.11.11 21:14:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-29.xml
[2008.04.17 07:06:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-3.xml
[2011.12.12 14:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-30.xml
[2012.01.15 21:29:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-31.xml
[2012.01.15 21:30:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-32.xml
[2008.07.02 17:17:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-4.xml
[2008.07.18 08:54:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-5.xml
[2008.07.19 15:55:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-6.xml
[2008.09.26 19:13:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-7.xml
[2008.11.19 14:15:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-8.xml
[2009.01.13 20:50:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-9.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin.xml
[2011.12.12 14:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.31 15:31:23 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.12.24 12:32:28 | 000,000,000 | ---D | M] (AdVantage) -- C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER 3\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\9EPX7XGD.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2012.01.15 21:29:15 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.15 21:29:11 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.15 21:29:11 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.05.03 19:20:14 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.01.15 21:29:11 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.15 21:29:11 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.15 21:29:11 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2008.07.15 09:23:10 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-710420126-730036369-1431610262-1006\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [userinit] C:\WINDOWS\system32\sdra64.exe File not found
O4 - HKU\S-1-5-18..\Run: [userinit] C:\WINDOWS\system32\sdra64.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-710420126-730036369-1431610262-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF78A8FE-01B0-4FF9-8281-69FEB89388A2}: DhcpNameServer = 10.0.0.138 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User 3\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User 3\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.06.16 16:55:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6c6d8b26-3516-11df-b2da-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{6c6d8b26-3516-11df-b2da-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{7bd1faf0-147a-11e1-b6dd-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{7bd1faf0-147a-11e1-b6dd-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{8791cbf8-978a-11e0-b56c-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{8791cbf8-978a-11e0-b56c-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24730-e0bd-11dd-b0ee-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24730-e0bd-11dd-b0ee-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24731-e0bd-11dd-b0ee-0016767322ac}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24731-e0bd-11dd-b0ee-0016767322ac}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{a2ffa219-01f1-11df-b297-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{a2ffa219-01f1-11df-b297-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\auto\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\explore\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\find\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\install\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\open\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b94297ab-fdbb-11dd-b121-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{b94297ab-fdbb-11dd-b121-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bd5ea97c-2197-11db-ad63-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bd5ea97c-2197-11db-ad63-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bfd1c8b4-b2d3-11dc-af3a-0016767322ac}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bfd1c8b4-b2d3-11dc-af3a-0016767322ac}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{c35db6b8-b213-11dc-af38-0016767322ac}\Shell - "" = AutoRun
O33 - MountPoints2\{c35db6b8-b213-11dc-af38-0016767322ac}\Shell\AutoRun\command - "" = E:\Setupx.exe
O33 - MountPoints2\{d083956c-81dc-11e0-b530-0016767322ac}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe
O33 - MountPoints2\{d1094190-1281-11db-ad53-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{d1094190-1281-11db-ad53-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{feb47370-4886-11de-b18d-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{feb47370-4886-11de-b18d-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.01.29 10:37:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User 3\Plocha\OTL.exe
[2012.01.27 12:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.27 12:04:58 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.01.29 10:44:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.29 10:37:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User 3\Plocha\OTL.exe
[2012.01.29 10:35:44 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.29 10:35:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.27 12:04:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\RSIT.exe
[2012.01.26 19:54:59 | 000,106,203 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\3.lf uk.pdf
[2012.01.26 19:46:54 | 000,103,926 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\2.lf uk přihláška.pdf
[2012.01.26 19:36:03 | 000,105,026 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\1.lf uk přihláška.pdf
[2012.01.26 19:29:20 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\Microsoft Office Word 2003.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.29 10:44:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.27 12:04:24 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\RSIT.exe
[2012.01.26 19:54:58 | 000,106,203 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\3.lf uk.pdf
[2012.01.26 19:46:53 | 000,103,926 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\2.lf uk přihláška.pdf
[2012.01.26 19:36:02 | 000,105,026 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\1.lf uk přihláška.pdf
[2011.03.28 12:50:04 | 000,103,509 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2011.03.28 12:50:03 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2009.11.12 16:28:37 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2009.06.19 13:32:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\2a99bad0.sys
[2009.01.12 16:16:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008.02.06 16:09:47 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.24 17:14:27 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\ddvdd.dll
[2007.11.24 17:14:27 | 000,007,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\ddnt.sys
[2007.08.02 19:22:20 | 000,024,576 | ---- | C] () -- C:\WINDOWS\UniFISH.exe
[2007.07.04 11:37:57 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\User 3\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.09.12 11:08:38 | 006,172,672 | ---- | C] () -- C:\WINDOWS\System32\HwRecogK.dll
[2006.08.17 20:00:32 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\User 3\Local Settings\Data aplikací\fusioncache.dat
[2006.08.14 09:56:52 | 007,946,240 | ---- | C] () -- C:\WINDOWS\System32\HWRecogT.dll
[2006.08.13 17:48:58 | 015,147,008 | ---- | C] () -- C:\WINDOWS\System32\HWRecog.dll
[2006.07.10 17:44:12 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.07.10 17:43:59 | 000,005,839 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006.07.10 17:43:04 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.06.16 18:44:06 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.06.16 18:43:01 | 000,250,288 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.06.16 17:51:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.06.16 17:29:01 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006.06.16 17:28:35 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.06.16 16:57:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.06.16 16:52:29 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 13:00:00 | 000,383,390 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,382,822 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 13:00:00 | 000,063,328 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,053,744 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.03.01 06:53:21 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.09.30 10:47:47 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003.09.30 10:47:47 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.09.30 10:47:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.30 10:47:47 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003.09.30 10:47:46 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003.09.30 10:47:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.08.07 14:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003.03.24 06:03:00 | 000,279,552 | ---- | C] () -- C:\WINDOWS\System32\FGWVB32.DLL
[2002.09.24 13:19:02 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\DD32.dll
[1998.03.26 01:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
========== LOP Check ==========
[2007.11.24 17:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACTIV Software
[2010.10.31 21:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.06.24 19:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2009.11.19 17:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Prometheus
[2008.08.24 16:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.07.03 10:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Common Files
[2007.12.24 12:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\DAEMON Tools
[2011.10.05 16:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ
[2007.09.04 13:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ Toolbar
[2009.01.12 16:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\LGSync
[2007.09.13 19:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Opera
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[3 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.03.23 18:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Adobe
[2007.09.04 13:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\AdobeUM
[2007.12.24 12:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Ahead
[2009.07.03 10:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Common Files
[2007.12.24 12:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\DAEMON Tools
[2009.07.03 10:55:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\HP
[2011.10.05 16:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ
[2007.09.04 13:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ Toolbar
[2006.06.16 18:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Identities
[2007.09.02 09:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\InstallShield
[2009.01.12 16:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\LGSync
[2007.08.05 20:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Macromedia
[2007.12.06 20:50:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\User 3\Data aplikací\Microsoft
[2009.03.26 16:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Mozilla
[2007.09.13 19:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Opera
[2006.07.10 17:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Talkback
[2009.02.18 13:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\U3
< %APPDATA%\*.exe /s >
[2007.09.13 19:29:43 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\User 3\Data aplikací\Microsoft\Installer\{45A54FAD-AADB-4CD2-9E56-2507A15F013D}\ARPPRODUCTICON.exe
[2005.06.06 10:29:14 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\U3\temp\cleanup.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.12.24 12:29:41 | 000,715,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.06.16 18:42:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.06.16 18:42:20 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.06.16 18:42:20 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.01.29 10:35:44 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %fystemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %fystemRoot%\system32\svchost.exe -k netsvcs
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.01.15 21:29:15 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.04.25 06:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2007.08.09 11:21:56 | 000,079,360 | ---- | M] (Opera Software) MD5=C3ED9C39E4AC0921FA38BB4044DC0AB8 -- C:\Program Files\Opera\Opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.29 10:44:29 | 000,000,512 | ---- | M] () MD5=09B136ACE6AB8A40F5974CFDDCCA4253 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2005.02.20 19:00:44 | 000,021,443 | ---- | M] () -- \Documents and Settings\User 3\Dokumenty\tomas\rallychampionshipxtremenocdcrackrp.zip
[2011.04.24 11:54:26 | 000,005,320 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\cracker1--c54xc54[1].png
[2003.10.03 16:08:10 | 000,000,198 | ---- | M] () -- \Program Files\Singles\GameObject\crackerBox.ago
[2003.12.23 19:51:00 | 000,003,461 | ---- | M] () -- \Program Files\Singles\GuiTexture\MenuIconcracker.png
[2003.12.30 12:58:26 | 000,003,219 | ---- | M] () -- \Program Files\Singles\GuiTexture\MenuIconcrackerBox.png
[2003.06.08 15:19:04 | 000,003,468 | ---- | M] () -- \Program Files\Singles\Mesh\cracker.ams
[2003.12.29 11:06:30 | 000,013,520 | ---- | M] () -- \Program Files\Singles\Mesh\crackerBox.ams
[2004.01.17 22:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\Mesh\col\cracker.rdd
[2004.01.17 22:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\Mesh\col\crackerBox.rdd
[2004.01.17 22:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\MeshLow\col\cracker.rdd
[2004.01.17 22:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\MeshLow\col\crackerBox.rdd
[2004.01.17 22:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\MeshMid\col\cracker.rdd
[2004.01.17 22:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\MeshMid\col\crackerBox.rdd
[2004.02.25 11:15:38 | 000,174,904 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.dds
[2003.06.01 11:50:36 | 000,306,372 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.png
< *keygen* /s >
< *loader* /s >
[2012.01.26 07:10:10 | 000,003,687 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\168VTKWV\loader[1].js
[2007.09.25 16:17:47 | 000,002,931 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\1RH7JW0O\preloader[1].swf
[2011.04.21 08:45:36 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\loader[1].js
[2011.04.30 07:45:18 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\loader[2].js
[2011.04.19 08:44:34 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\logoloader[1].js
[2011.04.28 07:36:11 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\logoloader[2].js
[2011.05.04 06:12:49 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\logoloader[3].js
[2011.03.27 09:51:51 | 000,002,576 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\preloader2[1].gif
[2011.03.28 20:06:20 | 000,001,891 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\preloader[1].js
[2011.03.27 09:51:53 | 000,000,330 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\stin_preloader[1].png
[2011.05.17 12:00:50 | 000,006,820 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\DCEYH65M\ajax-loader-big[1].gif
[2011.05.17 12:01:53 | 000,001,849 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\DCEYH65M\ajax-loader[1].gif
[2011.04.15 08:14:53 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\loader[1].js
[2011.04.16 05:04:17 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\loader[2].js
[2011.04.29 09:44:34 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\loader[3].js
[2011.04.21 08:45:36 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\logoloader[1].js
[2011.04.30 07:45:18 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\logoloader[2].js
[2011.12.02 12:32:13 | 000,000,996 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\Q5SUW0KW\flashloader[1].js
[2011.12.02 12:33:49 | 000,000,996 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\U1CZUNHE\flashloader[1].js
[2011.05.17 12:04:52 | 000,010,819 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\UDU7ICGX\ajax-loader[1].gif
[2011.05.16 16:53:12 | 000,002,931 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\UDU7ICGX\preloader[1].swf
[2011.04.08 07:57:22 | 000,010,819 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\ajax-loader[1].gif
[2011.04.19 08:44:34 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader[1].js
[2011.04.28 07:36:11 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader[2].js
[2011.05.04 06:12:50 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader[3].js
[2011.05.06 06:14:30 | 000,001,849 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader_grey_small[1].gif
[2011.04.22 08:31:02 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\logoloader[1].js
[2011.03.28 20:06:20 | 000,002,931 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\preloader[1].swf
[2011.04.22 08:31:02 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\loader[1].js
[2011.05.06 06:14:01 | 000,003,208 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\loader_grey_big[1].gif
[2011.04.15 08:14:52 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\logoloader[1].js
[2011.04.16 05:04:17 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\logoloader[2].js
[2011.04.29 09:44:34 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\logoloader[3].js
[2011.04.09 09:25:49 | 000,014,038 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\SolmetraUploader[1].js
[2003.09.04 08:28:12 | 000,015,227 | ---- | M] () -- \Program Files\Common Files\HP\Memories Disc\2.0\pcexp\COMMON\VIEW\INCLUDE\LOADER.JS
[2001.01.16 05:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 03:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2010.10.31 21:28:12 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.10.31 21:28:12 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.10.31 21:28:13 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.10.31 21:28:12 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.16 16:02:02 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.02.18 16:21:28 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.02.18 16:21:29 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
< End of report >
Extras.txt
OTL Extras logfile created on: 29.1.2012 10:39:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\User 3\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
494,73 Mb Total Physical Memory | 118,73 Mb Available Physical Memory | 24,00% Memory free
1,13 Gb Paging File | 0,88 Gb Available in Paging File | 77,82% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 51,44 Gb Free Space | 69,02% Space Free | Partition Type: NTFS
Drive D: | 669,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER1 | User Name: User 3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Documents and Settings\User 3\Plocha\sdc203\StrongDC.exe" = C:\Documents and Settings\User 3\Plocha\sdc203\StrongDC.exe:*:Enabled:StrongDC++
"\" = C:\WINDOWS\TEMP\8.tmp:*:Enabled:KL
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B7BA3EE-D7AC-494E-999D-DA58D6D01DAC}" = LG_MobileSync
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{1F7473D9-6C0B-4F5A-8FA4-AB8AD78CBE54}" = DocProc
"{22F7F88D-F703-4BC1-AB33-3058607EA9AA}" = Nápověda ACTIVstudio PE (CZE)
"{29B50D30-EAFC-4cea-9F76-3A0E3729E9B0}" = SkinsHP1
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{34957B51-9676-41CE-9E52-44AE91B73F1C}" = HP Software Update
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{45A54FAD-AADB-4CD2-9E56-2507A15F013D}" = Opera 9.23
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Ultra Edition
"{48242276-DB89-42e8-9678-BD4280D7B99A}" = Copy
"{5628829F-3318-4DDA-988D-D301832F1611}" = Singles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{723C033E-63EA-4227-BAB2-0AA8693C16EB}" = Director
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{81DD5688-695A-4c1d-AE7D-368BF857725A}" = TrayApp
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9B03C535-3AEA-4ef2-B326-0A01A2207034}" = CreativeProjects
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B4D050BA-F0A6-4F57-A0AC-CDCE03EA9B62}" = ACTIVstudio Professional Edition
"{BC339BFD-F550-471a-8D26-4D08126C62F7}" = SkinsHP2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE3E0AF-73BB-4c21-8B96-B09E003EDE7F}" = QuickProjects
"{D8DBFDAE-2865-473C-B7E2-48C5CE2DAAB1}" = Prostředky ACTIVstudio (CZE)
"{E69D87A4-3C84-4580-9315-5ECE4817E9D8}" = Příručky ACTIVstudio PE (CZE)
"{E8BFBD0A-8002-4dc9-869C-E495FA9DCE7A}" = PhotoGallery
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"{FF102450-55AA-4AE1-ACE4-E271E2470C83}" = hpmdtab
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alex the Allegator 4_is1" = Alex4 v1.0
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.2.4
"Český jazyk - Přijímací zkoušky na střední školy" = Český jazyk - Přijímací zkoušky na střední školy
"FlyOrDie™ GemJam™ Gold_is1" = FlyOrDie GemJam Gold 1.15b
"ft_Transport Tycoon Deluxe" = Transport Tycoon Deluxe
"HijackThis" = HijackThis 1.99.1
"HP Photo & Imaging" = HP Image Zone 4.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{22F7F88D-F703-4BC1-AB33-3058607EA9AA}" = Nápověda ACTIVstudio PE (CZE) v2.5.2
"InstallShield_{B4D050BA-F0A6-4F57-A0AC-CDCE03EA9B62}" = ACTIVstudio Professional Edition v2.5.101
"InstallShield_{D8DBFDAE-2865-473C-B7E2-48C5CE2DAAB1}" = Prostředky ACTIVstudio (CZE) v2.5.1
"InstallShield_{E69D87A4-3C84-4580-9315-5ECE4817E9D8}" = Příručky ACTIVstudio PE (CZE) v2.5.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MotoGP_is1" = MotoGP
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Přijímací zkoušky na střední školy" = Přijímací zkoušky na střední školy
"QuickTime" = QuickTime
"Santa Claus in Trouble" = Santa Claus in Trouble
"Sbírka úloh z fyziky pro SŠ_is1" = Prometheus Sbírka úloh z fyziky pro SŠ 1.0
"Shockwave" = Shockwave
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Zoo Tycoon 1.0" = Microsoft Zoo Tycoon
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 25.6.2009 12:47:53 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace 8.tmp, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x10006c7e.
Error - 26.6.2009 4:16:11 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace 8.tmp, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x10006c7e.
Error - 27.6.2009 10:06:37 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace 8.tmp, verze 0.0.0.0, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x10006c7e.
Error - 28.6.2009 8:47:22 | Computer Name = USER1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace nero.exe, verze 7.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 19.10.2009 9:07:24 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3526, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00350100.
Error - 22.10.2009 11:41:19 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3526, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x07eb6dd2.
Error - 24.10.2009 14:53:16 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3526, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x0652c5e2.
Error - 1.11.2009 13:51:43 | Computer Name = USER1 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3576, chybující modul
js3250.dll, verze 4.0.0.0, adresa chyby 0x0000a3a3.
Error - 3.12.2009 14:28:06 | Computer Name = USER1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 11.0.5604.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.12.2009 14:29:14 | Computer Name = USER1 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.0.3576, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 28.1.2012 15:28:06 | Computer Name = USER1 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 15:28:06 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 15:28:06 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Mozilla Firefox\components\browsercomps.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 28.1.2012 16:40:49 | Computer Name = USER1 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 16:40:49 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 28.1.2012 16:40:49 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Mozilla Firefox\components\browsercomps.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
Error - 29.1.2012 5:35:43 | Computer Name = USER1 | Source = Service Control Manager | ID = 7000
Description = Služba Automatické aktualizace neuspěla při spuštění v důsledku následující
chyby: %%2
Error - 29.1.2012 5:35:48 | Computer Name = USER1 | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .
Error - 29.1.2012 5:35:48 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .
Error - 29.1.2012 5:35:48 | Computer Name = USER1 | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\Program Files\Mozilla Firefox\components\browsercomps.dll
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .
< End of report >
OTL.txt
OTL logfile created on: 29.1.2012 10:39:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\User 3\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
494,73 Mb Total Physical Memory | 118,73 Mb Available Physical Memory | 24,00% Memory free
1,13 Gb Paging File | 0,88 Gb Available in Paging File | 77,82% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,53 Gb Total Space | 51,44 Gb Free Space | 69,02% Space Free | Partition Type: NTFS
Drive D: | 669,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: USER1 | User Name: User 3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.01.29 10:37:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User 3\Plocha\OTL.exe
PRC - [2012.01.15 21:29:15 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.03.01 09:22:04 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003.08.04 16:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.15 21:29:14 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.06.02 17:27:49 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2004.01.05 13:04:56 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2009.09.29 17:18:19 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\2a99bad0.sys -- (2a99bad0)
DRV - [2007.12.24 12:29:41 | 000,715,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.11.24 17:14:27 | 000,007,072 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ddnt.sys -- (ddnt)
DRV - [2007.10.19 16:58:38 | 000,043,672 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2006.03.01 08:39:10 | 003,959,360 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006.01.18 11:41:00 | 000,080,512 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2004.08.17 14:45:18 | 000,606,556 | ---- | M] (LT) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003.07.16 07:27:40 | 000,043,264 | R--- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.3&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.15 21:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.12 14:32:02 | 000,000,000 | ---D | M]
[2009.03.26 16:56:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Extensions
[2012.01.04 21:29:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\extensions
[2012.01.04 21:29:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.24 15:23:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-1.xml
[2009.03.26 16:58:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-10.xml
[2009.04.23 07:11:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-11.xml
[2009.05.01 08:18:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-12.xml
[2009.06.20 12:58:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-13.xml
[2009.07.24 18:27:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-14.xml
[2009.08.21 17:23:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-15.xml
[2009.09.11 19:50:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-16.xml
[2009.10.30 15:18:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-17.xml
[2009.12.20 17:29:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-18.xml
[2010.01.08 21:51:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-19.xml
[2008.03.27 17:10:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-2.xml
[2010.02.20 12:15:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-20.xml
[2010.04.01 11:26:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-21.xml
[2011.04.10 15:11:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-22.xml
[2011.05.03 19:20:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-23.xml
[2011.06.23 20:42:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-24.xml
[2011.08.20 20:15:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-25.xml
[2011.08.31 14:36:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-26.xml
[2011.09.08 13:52:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-27.xml
[2011.09.14 18:05:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-28.xml
[2011.11.11 21:14:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-29.xml
[2008.04.17 07:06:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-3.xml
[2011.12.12 14:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-30.xml
[2012.01.15 21:29:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-31.xml
[2012.01.15 21:30:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-32.xml
[2008.07.02 17:17:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-4.xml
[2008.07.18 08:54:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-5.xml
[2008.07.19 15:55:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-6.xml
[2008.09.26 19:13:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-7.xml
[2008.11.19 14:15:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-8.xml
[2009.01.13 20:50:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-9.xml
[2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin.xml
[2011.12.12 14:30:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.31 15:31:23 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2007.12.24 12:32:28 | 000,000,000 | ---D | M] (AdVantage) -- C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER 3\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\9EPX7XGD.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2012.01.15 21:29:15 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.01.15 21:29:11 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.15 21:29:11 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.05.03 19:20:14 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.01.15 21:29:11 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.15 21:29:11 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.15 21:29:11 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2008.07.15 09:23:10 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-710420126-730036369-1431610262-1006\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\.DEFAULT..\Run: [userinit] C:\WINDOWS\system32\sdra64.exe File not found
O4 - HKU\S-1-5-18..\Run: [userinit] C:\WINDOWS\system32\sdra64.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-710420126-730036369-1431610262-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF78A8FE-01B0-4FF9-8281-69FEB89388A2}: DhcpNameServer = 10.0.0.138 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User 3\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User 3\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.06.16 16:55:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{6c6d8b26-3516-11df-b2da-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{6c6d8b26-3516-11df-b2da-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{7bd1faf0-147a-11e1-b6dd-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{7bd1faf0-147a-11e1-b6dd-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{8791cbf8-978a-11e0-b56c-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{8791cbf8-978a-11e0-b56c-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24730-e0bd-11dd-b0ee-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24730-e0bd-11dd-b0ee-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24731-e0bd-11dd-b0ee-0016767322ac}\Shell\AutoRun\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{9aa24731-e0bd-11dd-b0ee-0016767322ac}\Shell\open\command - "" = F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{a2ffa219-01f1-11df-b297-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{a2ffa219-01f1-11df-b297-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\auto\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\explore\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\find\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\install\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b6839ba9-ad17-11de-b21c-0016767322ac}\Shell\open\command - "" = F:\Knight.exe open
O33 - MountPoints2\{b94297ab-fdbb-11dd-b121-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{b94297ab-fdbb-11dd-b121-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bd5ea97c-2197-11db-ad63-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bd5ea97c-2197-11db-ad63-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bfd1c8b4-b2d3-11dc-af3a-0016767322ac}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{bfd1c8b4-b2d3-11dc-af3a-0016767322ac}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{c35db6b8-b213-11dc-af38-0016767322ac}\Shell - "" = AutoRun
O33 - MountPoints2\{c35db6b8-b213-11dc-af38-0016767322ac}\Shell\AutoRun\command - "" = E:\Setupx.exe
O33 - MountPoints2\{d083956c-81dc-11e0-b530-0016767322ac}\Shell\AutoRun\command - "" = E:\InstallTomTomHOME.exe
O33 - MountPoints2\{d1094190-1281-11db-ad53-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{d1094190-1281-11db-ad53-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{feb47370-4886-11de-b18d-0016767322ac}\Shell\AutoRun\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O33 - MountPoints2\{feb47370-4886-11de-b18d-0016767322ac}\Shell\open\command - "" = E:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ipse32.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.01.29 10:37:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User 3\Plocha\OTL.exe
[2012.01.27 12:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.27 12:04:58 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.01.29 10:44:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.29 10:37:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User 3\Plocha\OTL.exe
[2012.01.29 10:35:44 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.29 10:35:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.27 12:04:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\RSIT.exe
[2012.01.26 19:54:59 | 000,106,203 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\3.lf uk.pdf
[2012.01.26 19:46:54 | 000,103,926 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\2.lf uk přihláška.pdf
[2012.01.26 19:36:03 | 000,105,026 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\1.lf uk přihláška.pdf
[2012.01.26 19:29:20 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\User 3\Plocha\Microsoft Office Word 2003.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.01.29 10:44:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.27 12:04:24 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\RSIT.exe
[2012.01.26 19:54:58 | 000,106,203 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\3.lf uk.pdf
[2012.01.26 19:46:53 | 000,103,926 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\2.lf uk přihláška.pdf
[2012.01.26 19:36:02 | 000,105,026 | ---- | C] () -- C:\Documents and Settings\User 3\Plocha\1.lf uk přihláška.pdf
[2011.03.28 12:50:04 | 000,103,509 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2011.03.28 12:50:03 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2009.11.12 16:28:37 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TextSpy.ini
[2009.06.19 13:32:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\2a99bad0.sys
[2009.01.12 16:16:42 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\CSDLGE1LIB.dll
[2008.02.06 16:09:47 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.11.24 17:14:27 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\ddvdd.dll
[2007.11.24 17:14:27 | 000,007,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\ddnt.sys
[2007.08.02 19:22:20 | 000,024,576 | ---- | C] () -- C:\WINDOWS\UniFISH.exe
[2007.07.04 11:37:57 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\User 3\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.09.12 11:08:38 | 006,172,672 | ---- | C] () -- C:\WINDOWS\System32\HwRecogK.dll
[2006.08.17 20:00:32 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\User 3\Local Settings\Data aplikací\fusioncache.dat
[2006.08.14 09:56:52 | 007,946,240 | ---- | C] () -- C:\WINDOWS\System32\HWRecogT.dll
[2006.08.13 17:48:58 | 015,147,008 | ---- | C] () -- C:\WINDOWS\System32\HWRecog.dll
[2006.07.10 17:44:12 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2006.07.10 17:43:59 | 000,005,839 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006.07.10 17:43:04 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.06.16 18:44:06 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.06.16 18:43:01 | 000,250,288 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.06.16 17:51:38 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.06.16 17:29:01 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2006.06.16 17:28:35 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.06.16 16:57:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.06.16 16:52:29 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.08.18 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.18 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.18 13:00:00 | 000,383,390 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.18 13:00:00 | 000,382,822 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2004.08.18 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.18 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2004.08.18 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.18 13:00:00 | 000,063,328 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2004.08.18 13:00:00 | 000,053,744 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.18 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.18 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2004.08.18 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.18 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.18 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.18 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.18 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.03.01 06:53:21 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2003.09.30 10:47:47 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003.09.30 10:47:47 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2003.09.30 10:47:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.30 10:47:47 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2003.09.30 10:47:46 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003.09.30 10:47:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.08.07 14:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2003.03.24 06:03:00 | 000,279,552 | ---- | C] () -- C:\WINDOWS\System32\FGWVB32.DLL
[2002.09.24 13:19:02 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\DD32.dll
[1998.03.26 01:12:00 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
========== LOP Check ==========
[2007.11.24 17:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACTIV Software
[2010.10.31 21:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.06.24 19:00:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2009.11.19 17:14:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Prometheus
[2008.08.24 16:07:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.07.03 10:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Common Files
[2007.12.24 12:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\DAEMON Tools
[2011.10.05 16:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ
[2007.09.04 13:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ Toolbar
[2009.01.12 16:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\LGSync
[2007.09.13 19:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Opera
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.12.23 12:40:58 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[3 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.03.23 18:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Adobe
[2007.09.04 13:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\AdobeUM
[2007.12.24 12:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Ahead
[2009.07.03 10:55:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Common Files
[2007.12.24 12:31:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\DAEMON Tools
[2009.07.03 10:55:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\HP
[2011.10.05 16:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ
[2007.09.04 13:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ Toolbar
[2006.06.16 18:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Identities
[2007.09.02 09:21:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\InstallShield
[2009.01.12 16:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\LGSync
[2007.08.05 20:42:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Macromedia
[2007.12.06 20:50:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\User 3\Data aplikací\Microsoft
[2009.03.26 16:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Mozilla
[2007.09.13 19:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Opera
[2006.07.10 17:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\Talkback
[2009.02.18 13:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\U3
< %APPDATA%\*.exe /s >
[2007.09.13 19:29:43 | 000,061,440 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\User 3\Data aplikací\Microsoft\Installer\{45A54FAD-AADB-4CD2-9E56-2507A15F013D}\ARPPRODUCTICON.exe
[2005.06.06 10:29:14 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\U3\temp\cleanup.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.12.24 12:29:41 | 000,715,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.06.16 18:42:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.06.16 18:42:20 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.06.16 18:42:20 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.01.29 10:35:44 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %fystemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %fystemRoot%\system32\svchost.exe -k netsvcs
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.01.15 21:29:15 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.04.25 06:27:50 | 000,636,088 | ---- | M] (Microsoft Corporation) MD5=092A7F2B49A19ECCE5369D3CB2276148 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2007.08.09 11:21:56 | 000,079,360 | ---- | M] (Opera Software) MD5=C3ED9C39E4AC0921FA38BB4044DC0AB8 -- C:\Program Files\Opera\Opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.29 10:44:29 | 000,000,512 | ---- | M] () MD5=09B136ACE6AB8A40F5974CFDDCCA4253 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2005.02.20 19:00:44 | 000,021,443 | ---- | M] () -- \Documents and Settings\User 3\Dokumenty\tomas\rallychampionshipxtremenocdcrackrp.zip
[2011.04.24 11:54:26 | 000,005,320 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\cracker1--c54xc54[1].png
[2003.10.03 16:08:10 | 000,000,198 | ---- | M] () -- \Program Files\Singles\GameObject\crackerBox.ago
[2003.12.23 19:51:00 | 000,003,461 | ---- | M] () -- \Program Files\Singles\GuiTexture\MenuIconcracker.png
[2003.12.30 12:58:26 | 000,003,219 | ---- | M] () -- \Program Files\Singles\GuiTexture\MenuIconcrackerBox.png
[2003.06.08 15:19:04 | 000,003,468 | ---- | M] () -- \Program Files\Singles\Mesh\cracker.ams
[2003.12.29 11:06:30 | 000,013,520 | ---- | M] () -- \Program Files\Singles\Mesh\crackerBox.ams
[2004.01.17 22:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\Mesh\col\cracker.rdd
[2004.01.17 22:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\Mesh\col\crackerBox.rdd
[2004.01.17 22:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\MeshLow\col\cracker.rdd
[2004.01.17 22:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\MeshLow\col\crackerBox.rdd
[2004.01.17 22:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\MeshMid\col\cracker.rdd
[2004.01.17 22:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\MeshMid\col\crackerBox.rdd
[2004.02.25 11:15:38 | 000,174,904 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.dds
[2003.06.01 11:50:36 | 000,306,372 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.png
< *keygen* /s >
< *loader* /s >
[2012.01.26 07:10:10 | 000,003,687 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\168VTKWV\loader[1].js
[2007.09.25 16:17:47 | 000,002,931 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\1RH7JW0O\preloader[1].swf
[2011.04.21 08:45:36 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\loader[1].js
[2011.04.30 07:45:18 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\loader[2].js
[2011.04.19 08:44:34 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\logoloader[1].js
[2011.04.28 07:36:11 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\logoloader[2].js
[2011.05.04 06:12:49 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\logoloader[3].js
[2011.03.27 09:51:51 | 000,002,576 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\preloader2[1].gif
[2011.03.28 20:06:20 | 000,001,891 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\preloader[1].js
[2011.03.27 09:51:53 | 000,000,330 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\5YL12N26\stin_preloader[1].png
[2011.05.17 12:00:50 | 000,006,820 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\DCEYH65M\ajax-loader-big[1].gif
[2011.05.17 12:01:53 | 000,001,849 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\DCEYH65M\ajax-loader[1].gif
[2011.04.15 08:14:53 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\loader[1].js
[2011.04.16 05:04:17 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\loader[2].js
[2011.04.29 09:44:34 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\loader[3].js
[2011.04.21 08:45:36 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\logoloader[1].js
[2011.04.30 07:45:18 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\KMCOCIQE\logoloader[2].js
[2011.12.02 12:32:13 | 000,000,996 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\Q5SUW0KW\flashloader[1].js
[2011.12.02 12:33:49 | 000,000,996 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\U1CZUNHE\flashloader[1].js
[2011.05.17 12:04:52 | 000,010,819 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\UDU7ICGX\ajax-loader[1].gif
[2011.05.16 16:53:12 | 000,002,931 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\UDU7ICGX\preloader[1].swf
[2011.04.08 07:57:22 | 000,010,819 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\ajax-loader[1].gif
[2011.04.19 08:44:34 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader[1].js
[2011.04.28 07:36:11 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader[2].js
[2011.05.04 06:12:50 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader[3].js
[2011.05.06 06:14:30 | 000,001,849 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\loader_grey_small[1].gif
[2011.04.22 08:31:02 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\logoloader[1].js
[2011.03.28 20:06:20 | 000,002,931 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\VTRND8U8\preloader[1].swf
[2011.04.22 08:31:02 | 000,002,004 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\loader[1].js
[2011.05.06 06:14:01 | 000,003,208 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\loader_grey_big[1].gif
[2011.04.15 08:14:52 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\logoloader[1].js
[2011.04.16 05:04:17 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\logoloader[2].js
[2011.04.29 09:44:34 | 000,001,047 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\logoloader[3].js
[2011.04.09 09:25:49 | 000,014,038 | ---- | M] () -- \Documents and Settings\User 3\Local Settings\Temporary Internet Files\Content.IE5\YLTUA0CD\SolmetraUploader[1].js
[2003.09.04 08:28:12 | 000,015,227 | ---- | M] () -- \Program Files\Common Files\HP\Memories Disc\2.0\pcexp\COMMON\VIEW\INCLUDE\LOADER.JS
[2001.01.16 05:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 03:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2010.10.31 21:28:12 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.10.31 21:28:12 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.10.31 21:28:13 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.10.31 21:28:12 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.16 16:02:02 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.02.18 16:21:28 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.02.18 16:21:29 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
< End of report >
Re: Kontrola logu
Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)
- Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
- Spustte a kliknete na Deletion
- Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt
Stahnete SWReg http://www.xs4all.nl/~fstaal01/downloads/swreg.exe
- Ulozte jej primo na disk c:\ tak aby nebyl v zadne slozce
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
@echo off c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\wuauserv" /RESET /Q c:\swreg.exe ACL "HKLM\SYSTEM\CurrentControlSet\Control\Services\BITS" /RESET /Q- Soubor ulozte jako del.bat
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem del.bat
- Okno jen problikne a provede co ma - soubor muzete smazat
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt) DRV - [2009.09.29 17:18:19 | 000,000,000 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\2a99bad0.sys -- (2a99bad0) DRV - [2007.11.24 17:14:27 | 000,007,072 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ddnt.sys -- (ddnt) IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-21-710420126-730036369-1431610262-1006\..\URLSearchHook: - No CLSID value found FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.3&q=" [2012.01.04 21:29:09 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.01.24 15:23:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-1.xml [2009.03.26 16:58:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-10.xml [2009.04.23 07:11:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-11.xml [2009.05.01 08:18:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-12.xml [2009.06.20 12:58:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-13.xml [2009.07.24 18:27:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-14.xml [2009.08.21 17:23:07 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-15.xml [2009.09.11 19:50:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-16.xml [2009.10.30 15:18:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-17.xml [2009.12.20 17:29:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-18.xml [2010.01.08 21:51:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-19.xml [2008.03.27 17:10:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-2.xml [2010.02.20 12:15:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-20.xml [2010.04.01 11:26:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-21.xml [2011.04.10 15:11:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-22.xml [2011.05.03 19:20:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-23.xml [2011.06.23 20:42:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-24.xml [2011.08.20 20:15:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-25.xml [2011.08.31 14:36:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-26.xml [2011.09.08 13:52:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-27.xml [2011.09.14 18:05:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-28.xml [2011.11.11 21:14:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-29.xml [2008.04.17 07:06:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-3.xml [2011.12.12 14:32:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-30.xml [2012.01.15 21:29:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-31.xml [2012.01.15 21:30:19 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-32.xml [2008.07.02 17:17:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-4.xml [2008.07.18 08:54:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-5.xml [2008.07.19 15:55:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-6.xml [2008.09.26 19:13:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-7.xml [2008.11.19 14:15:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-8.xml [2009.01.13 20:50:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin-9.xml [2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\User 3\Data aplikací\Mozilla\Firefox\Profiles\9epx7xgd.default\searchplugins\icqplugin.xml [2009.07.31 15:31:23 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2007.12.24 12:32:28 | 000,000,000 | ---D | M] (AdVantage) -- C:\Program Files\Mozilla Firefox\extensions\{A89AED22-9133-424c-88E7-C8235C5FF302} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\USER 3\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\9EPX7XGD.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07} O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found O3 - HKU\S-1-5-21-710420126-730036369-1431610262-1006\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O4 - HKU\.DEFAULT..\Run: [userinit] C:\WINDOWS\system32\sdra64.exe File not found O4 - HKU\S-1-5-18..\Run: [userinit] C:\WINDOWS\system32\sdra64.exe File not found [2007.09.04 13:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User 3\Data aplikací\ICQ Toolbar [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [3 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ] [1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ] @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 :reg [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS] "ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\ 72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\ 33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\ 78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\ 73,00,00,00 "Type"=dword:00000020 "Start"=dword:00000002 "ErrorControl"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv] "ImagePath"=hex(2):25,00,73,00,79,00,73,00,74,00,65,00,6D,00,\ 72,00,6F,00,6F,00,74,00,25,00,5C,00,73,00,79,00,73,00,74,00,65,00,6D,00,\ 33,00,32,00,5C,00,73,00,76,00,63,00,68,00,6F,00,73,00,74,00,2E,00,65,00,\ 78,00,65,00,20,00,2D,00,6B,00,20,00,6E,00,65,00,74,00,73,00,76,00,63,00,\ 73,00,00,00 "Type"=dword:00000020 "Start"=dword:00000002 "ErrorControl"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=- "NeroFilterCheck"=- "QuickTime Task"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\67083867309921550315285524447684] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disk Knight] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\quicktime task] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^all users^nabídka start^programy^po spuštění^adobe reader speed launch.lnk] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\c:^documents and settings^user 3^nabídka start^programy^po spuštění^rncsys32.exe] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "\"=- :files C:\Documents and Settings\User 3\Nabídka Start\Programy\Po spuštění\rncsys32.exe C:\Program Files\Antivirus 2009 %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?