zdravim poprosil bych o mensi kontrolu tohoto kompu... je nake zpomalene a nemuzu zaboha prijit na to proc...
Logfile of random's system information tool 1.07 (written by random/random)
Run by ivo at 2010-06-20 13:42:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (41%) free of 30 GB
Total RAM: 1023 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:42:25, on 20.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\Mozilla Firefox\firefox.exe
C:\DOCUME~1\ivo\LOCALS~1\Temp\div80.tmp\div84.tmp
C:\Documents and Settings\All Users\Data aplikací\DivX\RunAsUser\RUNASUSERPROCESS.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Documents and Settings\ivo\Plocha\RSIT.exe
C:\Program Files\trend micro\ivo.exe
C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\17.7.0.12\cltLMH.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14672&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5111404140
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 1265051735 (.1265051735) - Unknown owner - C:\Program Files\1265051735\kfa1265051735L.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 9457 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic troubleshooting.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-13 394608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nTrayFw"=C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe [2005-04-29 266240]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-13 98304]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2008-05-28 570664]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"PC Suite for Smartphones"=C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\ivo\Nabídka Start\Programy\Po spuštění
Obsah aplikace OneNote.onetoc2
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-03-03 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\hry\Valve\Steam\SteamApps\ivvvo\counter-strike\hl.exe"="F:\hry\Valve\Steam\SteamApps\ivvvo\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-06-20 13:42:17 ----D---- C:\rsit
2010-06-20 13:42:17 ----D---- C:\Program Files\trend micro
2010-06-17 18:37:48 ----D---- C:\Program Files\Common Files\Skype
2010-06-15 22:34:24 ----A---- C:\WINDOWS\Gqasea.exe
2010-06-12 16:42:54 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-12 16:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-12 16:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-12 16:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-12 16:32:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-12 16:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-05-30 16:15:38 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-05-30 16:15:36 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-05-30 16:15:36 ----A---- C:\WINDOWS\system32\pbsvc_heroes.exe
2010-05-30 13:54:08 ----D---- C:\Documents and Settings\ivo\Data aplikací\Facebook
2010-05-29 10:44:29 ----D---- C:\Program Files\Sony Ericsson
2010-05-26 15:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-22 19:14:58 ----D---- C:\Program Files\PowerQuest
2010-05-22 19:07:16 ----D---- C:\Documents and Settings\ivo\Data aplikací\Help
2010-05-22 18:51:21 ----A---- C:\WINDOWS\system32\pwNative.exe
======List of files/folders modified in the last 1 months======
2010-06-20 13:42:25 ----D---- C:\WINDOWS\Prefetch
2010-06-20 13:42:17 ----RD---- C:\Program Files
2010-06-20 13:42:04 ----D---- C:\WINDOWS\Temp
2010-06-20 13:41:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-06-20 13:41:26 ----D---- C:\Program Files\DivX
2010-06-20 13:41:19 ----D---- C:\WINDOWS\system32
2010-06-20 13:37:22 ----D---- C:\WINDOWS
2010-06-20 13:36:13 ----SHD---- C:\System Volume Information
2010-06-20 13:35:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-20 13:34:56 ----D---- C:\Documents and Settings\ivo\Data aplikací\ICQ
2010-06-19 22:33:27 ----D---- C:\WINDOWS\Debug
2010-06-19 22:30:51 ----D---- C:\Programy
2010-06-18 05:03:04 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-18 03:25:08 ----D---- C:\Documents and Settings\ivo\Data aplikací\Vso
2010-06-18 00:01:47 ----D---- C:\Documents and Settings\ivo\Data aplikací\Skype
2010-06-18 00:01:40 ----D---- C:\Documents and Settings\ivo\Data aplikací\skypePM
2010-06-17 18:37:57 ----SHD---- C:\WINDOWS\Installer
2010-06-17 18:37:48 ----D---- C:\Program Files\Common Files
2010-06-16 18:30:25 ----SD---- C:\WINDOWS\Tasks
2010-06-16 11:51:10 ----D---- C:\Program Files\uTorrent
2010-06-12 16:46:21 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-12 16:46:19 ----RSD---- C:\WINDOWS\assembly
2010-06-12 16:42:56 ----HD---- C:\WINDOWS\inf
2010-06-12 16:42:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-12 16:42:43 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-12 16:41:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-12 16:37:31 ----D---- C:\Program Files\Internet Explorer
2010-06-12 16:37:22 ----D---- C:\WINDOWS\ie8updates
2010-06-12 16:29:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-12 16:28:06 ----D---- C:\WINDOWS\WinSxS
2010-06-11 17:03:04 ----D---- C:\Program Files\ICQ7.0
2010-06-06 19:05:57 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-06 09:57:05 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 15:01:38 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-05-30 16:16:16 ----D---- C:\WINDOWS\system32\drivers
2010-05-30 16:15:36 ----D---- C:\WINDOWS\system32\LogFiles
2010-05-29 13:27:29 ----D---- C:\Documents and Settings\ivo\Data aplikací\Teleca
2010-05-29 10:59:06 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-27 18:39:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-05-22 19:15:51 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-22 18:51:21 ----SH---- C:\boot.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100522.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-04-14 101888]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS [2010-04-22 325680]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS [2010-05-06 361904]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-03-03 4630016]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100617.005\IDSxpx86.sys []
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100619.005\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100619.005\NAVEX15.SYS []
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-07-26 53376]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-04-14 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-04-14 13056]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-07-26 415360]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-03-03 27632]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2010-05-06 47408]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
S3 a6o53ytu;a6o53ytu; C:\WINDOWS\system32\drivers\a6o53ytu.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-03-03 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-03-03 25512]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-02-22 47360]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2010-05-06 47408]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2010-03-03 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-03-03 602112]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2005-04-29 139264]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2004-11-30 20543]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2005-04-29 131136]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2005-04-29 57412]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-01 75064]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-08 185640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-18 1044808]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 .1265051735;1265051735; C:\Program Files\1265051735\kfa1265051735L.exe [2009-09-19 436104]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-08-13 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-05 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
preventivka
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: preventivka
Zdravím 
Odinstalujte NVIDIA Firewall.
Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
Odinstalujte NVIDIA Firewall. Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu
- Spusťte, poté do spodního políčka vložte následující skript.
Kód: Vybrat vše
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- Označte položku Pro všechny uživatele.
- Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
- Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Re: preventivka
thx sa tim nvidia FW je problem bude asik soucasti network access manageru(nwim co to dela ale tento mam vypnutej a mam FW z notona)inak to ostatni uz delam...jak to bude dam sem log...
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Re: preventivka
extras:
OTL Extras logfile created on: 20.6.2010 15:40:16 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\ivo\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 386,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,76 Gb Total Space | 12,19 Gb Free Space | 40,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 91,13 Gb Total Space | 16,93 Gb Free Space | 18,58% Space Free | Partition Type: NTFS
Drive G: | 111,99 Gb Total Space | 11,95 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KFA-33A3F2E65E0
Current User Name: ivo
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe" = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"F:\hry\Valve\Steam\SteamApps\ivvvo\counter-strike\hl.exe" = F:\hry\Valve\Steam\SteamApps\ivvvo\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A3343C-028E-62D3-E193-AC15E8508B64}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0603981A-43DD-C3FA-918A-19A0D46FB558}" = CCC Help English
"{063BD2FA-85DE-0A14-F266-7BD869F719BA}" = Catalyst Control Center Graphics Full New
"{0AC63EC6-6ADC-1477-652E-9D3EF46495D1}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{21D6B1DC-8E12-4FBA-0823-0EF0A1440694}" = CCC Help Norwegian
"{2432E57D-B4F9-65DD-CB76-72EABD268411}" = Catalyst Control Center Localization All
"{24CB2BE4-FAAF-78F8-D211-042327560FD8}" = ccc-utility
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2894C259-B270-EFAA-3131-491B261E894A}" = ccc-utility
"{2B44554A-AC5E-D835-82EC-FF6BB2FF8CA6}" = Catalyst Control Center Graphics Light
"{2F1DE8CC-D75E-E0A4-7812-1B7E0A1BB1A0}" = CCC Help Chinese Traditional
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{349EEF84-59E0-5B35-182D-50948D7DB592}" = ccc-core-static
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3B4025BE-5CC2-1979-5400-2AFD9A2860E4}" = Catalyst Control Center Graphics Full Existing
"{400AA2FD-527F-E8CC-A4E0-F5D70E242D65}" = CCC Help French
"{488A4B4C-F9D4-5A52-AB39-AFF51B89B4FE}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6B1116-E9C1-4480-41B5-35290C1EFD3B}" = ccc-core-preinstall
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56225AEA-87B4-FD40-7BDE-C92DBA794B6D}" = CCC Help Thai
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59BDC7E5-60DA-D9DE-A57E-871F884B82D2}" = CCC Help Hungarian
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5E87D336-D7D0-ECEC-288E-D48F3DC71F68}" = CCC Help Turkish
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4BBCD5-E6F5-FCFA-5F3B-95EC2AD0945E}" = ccc-core-preinstall
"{62A9D559-5C7B-607B-2ABD-664102C4EBC8}" = CCC Help Danish
"{62CB2326-9C09-42D8-AED9-077E8ED11029}" = Nero 7 Ultra Edition
"{6A300656-640E-F69E-895B-EC1C110CB740}" = Catalyst Control Center Graphics Previews Common
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6C89B82E-AD76-7715-43EA-C37E563E83BB}" = ATI Catalyst Install Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D61A22-3A1B-4843-0975-84D5D7F42400}" = CCC Help Chinese Standard
"{767CF895-30C5-5434-57CA-99305A8B3C65}" = CCC Help Swedish
"{77C80DAB-4C40-ACD2-E645-FD3E1F05EA90}" = CCC Help English
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88D17DB6-3758-54AB-4C08-16CB217ACF82}" = CCC Help German
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8928DC3C-F6CA-A97E-24EE-23A276A49961}" = CCC Help Japanese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9DEA61D4-7702-D833-B2F1-9B1CABD8BE59}" = CCC Help Finnish
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9E4B1CF-034A-C6A6-1076-5141560E5192}" = CCC Help Czech
"{B5A86B89-C06B-67F9-778C-B19E992484CB}" = CCC Help Greek
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C67F36D2-DE45-40B4-8D87-DF4A66A59532}" = PC Suite for Sony Ericsson
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4E1C2A-01FE-3C8F-1CF1-4C738482C4E5}" = CCC Help Spanish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}" = Catalyst Control Center - Branding
"{D0B2D0A3-245D-E256-EF6F-2E6E4DA30B41}" = Catalyst Control Center Core Implementation
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D7E40BC3-7A47-6CD3-506D-1B902C708DAE}" = CCC Help Russian
"{D8B36DA7-F196-2953-8A93-DDBFB1F6267D}" = ccc-core-static
"{D9B27D5F-7742-BB49-7894-F9A93A68CB3B}" = CCC Help Polish
"{DAD3A57E-2B4D-30F2-F971-6A0FD04D5EA3}" = Catalyst Control Center HydraVision Full
"{DAE507C4-7E9E-B204-531C-A9306522D7A9}" = Catalyst Control Center Graphics Full Existing
"{DD58AC0F-CE28-B5EA-72C4-08CE056A77EA}" = Catalyst Control Center HydraVision Full
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E07F7571-7193-4505-B017-FDC6525CA0B7}" = ATI AVIVO Codecs
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{EC102FA9-A54E-2D6B-9926-B92E5D9E14C7}" = Catalyst Control Center Graphics Full New
"{ED46D1FE-A4E3-6F39-44B0-3A17B0225367}" = CCC Help Portuguese
"{F0949359-3DA7-52EF-50E6-FDD6B9491E2D}" = Catalyst Control Center Graphics Previews Common
"{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}" = Catalyst Control Center InstallProxy
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F67CCC08-C544-A440-A47A-D60A25118CD1}" = Catalyst Control Center Core Implementation
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF12E6D1-2833-2284-15B7-6A3C70F0BC29}" = CCC Help Dutch
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"ie8" = Windows Internet Explorer 8
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.0 (Full)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Plants vs. Zombies" = Plants vs. Zombies
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.0
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"Update Service" = Update Service
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.4.2010 16:19:17 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 23.4.2010 18:21:53 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 29.4.2010 1:58:00 | Computer Name = KFA-33A3F2E65E0 | Source = Application Error | ID = 1000
Description = Chybující aplikace oskarek.exe, verze 0.0.0.0, chybující modul midpruntimedll.dll,
verze 1.2.0.0, adresa chyby 0x0003ee19.
Error - 29.4.2010 2:23:01 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.5.2010 11:06:27 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Steam.exe, verze 1.0.823.645, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 4.5.2010 7:46:02 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.5.2010 6:36:33 | Computer Name = KFA-33A3F2E65E0 | Source = Application Error | ID = 1000
Description = Chybující aplikace hl2.exe, verze 0.0.0.0, chybující modul datacache.dll,
verze 0.0.0.0, adresa chyby 0x0000b423.
Error - 8.5.2010 7:18:52 | Computer Name = KFA-33A3F2E65E0 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 ccc.exe, P2 2.0.0.0, P3 49ef8e09, P4 mscorlib,
P5 2.0.0.0, P6 4add54dc, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10
NIL.
[ System Events ]
Error - 20.6.2010 7:57:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:16:44 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:16:44 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:16:44 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:36:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:36:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:36:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:37:35 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:37:35 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:37:35 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
< End of report >
OTL Extras logfile created on: 20.6.2010 15:40:16 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\ivo\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 386,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,76 Gb Total Space | 12,19 Gb Free Space | 40,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 91,13 Gb Total Space | 16,93 Gb Free Space | 18,58% Space Free | Partition Type: NTFS
Drive G: | 111,99 Gb Total Space | 11,95 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KFA-33A3F2E65E0
Current User Name: ivo
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_USERS\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programy\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programy\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programy\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe" = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"F:\hry\Valve\Steam\SteamApps\ivvvo\counter-strike\hl.exe" = F:\hry\Valve\Steam\SteamApps\ivvvo\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A3343C-028E-62D3-E193-AC15E8508B64}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0603981A-43DD-C3FA-918A-19A0D46FB558}" = CCC Help English
"{063BD2FA-85DE-0A14-F266-7BD869F719BA}" = Catalyst Control Center Graphics Full New
"{0AC63EC6-6ADC-1477-652E-9D3EF46495D1}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"{21D6B1DC-8E12-4FBA-0823-0EF0A1440694}" = CCC Help Norwegian
"{2432E57D-B4F9-65DD-CB76-72EABD268411}" = Catalyst Control Center Localization All
"{24CB2BE4-FAAF-78F8-D211-042327560FD8}" = ccc-utility
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{2894C259-B270-EFAA-3131-491B261E894A}" = ccc-utility
"{2B44554A-AC5E-D835-82EC-FF6BB2FF8CA6}" = Catalyst Control Center Graphics Light
"{2F1DE8CC-D75E-E0A4-7812-1B7E0A1BB1A0}" = CCC Help Chinese Traditional
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{349EEF84-59E0-5B35-182D-50948D7DB592}" = ccc-core-static
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3B4025BE-5CC2-1979-5400-2AFD9A2860E4}" = Catalyst Control Center Graphics Full Existing
"{400AA2FD-527F-E8CC-A4E0-F5D70E242D65}" = CCC Help French
"{488A4B4C-F9D4-5A52-AB39-AFF51B89B4FE}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6B1116-E9C1-4480-41B5-35290C1EFD3B}" = ccc-core-preinstall
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56225AEA-87B4-FD40-7BDE-C92DBA794B6D}" = CCC Help Thai
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59BDC7E5-60DA-D9DE-A57E-871F884B82D2}" = CCC Help Hungarian
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5E87D336-D7D0-ECEC-288E-D48F3DC71F68}" = CCC Help Turkish
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4BBCD5-E6F5-FCFA-5F3B-95EC2AD0945E}" = ccc-core-preinstall
"{62A9D559-5C7B-607B-2ABD-664102C4EBC8}" = CCC Help Danish
"{62CB2326-9C09-42D8-AED9-077E8ED11029}" = Nero 7 Ultra Edition
"{6A300656-640E-F69E-895B-EC1C110CB740}" = Catalyst Control Center Graphics Previews Common
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6C89B82E-AD76-7715-43EA-C37E563E83BB}" = ATI Catalyst Install Manager
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D61A22-3A1B-4843-0975-84D5D7F42400}" = CCC Help Chinese Standard
"{767CF895-30C5-5434-57CA-99305A8B3C65}" = CCC Help Swedish
"{77C80DAB-4C40-ACD2-E645-FD3E1F05EA90}" = CCC Help English
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88D17DB6-3758-54AB-4C08-16CB217ACF82}" = CCC Help German
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8928DC3C-F6CA-A97E-24EE-23A276A49961}" = CCC Help Japanese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9DEA61D4-7702-D833-B2F1-9B1CABD8BE59}" = CCC Help Finnish
"{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}" =
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9E4B1CF-034A-C6A6-1076-5141560E5192}" = CCC Help Czech
"{B5A86B89-C06B-67F9-778C-B19E992484CB}" = CCC Help Greek
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C67F36D2-DE45-40B4-8D87-DF4A66A59532}" = PC Suite for Sony Ericsson
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4E1C2A-01FE-3C8F-1CF1-4C738482C4E5}" = CCC Help Spanish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF929EEB-CE39-4F06-B1BF-F51FC617A2B2}" = Catalyst Control Center - Branding
"{D0B2D0A3-245D-E256-EF6F-2E6E4DA30B41}" = Catalyst Control Center Core Implementation
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D7E40BC3-7A47-6CD3-506D-1B902C708DAE}" = CCC Help Russian
"{D8B36DA7-F196-2953-8A93-DDBFB1F6267D}" = ccc-core-static
"{D9B27D5F-7742-BB49-7894-F9A93A68CB3B}" = CCC Help Polish
"{DAD3A57E-2B4D-30F2-F971-6A0FD04D5EA3}" = Catalyst Control Center HydraVision Full
"{DAE507C4-7E9E-B204-531C-A9306522D7A9}" = Catalyst Control Center Graphics Full Existing
"{DD58AC0F-CE28-B5EA-72C4-08CE056A77EA}" = Catalyst Control Center HydraVision Full
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E07F7571-7193-4505-B017-FDC6525CA0B7}" = ATI AVIVO Codecs
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{EC102FA9-A54E-2D6B-9926-B92E5D9E14C7}" = Catalyst Control Center Graphics Full New
"{ED46D1FE-A4E3-6F39-44B0-3A17B0225367}" = CCC Help Portuguese
"{F0949359-3DA7-52EF-50E6-FDD6B9491E2D}" = Catalyst Control Center Graphics Previews Common
"{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}" = Catalyst Control Center InstallProxy
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F67CCC08-C544-A440-A47A-D60A25118CD1}" = Catalyst Control Center Core Implementation
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF12E6D1-2833-2284-15B7-6A3C70F0BC29}" = CCC Help Dutch
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Foxit Reader" = Foxit Reader
"Cheat Engine 5.6_is1" = Cheat Engine 5.6
"ie8" = Windows Internet Explorer 8
"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.0 (Full)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NIS" = Norton Internet Security
"NVIDIA Drivers" = NVIDIA Drivers
"Plants vs. Zombies" = Plants vs. Zombies
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 3.1.0
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"Update Service" = Update Service
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.4.2010 16:19:17 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 23.4.2010 18:21:53 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 29.4.2010 1:58:00 | Computer Name = KFA-33A3F2E65E0 | Source = Application Error | ID = 1000
Description = Chybující aplikace oskarek.exe, verze 0.0.0.0, chybující modul midpruntimedll.dll,
verze 1.2.0.0, adresa chyby 0x0003ee19.
Error - 29.4.2010 2:23:01 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 3.5.2010 11:06:27 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Steam.exe, verze 1.0.823.645, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 4.5.2010 7:46:02 | Computer Name = KFA-33A3F2E65E0 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace hl.exe, verze 1.1.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 8.5.2010 6:36:33 | Computer Name = KFA-33A3F2E65E0 | Source = Application Error | ID = 1000
Description = Chybující aplikace hl2.exe, verze 0.0.0.0, chybující modul datacache.dll,
verze 0.0.0.0, adresa chyby 0x0000b423.
Error - 8.5.2010 7:18:52 | Computer Name = KFA-33A3F2E65E0 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 ccc.exe, P2 2.0.0.0, P3 49ef8e09, P4 mscorlib,
P5 2.0.0.0, P6 4add54dc, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10
NIL.
[ System Events ]
Error - 20.6.2010 7:57:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:16:44 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:16:44 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:16:44 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:36:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:36:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:36:14 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:37:35 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:37:35 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
Error - 20.6.2010 8:37:35 | Computer Name = KFA-33A3F2E65E0 | Source = DCOM | ID = 10016
Description = Nastavení omezení výchozí pro počítač neuděluje oprávnění typu Místní
- Aktivace k aplikaci COM Server s identifikátorem CLSID {BC866CF2-5486-41F7-B46B-9AA49CF3EBB1}
uživateli NT AUTHORITY\LOCAL SERVICE (SID S-1-5-19). Toto oprávnění zabezpečení
lze upravit pomocí nástroje správy Služba komponent.
< End of report >
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Re: preventivka
OTL:
OTL logfile created on: 20.6.2010 15:40:16 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\ivo\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 386,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,76 Gb Total Space | 12,19 Gb Free Space | 40,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 91,13 Gb Total Space | 16,93 Gb Free Space | 18,58% Space Free | Partition Type: NTFS
Drive G: | 111,99 Gb Total Space | 11,95 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KFA-33A3F2E65E0
Current User Name: ivo
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.20 15:35:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.03 02:48:27 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2010.02.26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009.12.18 01:14:00 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.12.18 01:12:10 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.12.08 13:19:10 | 004,994,856 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2009.12.08 12:46:32 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.04.29 19:22:26 | 000,266,240 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
PRC - [2005.04.29 19:21:06 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2005.04.29 19:18:24 | 000,131,136 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2005.04.29 19:18:08 | 000,057,412 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2004.12.20 18:12:36 | 000,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
PRC - [2004.11.30 12:08:56 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2004.11.15 19:20:20 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.06.20 15:35:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
MOD - [2010.05.14 07:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll
MOD - [2009.07.12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009.07.12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.02.26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2010.02.05 22:56:55 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.18 01:12:10 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.18 01:08:54 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.12.08 12:46:32 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.09.19 11:42:21 | 000,436,104 | ---- | M] () [Auto | Stopped] -- C:\Program Files\1265051735\kfa1265051735L.exe -- (.1265051735)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2005.04.29 19:21:06 | 000,139,264 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2005.04.29 19:18:24 | 000,131,136 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2005.04.29 19:18:08 | 000,057,412 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2004.11.30 12:08:56 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
========== Driver Services (SafeList) ==========
DRV - [2010.05.28 21:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100617.005\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010.05.27 18:50:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.05.27 18:50:22 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010.05.22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100522.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.05.11 07:45:27 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100619.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2010.05.11 07:45:26 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100619.005\NAVENG.SYS -- (NAVENG)
DRV - [2010.05.06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010.05.06 06:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010.05.06 06:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010.04.29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010.04.22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010.04.22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010.04.22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.04.17 20:49:09 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.09 13:16:50 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2010.04.09 13:16:46 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2010.03.03 16:45:42 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.03.03 16:45:41 | 000,083,200 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2010.03.03 16:45:41 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.03.03 16:45:41 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.03.03 06:21:08 | 004,630,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.02.26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010.02.05 22:31:15 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.15 10:44:14 | 000,091,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrsce.sys -- (zebrsce)
DRV - [2008.01.15 10:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV - [2008.01.15 10:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)
DRV - [2008.01.15 10:44:10 | 000,014,848 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2008.01.15 10:44:08 | 000,063,360 | R--- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM)
DRV - [2007.04.16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.04.14 21:09:06 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.04.14 21:09:04 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.04.14 21:08:56 | 000,101,888 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NVTCP.SYS -- (NVTCP)
DRV - [2005.07.26 08:01:56 | 000,415,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005.07.26 07:58:30 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004.11.17 20:05:38 | 002,297,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002.09.16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14672&l=dis
IE - HKU\S-1-5-21-602162358-651377827-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.87
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.0&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.05.26 05:07:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.02.06 05:11:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programy\Mozilla Firefox\components [2010.05.12 23:52:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2010.05.01 16:23:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2010.02.01 22:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Extensions
[2010.06.19 14:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions
[2010.04.27 12:09:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.12 06:45:22 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.05.01 21:06:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.04.13 09:44:39 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.06.17 02:44:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.05.30 15:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\battlefieldheroespatcher@ea.com
[2010.06.17 02:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\staged-xpis
[2010.06.16 22:33:54 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\searchplugins\icqplugin.xml
[2010.03.21 03:09:11 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\searchplugins\the-pirate-bay.xml
O1 HOSTS File: ([2010.03.27 10:38:24 | 000,000,813 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-602162358-651377827-839522115-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PC Suite for Smartphones] C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Documents and Settings\ivo\Nabídka Start\Programy\Po spuštění\Obsah aplikace OneNote.onetoc2 ()
O4 - Startup: C:\Documents and Settings\ivo\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 5111404140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.155.229.197 62.84.129.4
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ivo\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ivo\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.01 21:13:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.02.01 21:13:25 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\ivo\Plocha\[Torrentreactor.to] - The Twilight Saga Eclipse (2010 Movie) DVDRip [Full Movie] XviD-DiVXTEAM.torrent
[2010.06.20 15:35:44 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
[2010.06.20 14:00:23 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010.06.20 13:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2010.06.20 13:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.20 13:42:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.20 13:36:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ivo\Recent
[2010.06.17 18:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.06.11 22:49:25 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.01 17:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Dokumenty\Battlefield Heroes
[2010.05.30 16:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Local Settings\Data aplikací\PunkBuster
[2010.05.30 13:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Data aplikací\Facebook
[2010.05.29 11:32:30 | 000,091,264 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrsce.sys
[2010.05.29 11:32:22 | 000,014,848 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrmdfl.sys
[2010.05.29 11:32:18 | 000,109,568 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrmdmc.sys
[2010.05.29 11:02:37 | 000,109,568 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrmdm.sys
[2010.05.29 11:02:37 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrcmnt.sys
[2010.05.29 11:02:37 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrcm.sys
[2010.05.29 10:45:25 | 000,063,360 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrceb.sys
[2010.05.29 10:45:25 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrwhnt.sys
[2010.05.29 10:45:25 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrwh.sys
[2010.05.29 10:44:29 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010.05.22 19:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\PowerQuest
[2010.05.22 19:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Local Settings\Data aplikací\Help
[2010.05.22 19:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Data aplikací\Help
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\ivo\Plocha\[Torrentreactor.to] - The Twilight Saga Eclipse (2010 Movie) DVDRip [Full Movie] XviD-DiVXTEAM.torrent
[2055.09.19 08:29:11 | 000,002,012 | ---- | M] () -- C:\WINDOWS\System32\NAV_75_cltDynam.dat
[2010.06.20 15:35:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
[2010.06.20 14:00:24 | 000,000,537 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\Cheat Engine.lnk
[2010.06.20 13:51:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\popcreg.dat
[2010.06.20 13:51:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2010.06.20 13:41:26 | 000,001,430 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\DivX Movies.lnk
[2010.06.20 13:37:32 | 000,000,562 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2010.06.20 13:36:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.20 13:36:33 | 000,013,684 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.20 13:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.20 13:36:18 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.20 13:35:25 | 003,407,872 | ---- | M] () -- C:\Documents and Settings\ivo\ntuser.dat
[2010.06.20 12:59:56 | 000,215,016 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.19 22:30:53 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\CCleaner.lnk
[2010.06.16 11:51:28 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\ivo\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.15 22:34:17 | 000,168,448 | ---- | M] () -- C:\WINDOWS\Gqasea.exe
[2010.06.12 16:49:52 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.12 16:43:09 | 000,631,610 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Cat.DB
[2010.06.12 16:29:01 | 001,012,200 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.12 16:29:01 | 000,443,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.12 16:29:01 | 000,440,316 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.12 16:29:01 | 000,083,652 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.12 16:29:01 | 000,071,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.08 19:02:20 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\kovohute.doc
[2010.06.06 19:05:57 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.06 00:17:37 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.05 19:58:00 | 000,001,800 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\SRDownloader.nast
[2010.06.04 18:41:05 | 010,002,553 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\Nejkrásnější reklama na používání bezpečnostních pásů Stream.cz.3gp
[2010.06.01 17:40:33 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\PnkBstrK.sys
[2010.06.01 17:40:16 | 002,427,248 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.05.29 23:52:34 | 002,302,106 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\last of the mohicans 2009.mp3
[2010.05.29 10:59:18 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\Update Service.lnk
[2010.05.26 04:56:13 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Norton Internet Security.LNK
[2010.05.22 18:51:21 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.20 14:00:24 | 000,000,537 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\Cheat Engine.lnk
[2010.06.20 14:00:23 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.06.20 13:51:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010.06.20 13:51:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010.06.20 13:41:26 | 000,001,430 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\DivX Movies.lnk
[2010.06.15 22:34:24 | 000,168,448 | ---- | C] () -- C:\WINDOWS\Gqasea.exe
[2010.06.08 15:58:49 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\kovohute.doc
[2010.06.04 18:40:47 | 010,002,553 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\Nejkrásnější reklama na používání bezpečnostních pásů Stream.cz.3gp
[2010.05.30 16:29:17 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.05.30 16:16:16 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.05.30 16:16:16 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\ivo\Data aplikací\PnkBstrK.sys
[2010.05.30 16:15:38 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.05.30 16:15:36 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.05.30 16:15:36 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.05.29 23:52:12 | 002,302,106 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\last of the mohicans 2009.mp3
[2010.05.29 10:59:18 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\Update Service.lnk
[2010.05.22 18:51:21 | 000,535,624 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2010.05.22 18:51:20 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2010.05.22 18:51:20 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2010.05.09 03:35:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.04.17 20:49:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.03.10 16:06:05 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010.02.25 00:40:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.02 02:57:01 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2010.02.02 02:21:11 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010.02.02 01:29:34 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.02.02 01:29:20 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010.02.01 22:55:57 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.02.01 22:55:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.02.01 22:55:56 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.01 22:55:56 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.01 22:55:55 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.01 22:55:55 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
========== LOP Check ==========
[2010.04.17 20:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.02.02 11:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.02.01 23:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.03.08 02:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.02.05 22:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.02.12 13:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2010.02.05 22:56:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.04.17 21:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\DAEMON Tools Lite
[2010.02.02 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ESET
[2010.05.30 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Facebook
[2010.02.01 23:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Foxit
[2010.06.20 13:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ICQ
[2010.02.04 23:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TeamViewer
[2010.05.29 13:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Teleca
[2010.02.05 21:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Tific
[2010.04.18 01:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TrustPort
[2010.02.05 22:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TuneUp Software
[2010.06.18 03:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Vso
[2010.02.07 18:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2010.06.20 13:37:32 | 000,000,562 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic troubleshooting.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
OTL logfile created on: 20.6.2010 15:40:16 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\ivo\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1 023,00 Mb Total Physical Memory | 386,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,76 Gb Total Space | 12,19 Gb Free Space | 40,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 91,13 Gb Total Space | 16,93 Gb Free Space | 18,58% Space Free | Partition Type: NTFS
Drive G: | 111,99 Gb Total Space | 11,95 Gb Free Space | 10,67% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: KFA-33A3F2E65E0
Current User Name: ivo
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.06.20 15:35:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.03 02:48:27 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programy\Mozilla Firefox\firefox.exe
PRC - [2010.02.26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe
PRC - [2009.12.18 01:14:00 | 000,713,544 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2009.12.18 01:12:10 | 001,044,808 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2009.12.08 13:19:10 | 004,994,856 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer.exe
PRC - [2009.12.08 12:46:32 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2009.02.26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.04.29 19:22:26 | 000,266,240 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
PRC - [2005.04.29 19:21:06 | 000,139,264 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
PRC - [2005.04.29 19:18:24 | 000,131,136 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
PRC - [2005.04.29 19:18:08 | 000,057,412 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
PRC - [2004.12.20 18:12:36 | 000,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
PRC - [2004.11.30 12:08:56 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe
PRC - [2004.11.15 19:20:20 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
========== Modules (SafeList) ==========
MOD - [2010.06.20 15:35:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
MOD - [2010.05.14 07:35:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\asoehook.dll
MOD - [2009.07.12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009.07.12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010.02.26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe -- (NIS)
SRV - [2010.02.05 22:56:55 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.18 01:12:10 | 001,044,808 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2009.12.18 01:08:54 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.12.08 12:46:32 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2009.09.19 11:42:21 | 000,436,104 | ---- | M] () [Auto | Stopped] -- C:\Program Files\1265051735\kfa1265051735L.exe -- (.1265051735)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2005.04.29 19:21:06 | 000,139,264 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2005.04.29 19:18:24 | 000,131,136 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp)
SRV - [2005.04.29 19:18:08 | 000,057,412 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog)
SRV - [2004.11.30 12:08:56 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface)
========== Driver Services (SafeList) ==========
DRV - [2010.05.28 21:33:19 | 000,331,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100617.005\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010.05.27 18:50:22 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010.05.27 18:50:22 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010.05.22 20:16:04 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100522.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010.05.11 07:45:27 | 001,347,504 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100619.005\NAVEX15.SYS -- (NAVEX15)
DRV - [2010.05.11 07:45:26 | 000,085,552 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100619.005\NAVENG.SYS -- (NAVENG)
DRV - [2010.05.06 06:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SYMTDI.SYS -- (SYMTDI)
DRV - [2010.05.06 06:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010.05.06 06:01:43 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010.04.29 07:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\Ironx86.SYS -- (SymIRON)
DRV - [2010.04.22 05:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMEFA.SYS -- (SymEFA)
DRV - [2010.04.22 04:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1107000.00C\SRTSP.SYS -- (SRTSP)
DRV - [2010.04.22 04:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010.04.17 20:49:09 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.09 13:16:50 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2010.04.09 13:16:46 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2010.03.03 16:45:42 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.03.03 16:45:41 | 000,083,200 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrbus.sys -- (zebrbus)
DRV - [2010.03.03 16:45:41 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.03.03 16:45:41 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.03.03 06:21:08 | 004,630,016 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.02.26 02:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\ccHPx86.sys -- (ccHP)
DRV - [2010.02.05 22:31:15 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009.10.14 08:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.08.30 02:17:18 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1107000.00C\SYMDS.SYS -- (SymDS)
DRV - [2008.04.13 20:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.01.15 10:44:14 | 000,091,264 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrsce.sys -- (zebrsce)
DRV - [2008.01.15 10:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV - [2008.01.15 10:44:12 | 000,109,568 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdm.sys -- (zebrmdm) Sony Ericsson Port (WDM)
DRV - [2008.01.15 10:44:10 | 000,014,848 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV - [2008.01.15 10:44:08 | 000,063,360 | R--- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM)
DRV - [2007.04.16 22:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.04.14 21:09:06 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.04.14 21:09:04 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.04.14 21:08:56 | 000,101,888 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NVTCP.SYS -- (NVTCP)
DRV - [2005.07.26 08:01:56 | 000,415,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005.07.26 07:58:30 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004.11.17 20:05:38 | 002,297,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2002.09.16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14672&l=dis
IE - HKU\S-1-5-21-602162358-651377827-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.87
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... 2.0.0.0&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010.05.26 05:07:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010.02.06 05:11:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programy\Mozilla Firefox\components [2010.05.12 23:52:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programy\Mozilla Firefox\plugins [2010.05.01 16:23:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2010.02.01 22:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Extensions
[2010.06.19 14:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions
[2010.04.27 12:09:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.12 06:45:22 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.05.01 21:06:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.04.13 09:44:39 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.06.17 02:44:35 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.05.30 15:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\battlefieldheroespatcher@ea.com
[2010.06.17 02:44:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\staged-xpis
[2010.06.16 22:33:54 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\searchplugins\icqplugin.xml
[2010.03.21 03:09:11 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\searchplugins\the-pirate-bay.xml
O1 HOSTS File: ([2010.03.27 10:38:24 | 000,000,813 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-602162358-651377827-839522115-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PC Suite for Smartphones] C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Documents and Settings\ivo\Nabídka Start\Programy\Po spuštění\Obsah aplikace OneNote.onetoc2 ()
O4 - Startup: C:\Documents and Settings\ivo\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 5111404140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.155.229.197 62.84.129.4
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ivo\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ivo\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.01 21:13:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.02.01 21:13:25 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: SSHNAS - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745656140070912)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Documents and Settings\ivo\Plocha\[Torrentreactor.to] - The Twilight Saga Eclipse (2010 Movie) DVDRip [Full Movie] XviD-DiVXTEAM.torrent
[2010.06.20 15:35:44 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
[2010.06.20 14:00:23 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010.06.20 13:51:38 | 000,000,000 | ---D | C] -- C:\Program Files\PopCap Games
[2010.06.20 13:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.20 13:42:17 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.20 13:36:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ivo\Recent
[2010.06.17 18:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.06.11 22:49:25 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.01 17:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Dokumenty\Battlefield Heroes
[2010.05.30 16:28:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Local Settings\Data aplikací\PunkBuster
[2010.05.30 13:54:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Data aplikací\Facebook
[2010.05.29 11:32:30 | 000,091,264 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrsce.sys
[2010.05.29 11:32:22 | 000,014,848 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrmdfl.sys
[2010.05.29 11:32:18 | 000,109,568 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrmdmc.sys
[2010.05.29 11:02:37 | 000,109,568 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrmdm.sys
[2010.05.29 11:02:37 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrcmnt.sys
[2010.05.29 11:02:37 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrcm.sys
[2010.05.29 10:45:25 | 000,063,360 | R--- | C] (MCCI) -- C:\WINDOWS\System32\drivers\zebrceb.sys
[2010.05.29 10:45:25 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrwhnt.sys
[2010.05.29 10:45:25 | 000,012,160 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\zebrwh.sys
[2010.05.29 10:44:29 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010.05.22 19:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\PowerQuest
[2010.05.22 19:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Local Settings\Data aplikací\Help
[2010.05.22 19:07:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ivo\Data aplikací\Help
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
File not found -- C:\Documents and Settings\ivo\Plocha\[Torrentreactor.to] - The Twilight Saga Eclipse (2010 Movie) DVDRip [Full Movie] XviD-DiVXTEAM.torrent
[2055.09.19 08:29:11 | 000,002,012 | ---- | M] () -- C:\WINDOWS\System32\NAV_75_cltDynam.dat
[2010.06.20 15:35:48 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ivo\Plocha\OTL.exe
[2010.06.20 14:00:24 | 000,000,537 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\Cheat Engine.lnk
[2010.06.20 13:51:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\popcreg.dat
[2010.06.20 13:51:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2010.06.20 13:41:26 | 000,001,430 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\DivX Movies.lnk
[2010.06.20 13:37:32 | 000,000,562 | ---- | M] () -- C:\WINDOWS\tasks\Automatic troubleshooting.job
[2010.06.20 13:36:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.20 13:36:33 | 000,013,684 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.20 13:36:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.20 13:36:18 | 1073,270,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.20 13:35:25 | 003,407,872 | ---- | M] () -- C:\Documents and Settings\ivo\ntuser.dat
[2010.06.20 12:59:56 | 000,215,016 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.06.19 22:30:53 | 000,001,487 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\CCleaner.lnk
[2010.06.16 11:51:28 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\ivo\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.15 22:34:17 | 000,168,448 | ---- | M] () -- C:\WINDOWS\Gqasea.exe
[2010.06.12 16:49:52 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.12 16:43:09 | 000,631,610 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1107000.00C\Cat.DB
[2010.06.12 16:29:01 | 001,012,200 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.12 16:29:01 | 000,443,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.12 16:29:01 | 000,440,316 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.12 16:29:01 | 000,083,652 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.12 16:29:01 | 000,071,846 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.08 19:02:20 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\kovohute.doc
[2010.06.06 19:05:57 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.06 00:17:37 | 000,138,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.06.05 19:58:00 | 000,001,800 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\SRDownloader.nast
[2010.06.04 18:41:05 | 010,002,553 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\Nejkrásnější reklama na používání bezpečnostních pásů Stream.cz.3gp
[2010.06.01 17:40:33 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\PnkBstrK.sys
[2010.06.01 17:40:16 | 002,427,248 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.05.29 23:52:34 | 002,302,106 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\last of the mohicans 2009.mp3
[2010.05.29 10:59:18 | 000,000,898 | ---- | M] () -- C:\Documents and Settings\ivo\Plocha\Update Service.lnk
[2010.05.26 04:56:13 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Norton Internet Security.LNK
[2010.05.22 18:51:21 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.06.20 14:00:24 | 000,000,537 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\Cheat Engine.lnk
[2010.06.20 14:00:23 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.06.20 13:51:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2010.06.20 13:51:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2010.06.20 13:41:26 | 000,001,430 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\DivX Movies.lnk
[2010.06.15 22:34:24 | 000,168,448 | ---- | C] () -- C:\WINDOWS\Gqasea.exe
[2010.06.08 15:58:49 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\kovohute.doc
[2010.06.04 18:40:47 | 010,002,553 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\Nejkrásnější reklama na používání bezpečnostních pásů Stream.cz.3gp
[2010.05.30 16:29:17 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.05.30 16:16:16 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.05.30 16:16:16 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\ivo\Data aplikací\PnkBstrK.sys
[2010.05.30 16:15:38 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.05.30 16:15:36 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.05.30 16:15:36 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.05.29 23:52:12 | 002,302,106 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\last of the mohicans 2009.mp3
[2010.05.29 10:59:18 | 000,000,898 | ---- | C] () -- C:\Documents and Settings\ivo\Plocha\Update Service.lnk
[2010.05.22 18:51:21 | 000,535,624 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2010.05.22 18:51:20 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2010.05.22 18:51:20 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2010.05.09 03:35:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.04.17 20:49:08 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.03.10 16:06:05 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010.02.25 00:40:26 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.02.02 02:57:01 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2010.02.02 02:21:11 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010.02.02 01:29:34 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.02.02 01:29:20 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010.02.01 22:55:57 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.02.01 22:55:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.02.01 22:55:56 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.02.01 22:55:56 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.02.01 22:55:55 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.02.01 22:55:55 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
========== LOP Check ==========
[2010.04.17 20:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.02.02 11:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.02.01 23:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.03.08 02:32:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.02.05 22:56:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2010.02.12 13:55:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2010.02.05 22:56:13 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.04.17 21:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\DAEMON Tools Lite
[2010.02.02 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ESET
[2010.05.30 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Facebook
[2010.02.01 23:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Foxit
[2010.06.20 13:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ICQ
[2010.02.04 23:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TeamViewer
[2010.05.29 13:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Teleca
[2010.02.05 21:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Tific
[2010.04.18 01:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TrustPort
[2010.02.05 22:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TuneUp Software
[2010.06.18 03:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Vso
[2010.02.07 18:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2010.06.20 13:37:32 | 000,000,562 | ---- | M] () -- C:\WINDOWS\Tasks\Automatic troubleshooting.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< c:\windows\*.* /U >
[4 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Re: preventivka
< %APPDATA%\*. >
[2010.02.01 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Adobe
[2010.04.17 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Ahead
[2010.02.01 22:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ATI
[2010.04.17 21:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\DAEMON Tools Lite
[2010.04.21 11:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\DivX
[2010.04.04 13:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Download Manager
[2010.02.02 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ESET
[2010.05.30 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Facebook
[2010.02.01 23:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Foxit
[2010.05.22 19:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Help
[2010.06.20 13:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ICQ
[2010.02.01 21:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Identities
[2010.02.01 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Macromedia
[2010.05.02 04:03:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ivo\Data aplikací\Microsoft
[2010.02.01 22:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla
[2010.02.06 19:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Nero
[2010.06.18 00:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Skype
[2010.06.18 00:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\skypePM
[2010.03.03 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Sony Ericsson
[2010.02.02 11:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Sun
[2010.02.04 23:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TeamViewer
[2010.05.29 13:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Teleca
[2010.02.05 21:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Tific
[2010.04.18 01:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TrustPort
[2010.02.05 22:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TuneUp Software
[2010.04.27 13:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Ventrilo
[2010.06.18 03:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Vso
[2010.02.01 22:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Winamp
[2010.02.01 22:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2010.02.22 23:20:38 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\inst.exe
[2010.05.30 13:54:10 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\ivo\Data aplikací\Facebook\uninstall.exe
[2010.04.17 20:50:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\ivo\Data aplikací\Microsoft\Installer\{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}\ARPPRODUCTICON.exe
[2010.02.26 13:00:30 | 001,291,640 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sata_ide\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sata_ide\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\drivers\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\nvata.sys
[2005.05.17 18:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINXP\IDE\WinXP\sata_ide\nvata.sys
< MD5 for: NVATABUS.SYS >
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\nvatabus.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\nvatabus.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\nvatabus.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\nvatabus.sys
[2005.05.17 18:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINXP\IDE\WinXP\pataraid\nvatabus.sys
[2005.05.17 18:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINXP\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2005.05.17 18:45:12 | 000,076,288 | ---- | M] (NVIDIA Corporation) MD5=9C8A8E00648EAF7A1D794F7CFB25A6B4 -- C:\WINXP\IDE\WinXP\pataraid\nvraid.sys
[2005.05.17 18:45:12 | 000,076,288 | ---- | M] (NVIDIA Corporation) MD5=9C8A8E00648EAF7A1D794F7CFB25A6B4 -- C:\WINXP\IDE\WinXP\sataraid\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\nvraid.sys
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2010.02.04 23:24:33 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=CBEEBEB899E31EF52B962CB31FC8CA5C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.17 20:49:09 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.02.01 21:31:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.02.01 21:31:27 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.02.01 21:31:27 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2055.09.19 08:29:11 | 000,002,012 | ---- | M] () -- C:\WINDOWS\system32\NAV_75_cltDynam.dat
[2010.06.20 15:43:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\nmp.log
[2010.06.20 12:53:59 | 000,215,016 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2010.06.20 12:59:56 | 000,215,016 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[2010.06.20 13:36:33 | 000,013,684 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.06.20 13:36:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\_nvidia_xxx_.log
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
[2010.02.01 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Adobe
[2010.04.17 23:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Ahead
[2010.02.01 22:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ATI
[2010.04.17 21:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\DAEMON Tools Lite
[2010.04.21 11:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\DivX
[2010.04.04 13:16:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Download Manager
[2010.02.02 11:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ESET
[2010.05.30 13:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Facebook
[2010.02.01 23:13:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Foxit
[2010.05.22 19:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Help
[2010.06.20 13:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\ICQ
[2010.02.01 21:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Identities
[2010.02.01 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Macromedia
[2010.05.02 04:03:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ivo\Data aplikací\Microsoft
[2010.02.01 22:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Mozilla
[2010.02.06 19:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Nero
[2010.06.18 00:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Skype
[2010.06.18 00:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\skypePM
[2010.03.03 18:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Sony Ericsson
[2010.02.02 11:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Sun
[2010.02.04 23:16:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TeamViewer
[2010.05.29 13:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Teleca
[2010.02.05 21:16:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Tific
[2010.04.18 01:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TrustPort
[2010.02.05 22:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\TuneUp Software
[2010.04.27 13:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Ventrilo
[2010.06.18 03:25:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Vso
[2010.02.01 22:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\Winamp
[2010.02.01 22:28:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ivo\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2010.02.22 23:20:38 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\inst.exe
[2010.05.30 13:54:10 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\ivo\Data aplikací\Facebook\uninstall.exe
[2010.04.17 20:50:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\ivo\Data aplikací\Microsoft\Installer\{F16DCA31-4DB4-F8F6-5ED1-6FAFB7228FFF}\ARPPRODUCTICON.exe
[2010.02.26 13:00:30 | 001,291,640 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\ivo\Data aplikací\Mozilla\Firefox\Profiles\a0ret29g.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2010.02.03 01:13:41 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sata_ide\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sata_ide\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\drivers\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\nvata.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\nvata.sys
[2005.05.17 18:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINXP\IDE\WinXP\sata_ide\nvata.sys
< MD5 for: NVATABUS.SYS >
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\nvatabus.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\nvatabus.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\nvatabus.sys
[2006.04.24 18:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\nvatabus.sys
[2005.05.17 18:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINXP\IDE\WinXP\pataraid\nvatabus.sys
[2005.05.17 18:45:08 | 000,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINXP\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2005.05.17 18:45:12 | 000,076,288 | ---- | M] (NVIDIA Corporation) MD5=9C8A8E00648EAF7A1D794F7CFB25A6B4 -- C:\WINXP\IDE\WinXP\pataraid\nvraid.sys
[2005.05.17 18:45:12 | 000,076,288 | ---- | M] (NVIDIA Corporation) MD5=9C8A8E00648EAF7A1D794F7CFB25A6B4 -- C:\WINXP\IDE\WinXP\sataraid\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\legacy\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\Win2K\sataraid\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\legacy\nvraid.sys
[2006.04.24 18:52:36 | 000,082,944 | ---- | M] (NVIDIA Corporation) MD5=B65CE56C36F573113FF2F6D0F07B7563 -- C:\NVIDIA\nForceWin2KXP\6.86\IDE\WinXP\sataraid\nvraid.sys
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2010.02.04 23:24:33 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=CBEEBEB899E31EF52B962CB31FC8CA5C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.04.17 20:49:09 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.02.01 21:31:27 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.02.01 21:31:27 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.02.01 21:31:27 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0\0
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2055.09.19 08:29:11 | 000,002,012 | ---- | M] () -- C:\WINDOWS\system32\NAV_75_cltDynam.dat
[2010.06.20 15:43:29 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\nmp.log
[2010.06.20 12:53:59 | 000,215,016 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2010.06.20 12:59:56 | 000,215,016 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[2010.06.20 13:36:33 | 000,013,684 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.06.20 13:36:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\system32\_nvidia_xxx_.log
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: preventivka
Doporučuji odinstalovat µTorrent.P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Spusťte OTL a do spodního okna vložte následující skript.
Kód: Vybrat vše
:OTL
IE - HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14672&l=dis
O4 - HKLM..\Run: [KernelFaultCheck] File not found
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2010.02.22 23:20:38 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\ivo\Data aplikací\inst.exe
:Commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]C:\WINDOWS\System32\pwdrvio.sys
(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Re: preventivka
All processes killed
========== OTL ==========
HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
C:\WINDOWS\002531_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\Documents and Settings\ivo\Data aplikací\inst.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temporary Internet Files folder emptied: 32768 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: ivo
->Temp folder emptied: 2826908587 bytes
->Temporary Internet Files folder emptied: 8248506 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77855133 bytes
->Flash cache emptied: 3718 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3017711 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 25503190 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2 805,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: ivo
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.6.0 log created on 06202010_190001
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7c8.dat not found!
Registry entries deleted on Reboot...
========== OTL ==========
HKU\S-1-5-21-602162358-651377827-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
C:\WINDOWS\002531_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\Documents and Settings\ivo\Data aplikací\inst.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temporary Internet Files folder emptied: 32768 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: ivo
->Temp folder emptied: 2826908587 bytes
->Temporary Internet Files folder emptied: 8248506 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77855133 bytes
->Flash cache emptied: 3718 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3017711 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 25503190 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2 805,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: ivo
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore points cleared and new OTL Restore Point set!
OTL by OldTimer - Version 3.2.6.0 log created on 06202010_190001
Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_7c8.dat not found!
Registry entries deleted on Reboot...
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Re: preventivka
* Analýza
* Hledání součtů
* Statistiky
* Email/Uploader
* O VT
Soubor pwdrvio.sys přijatý 2010.06.20 16:54:30 (UTC)
Současný stav: Dokončeno
Výsledek: 0/41 (0.00%)
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 5.0.0.26 2010.06.20 -
AhnLab-V3 2010.06.20.00 2010.06.19 -
AntiVir 8.2.2.6 2010.06.18 -
Antiy-AVL 2.0.3.7 2010.06.18 -
Authentium 5.2.0.5 2010.06.20 -
Avast 4.8.1351.0 2010.06.20 -
Avast5 5.0.332.0 2010.06.20 -
AVG 9.0.0.787 2010.06.20 -
BitDefender 7.2 2010.06.20 -
CAT-QuickHeal 10.00 2010.06.18 -
ClamAV 0.96.0.3-git 2010.06.20 -
Comodo 5162 2010.06.20 -
DrWeb 5.0.2.03300 2010.06.20 -
eSafe 7.0.17.0 2010.06.20 -
eTrust-Vet 36.1.7650 2010.06.19 -
F-Prot 4.6.1.107 2010.06.20 -
F-Secure 9.0.15370.0 2010.06.20 -
Fortinet 4.1.133.0 2010.06.20 -
GData 21 2010.06.20 -
Ikarus T3.1.1.84.0 2010.06.20 -
Jiangmin 13.0.900 2010.06.15 -
Kaspersky 7.0.0.125 2010.06.20 -
McAfee 5.400.0.1158 2010.06.20 -
McAfee-GW-Edition 2010.1 2010.06.20 -
Microsoft 1.5902 2010.06.20 -
NOD32 5212 2010.06.20 -
Norman 6.05.06 2010.06.20 -
nProtect 2010-06-20.02 2010.06.20 -
Panda 10.0.2.7 2010.06.20 -
PCTools 7.0.3.5 2010.06.20 -
Prevx 3.0 2010.06.20 -
Rising 22.52.06.04 2010.06.20 -
Sophos 4.54.0 2010.06.20 -
Sunbelt 6479 2010.06.20 -
Symantec 20101.1.0.89 2010.06.20 -
TheHacker 6.5.2.0.302 2010.06.20 -
TrendMicro 9.120.0.1004 2010.06.20 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.20 -
VBA32 3.12.12.5 2010.06.18 -
ViRobot 2010.6.19.3894 2010.06.19 -
VirusBuster 5.0.27.0 2010.06.20 -
Rozšiřující informace
File size: 16472 bytes
MD5 : 297e2746df41528a0950f3af80cedb2d
SHA1 : 8f7cebca711f7a2f986c3c02b73700dda294353f
SHA256: 65af62d3f41a7455545a3c7685d747991f9cfba637c1b8e52c2aedbfd0362537
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x5005
timedatestamp.....: 0x4A31FC6E (Fri Jun 12 08:57:50 2009)
machinetype.......: 0x14C (Intel I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x16A4 0x1800 6.08 2f6de381b601ff6311fb64703e28539c
.rdata 0x3000 0x1BB 0x200 4.48 6ec08ed89823b79b371229c7e6beed2e
.data 0x4000 0x60 0x200 0.40 46a28988e9629660837feef46ebb5480
INIT 0x5000 0x38E 0x400 4.95 4f711bccdefd07569757710ea5211949
.reloc 0x6000 0x188 0x200 3.51 68a3389fe130ba878fcfe7a6a02ea3b7
( 1 imports )
> ntoskrnl.exe: DbgPrint, IoGetLowerDeviceObject, RtlCompareUnicodeString, RtlInitUnicodeString, ObfDereferenceObject, IoDeleteDevice, IoDeleteSymbolicLink, ObfReferenceObject, IoGetDeviceObjectPointer, memset, IoFreeIrp, KeSetEvent, IoFreeMdl, MmUnlockPages, ExFreePoolWithTag, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoBuildAsynchronousFsdRequest, IofCompleteRequest, MmMapLockedPagesSpecifyCache, IoGetAttachedDeviceReference, RtlUnicodeStringToInteger, ExAllocatePoolWithTag, memcpy, IoBuildDeviceIoControlRequest, IoCreateSymbolicLink, IoCreateDevice, KeTickCount, KeBugCheckEx, RtlAnsiCharToUnicodeChar
( 0 exports )
TrID : File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
ssdeep: 384:g4kqXXrh7w/irf0fm4Xz18j+TgNE58kO9iG9:Hnbfsm4XpC+EkO9iG9
sigcheck: -
PEiD : -
RDS : NSRL Reference Data Set
-
VAROVÁNÍ VAROVÁNÍ: VirusTotal je služba poskytovaná zdarma společnosti Hispasec Sistemas. Kvalita výsledků není nijak zaručena. Výsledky jsou závislé na tvůrci daného produktu. Vysledky testů nemusí být 100% správné. Tyto výsledky nemusí znamenat, že daný soubor je infikován, nebo čistý!
* Hledání součtů
* Statistiky
* Email/Uploader
* O VT
Soubor pwdrvio.sys přijatý 2010.06.20 16:54:30 (UTC)
Současný stav: Dokončeno
Výsledek: 0/41 (0.00%)
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 5.0.0.26 2010.06.20 -
AhnLab-V3 2010.06.20.00 2010.06.19 -
AntiVir 8.2.2.6 2010.06.18 -
Antiy-AVL 2.0.3.7 2010.06.18 -
Authentium 5.2.0.5 2010.06.20 -
Avast 4.8.1351.0 2010.06.20 -
Avast5 5.0.332.0 2010.06.20 -
AVG 9.0.0.787 2010.06.20 -
BitDefender 7.2 2010.06.20 -
CAT-QuickHeal 10.00 2010.06.18 -
ClamAV 0.96.0.3-git 2010.06.20 -
Comodo 5162 2010.06.20 -
DrWeb 5.0.2.03300 2010.06.20 -
eSafe 7.0.17.0 2010.06.20 -
eTrust-Vet 36.1.7650 2010.06.19 -
F-Prot 4.6.1.107 2010.06.20 -
F-Secure 9.0.15370.0 2010.06.20 -
Fortinet 4.1.133.0 2010.06.20 -
GData 21 2010.06.20 -
Ikarus T3.1.1.84.0 2010.06.20 -
Jiangmin 13.0.900 2010.06.15 -
Kaspersky 7.0.0.125 2010.06.20 -
McAfee 5.400.0.1158 2010.06.20 -
McAfee-GW-Edition 2010.1 2010.06.20 -
Microsoft 1.5902 2010.06.20 -
NOD32 5212 2010.06.20 -
Norman 6.05.06 2010.06.20 -
nProtect 2010-06-20.02 2010.06.20 -
Panda 10.0.2.7 2010.06.20 -
PCTools 7.0.3.5 2010.06.20 -
Prevx 3.0 2010.06.20 -
Rising 22.52.06.04 2010.06.20 -
Sophos 4.54.0 2010.06.20 -
Sunbelt 6479 2010.06.20 -
Symantec 20101.1.0.89 2010.06.20 -
TheHacker 6.5.2.0.302 2010.06.20 -
TrendMicro 9.120.0.1004 2010.06.20 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.20 -
VBA32 3.12.12.5 2010.06.18 -
ViRobot 2010.6.19.3894 2010.06.19 -
VirusBuster 5.0.27.0 2010.06.20 -
Rozšiřující informace
File size: 16472 bytes
MD5 : 297e2746df41528a0950f3af80cedb2d
SHA1 : 8f7cebca711f7a2f986c3c02b73700dda294353f
SHA256: 65af62d3f41a7455545a3c7685d747991f9cfba637c1b8e52c2aedbfd0362537
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x5005
timedatestamp.....: 0x4A31FC6E (Fri Jun 12 08:57:50 2009)
machinetype.......: 0x14C (Intel I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x16A4 0x1800 6.08 2f6de381b601ff6311fb64703e28539c
.rdata 0x3000 0x1BB 0x200 4.48 6ec08ed89823b79b371229c7e6beed2e
.data 0x4000 0x60 0x200 0.40 46a28988e9629660837feef46ebb5480
INIT 0x5000 0x38E 0x400 4.95 4f711bccdefd07569757710ea5211949
.reloc 0x6000 0x188 0x200 3.51 68a3389fe130ba878fcfe7a6a02ea3b7
( 1 imports )
> ntoskrnl.exe: DbgPrint, IoGetLowerDeviceObject, RtlCompareUnicodeString, RtlInitUnicodeString, ObfDereferenceObject, IoDeleteDevice, IoDeleteSymbolicLink, ObfReferenceObject, IoGetDeviceObjectPointer, memset, IoFreeIrp, KeSetEvent, IoFreeMdl, MmUnlockPages, ExFreePoolWithTag, KeWaitForSingleObject, IofCallDriver, KeInitializeEvent, IoBuildAsynchronousFsdRequest, IofCompleteRequest, MmMapLockedPagesSpecifyCache, IoGetAttachedDeviceReference, RtlUnicodeStringToInteger, ExAllocatePoolWithTag, memcpy, IoBuildDeviceIoControlRequest, IoCreateSymbolicLink, IoCreateDevice, KeTickCount, KeBugCheckEx, RtlAnsiCharToUnicodeChar
( 0 exports )
TrID : File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
ssdeep: 384:g4kqXXrh7w/irf0fm4Xz18j+TgNE58kO9iG9:Hnbfsm4XpC+EkO9iG9
sigcheck: -
PEiD : -
RDS : NSRL Reference Data Set
-
VAROVÁNÍ VAROVÁNÍ: VirusTotal je služba poskytovaná zdarma společnosti Hispasec Sistemas. Kvalita výsledků není nijak zaručena. Výsledky jsou závislé na tvůrci daného produktu. Vysledky testů nemusí být 100% správné. Tyto výsledky nemusí znamenat, že daný soubor je infikován, nebo čistý!
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: preventivka
totok neni muj komp a ten utorrent chce kamos nechat....tak sem mu aspon vysvetlil co muze poten. chytnout...pak uz to bude jeho vec jak se mu neco rzbije...
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Re: preventivka
ozkusam ale rozhodne se najednou naslo plno volneho mista na hadru C....
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: preventivka
po startu kompu nabehne normalne win. ale nez se spusti vsechny programy tak mi pripada ze chvila nic nedela...
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Re: preventivka
ale inak pak je rychlejsi...thx....
tykajte mi......na vykaní ještě nemám šediny.
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Osumdesát procent mozku človeka tvoří kapalina. U některých brzdová....
Realita je pro kazdeho jina....stejne jako zákon........
Přispějete na provoz fóra?