Zhruba před týdnem mi začal blbnout pc, ve firefoxu když dám něco vyhledat na google tak mi najde nějaké výsledky a když chci jít na další stránku tak původní stránka zesvětlá a další nenajede (dřive bez problémů šlo,neinstaloval sem žádny doplněk a neměnil nastavení). Další problém s ff nastává když vypínám pc, píše to že se ukončuje firefox.exe přesto že již vypnut je a není vidět ani v procesech, k tomu dnes přibyl ještě problém při spouštení, píše:Nepodařilo se aktualizovat aplikaci firefox.. a musím dát Ok.
Předem díky za rady
RSIT log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Selda at 2011-03-02 14:17:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 777 GB (81%) free of 954 GB
Total RAM: 2559 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:17:32, on 2.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Selda\Plocha\RSIT.exe
C:\Program Files\trend micro\Selda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}] C:\WINDOWS\system32\App64\App64.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5375383781
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 8464 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2011-01-13 141184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-12-26 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-04 102400]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-06 19556968]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}"=C:\WINDOWS\system32\App64\App64.exe [2011-02-25 650124]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-05-05 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MagicTune Premium\MagicTune.exe"="C:\Program Files\MagicTune Premium\MagicTune.exe:*:Enabled:MagicTune"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\QIP 2010\qip.exe"="C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Games\Paintball2\paintball2.exe"="C:\Games\Paintball2\paintball2.exe:*:Enabled:Digital Paint: Paintball 2"
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe"="C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps"
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOpsMP.exe"="C:\Program Files\Activision\Call of Duty - Black Ops\BlackOpsMP.exe:*:Enabled:BlackOpsMP"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Garena Messenger\Room\garena_room.exe"="C:\Program Files\Garena Messenger\Room\garena_room.exe:*:Enabled:Garena"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe"="C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe:*:Enabled:Grand Theft Auto IV - Episodes From Liberty City"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\WinSCP\WinSCP.exe"="C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:WinSCP: SFTP, FTP and SCP client"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
======List of files/folders created in the last 1 months======
2011-03-02 11:49:31 ----A---- C:\WINDOWS\ntbtlog.txt
2011-02-28 22:48:59 ----D---- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
2011-02-28 22:24:30 ----D---- C:\Program Files\Ask.com
2011-02-28 22:24:11 ----D---- C:\Program Files\The KMPlayer
2011-02-28 14:47:33 ----D---- C:\rsit
2011-02-28 14:47:33 ----D---- C:\Program Files\trend micro
2011-02-25 21:38:45 ----D---- C:\WINDOWS\system32\App64
2011-02-18 23:17:16 ----D---- C:\Documents and Settings\Selda\Data aplikací\Publish Providers
2011-02-18 23:13:33 ----A---- C:\WINDOWS\WORDPAD.INI
2011-02-18 21:17:20 ----D---- C:\Documents and Settings\Selda\Data aplikací\Sony
2011-02-18 21:14:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2011-02-14 23:07:53 ----D---- C:\Program Files\EasyPHP-5.3.5.0
2011-02-13 16:46:38 ----D---- C:\Program Files\MediaInfo
2011-02-08 15:55:24 ----D---- C:\Program Files\Gadwin Systems
2011-02-04 19:50:38 ----D---- C:\Program Files\WinSCP
2011-02-03 00:47:56 ----D---- C:\Program Files\MDM
======List of files/folders modified in the last 1 months======
2011-03-02 14:17:31 ----D---- C:\WINDOWS\Temp
2011-03-02 13:11:25 ----D---- C:\WINDOWS\Prefetch
2011-03-02 13:07:30 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-02 12:23:23 ----D---- C:\WINDOWS\system32
2011-03-02 12:23:19 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-03-02 12:01:41 ----D---- C:\Program Files\QIP Infium
2011-03-02 11:55:07 ----D---- C:\Program Files\Mozilla Firefox
2011-03-02 11:49:31 ----D---- C:\WINDOWS
2011-03-02 10:56:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-01 00:39:15 ----D---- C:\Documents and Settings\Selda\Data aplikací\Media Player Classic
2011-03-01 00:39:05 ----D---- C:\WINDOWS\Minidump
2011-03-01 00:39:05 ----D---- C:\WINDOWS\Debug
2011-03-01 00:31:11 ----D---- C:\Program Files\CCleaner
2011-02-28 23:14:21 ----SD---- C:\Documents and Settings\Selda\Data aplikací\Microsoft
2011-02-28 23:00:34 ----SHD---- C:\WINDOWS\Installer
2011-02-28 22:58:42 ----RD---- C:\Program Files
2011-02-28 22:24:32 ----SD---- C:\WINDOWS\Tasks
2011-02-28 14:12:56 ----RSD---- C:\WINDOWS\Fonts
2011-02-25 13:32:53 ----D---- C:\Documents and Settings\Selda\Data aplikací\Adobe
2011-02-20 14:53:39 ----D---- C:\Documents and Settings\Selda\Data aplikací\Skype
2011-02-20 14:52:55 ----D---- C:\Documents and Settings\Selda\Data aplikací\skypePM
2011-02-20 14:52:42 ----RD---- C:\Program Files\Skype
2011-02-20 14:51:52 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-19 15:30:07 ----D---- C:\Documents and Settings\Selda\Data aplikací\Hamachi
2011-02-18 21:14:30 ----RSD---- C:\WINDOWS\assembly
2011-02-18 21:13:54 ----D---- C:\Program Files\Sony
2011-02-18 21:12:46 ----D---- C:\WINDOWS\WinSxS
2011-02-16 00:02:11 ----D---- C:\Documents and Settings\Selda\Data aplikací\gtk-2.0
2011-02-10 16:04:58 ----D---- C:\Program Files\pspad455b2405
2011-02-09 13:46:42 ----SHD---- C:\RECYCLER
2011-02-03 19:37:47 ----D---- C:\Program Files\Burn4Free
2011-02-03 01:16:43 ----D---- C:\Program Files\Microsoft ActiveSync
2011-02-03 01:16:43 ----D---- C:\Program Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-08-14 105344]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-05 4807680]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-04-08 101904]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
R3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-01-01 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-06 6088296]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 4\LU4\FLASHSYS.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Messenger\Room\safedrv.sys []
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-05 602112]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-12-26 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-12-30 75136]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-05 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka a problém s ff
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka a problém s ff
Zdravim a pekny den preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
Predpokladam ze ten NOD32 mate legalni = zakoupena licence 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit Predpokladam ze ten NOD32 mate legalni = zakoupena licence "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka a problém s ff
info.txt logfile of random's system information tool 1.08 2011-02-28 14:47:40
======Uninstall list======
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\4977c84bcdc298c444ccfbdcccb660d\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}
Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Adobe Reader for Pocket PC 2.0-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{291A772C-FFB9-4681-B720-AB2A0A620896}
Adobe Setup-->MsiExec.exe /I{0901FCE8-5415-4499-BBC8-1AA106DD66E2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Age of Empires Campaigns-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B433560-10DD-40FD-87DE-222355798CC7}\setup.exe" -l0x9
Age of Empires Manual-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA8EDE2A-732D-431C-8E8A-D085A9D5BE4B}\setup.exe" -l0x9
Age of Empires Scenarios-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{520F5B6C-44B8-418F-BBA2-3AD149F59A75}\setup.exe" -l0x9
Age of Empires Video-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B00A513-5EC9-45FE-8073-73A6C8F7E399}\setup.exe" -l0x9
Age of Empires-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FE644DF-66E6-405E-865E-BBA8A5E7B330}\setup.exe" -l0x9
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0005 -removeonly
ATI AVIVO Codecs-->MsiExec.exe /I{C7817822-57E6-7564-8400-CEF1C8DEF7CA}
ATI Problem Report Wizard-->MsiExec.exe /X{832C9764-D951-059D-05C7-E8EC41A5E510}
Atomic Cannon PPC-->C:\Program Files\Microsoft ActiveSync\Atomic Cannon PPC\uninst.exe
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Burn4Free CD and DVD-->"C:\Program Files\Burn4Free\uninstall.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"C:\Program Files\Activision\Call of Duty - Black Ops\unins000.exe"
Canon MP250 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
Catalyst Control Center - Branding-->MsiExec.exe /I{87323561-58BA-4D5B-BADA-A791B69D1705}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Filter Forge 2.009-->"C:\Program Files\Filter Forge 2\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe
GamePark-->"C:\Program Files\GamePark\unins000.exe"
GIMP 2.6.11-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Grand Theft Auto IV - Episodes From Liberty City-->"C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\Uninstall\unins000.exe"
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iWisoft Free Video Converter 1.2-->"C:\Program Files\iWisoft Free Video Converter\unins000.exe"
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
K-Lite Codec Pack 6.4.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Liveupdate4-->"C:\Program Files\MSI\Live Update 4\unins000.exe"
Mafia II DLC Joe's Adventures-->"C:\Program Files\2K Games\Mafia II\unins000.exe"
MediaInfo 0.7.41-->C:\Program Files\MediaInfo\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
NVIDIA Photoshop Plug-ins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23F79416-CAD1-41BF-99A3-040F6C814AAA}\setup.exe" -l0x9
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Paintball2 Alpha build 32 update-->C:\Games\Paintball2\uninst.exe
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x5 -removeonly
Samsung_MonSetup-->C:\Program Files\InstallShield Installation Information\{8EA79DBF-D637-448A-89D6-410A087A4493}\setup.exe -runfromtemp -l0x0009 -removeonly
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe
Vegas Pro 9.0-->MsiExec.exe /X{DC785DB7-D389-48C3-B146-96FE99BF4E2B}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WinSCP 4.2.9-->"C:\Program Files\WinSCP\unins000.exe"
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
======Security center information======
AV: ESET NOD32 Antivirus 4.2
======System event log======
Computer Name: SELDA-9F39A30ED
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Adaptér výkonu služby WMI úspěšně odeslán.
Record Number: 12321
Source Name: Service Control Manager
Time Written: 20110221142430.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: SELDA-9F39A30ED
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Spuštěno
Record Number: 12320
Source Name: Service Control Manager
Time Written: 20110221142430.000000+060
Event Type: Informace
User:
Computer Name: SELDA-9F39A30ED
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.
Record Number: 12319
Source Name: Service Control Manager
Time Written: 20110221142430.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: SELDA-9F39A30ED
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 12318
Source Name: EventLog
Time Written: 20110221142419.000000+060
Event Type: Informace
User:
Computer Name: SELDA-9F39A30ED
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.
Record Number: 12317
Source Name: EventLog
Time Written: 20110221142419.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x00276732.
Record Number: 415
Source Name: Application Error
Time Written: 20101230221053.000000+060
Event Type: Chyba
User:
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x0027cc1a.
Record Number: 414
Source Name: Application Error
Time Written: 20101230221020.000000+060
Event Type: Chyba
User:
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x00276732.
Record Number: 413
Source Name: Application Error
Time Written: 20101230220950.000000+060
Event Type: Chyba
User:
Computer Name: SELDA-9F39A30ED
Event Code: 4097
Message: Aplikace C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe vygenerovala aplikační chybu.
K chybě došlo dne 30. 12. 2010 v 22:09:39,984
Vygenerovaná výjimka: c0000005 na adrese 0067CC1A (iw3mp)
Record Number: 412
Source Name: DrWatson
Time Written: 20101230220940.000000+060
Event Type: Informace
User:
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x0027cc1a.
Record Number: 411
Source Name: Application Error
Time Written: 20101230220937.000000+060
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"NUMBER_OF_PROCESSORS"=3
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Ano.
======Uninstall list======
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Extra Settings-->MsiExec.exe /I{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\4977c84bcdc298c444ccfbdcccb660d\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}
Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Adobe Reader for Pocket PC 2.0-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{291A772C-FFB9-4681-B720-AB2A0A620896}
Adobe Setup-->MsiExec.exe /I{0901FCE8-5415-4499-BBC8-1AA106DD66E2}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Age of Empires Campaigns-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B433560-10DD-40FD-87DE-222355798CC7}\setup.exe" -l0x9
Age of Empires Manual-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DA8EDE2A-732D-431C-8E8A-D085A9D5BE4B}\setup.exe" -l0x9
Age of Empires Scenarios-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{520F5B6C-44B8-418F-BBA2-3AD149F59A75}\setup.exe" -l0x9
Age of Empires Video-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B00A513-5EC9-45FE-8073-73A6C8F7E399}\setup.exe" -l0x9
Age of Empires-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FE644DF-66E6-405E-865E-BBA8A5E7B330}\setup.exe" -l0x9
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0005 -removeonly
ATI AVIVO Codecs-->MsiExec.exe /I{C7817822-57E6-7564-8400-CEF1C8DEF7CA}
ATI Problem Report Wizard-->MsiExec.exe /X{832C9764-D951-059D-05C7-E8EC41A5E510}
Atomic Cannon PPC-->C:\Program Files\Microsoft ActiveSync\Atomic Cannon PPC\uninst.exe
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
Burn4Free CD and DVD-->"C:\Program Files\Burn4Free\uninstall.exe"
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"C:\Program Files\Activision\Call of Duty - Black Ops\unins000.exe"
Canon MP250 series MP Drivers-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series
Catalyst Control Center - Branding-->MsiExec.exe /I{87323561-58BA-4D5B-BADA-A791B69D1705}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Filter Forge 2.009-->"C:\Program Files\Filter Forge 2\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe
GamePark-->"C:\Program Files\GamePark\unins000.exe"
GIMP 2.6.11-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Grand Theft Auto IV - Episodes From Liberty City-->"C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\Uninstall\unins000.exe"
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
iWisoft Free Video Converter 1.2-->"C:\Program Files\iWisoft Free Video Converter\unins000.exe"
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
K-Lite Codec Pack 6.4.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Liveupdate4-->"C:\Program Files\MSI\Live Update 4\unins000.exe"
Mafia II DLC Joe's Adventures-->"C:\Program Files\2K Games\Mafia II\unins000.exe"
MediaInfo 0.7.41-->C:\Program Files\MediaInfo\uninst.exe
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{A1C962E2-2426-49C6-A38B-9A07E40D607C}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers-->C:\WINDOWS\system32\nvuide.exe UninstallGUI
NVIDIA Photoshop Plug-ins-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23F79416-CAD1-41BF-99A3-040F6C814AAA}\setup.exe" -l0x9
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Paintball2 Alpha build 32 update-->C:\Games\Paintball2\uninst.exe
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x5 -removeonly
Samsung_MonSetup-->C:\Program Files\InstallShield Installation Information\{8EA79DBF-D637-448A-89D6-410A087A4493}\setup.exe -runfromtemp -l0x0009 -removeonly
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
TeamViewer 6-->C:\Program Files\TeamViewer\Version6\uninstall.exe
Vegas Pro 9.0-->MsiExec.exe /X{DC785DB7-D389-48C3-B146-96FE99BF4E2B}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
WinSCP 4.2.9-->"C:\Program Files\WinSCP\unins000.exe"
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
======Security center information======
AV: ESET NOD32 Antivirus 4.2
======System event log======
Computer Name: SELDA-9F39A30ED
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Adaptér výkonu služby WMI úspěšně odeslán.
Record Number: 12321
Source Name: Service Control Manager
Time Written: 20110221142430.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: SELDA-9F39A30ED
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Spuštěno
Record Number: 12320
Source Name: Service Control Manager
Time Written: 20110221142430.000000+060
Event Type: Informace
User:
Computer Name: SELDA-9F39A30ED
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.
Record Number: 12319
Source Name: Service Control Manager
Time Written: 20110221142430.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: SELDA-9F39A30ED
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 12318
Source Name: EventLog
Time Written: 20110221142419.000000+060
Event Type: Informace
User:
Computer Name: SELDA-9F39A30ED
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.
Record Number: 12317
Source Name: EventLog
Time Written: 20110221142419.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x00276732.
Record Number: 415
Source Name: Application Error
Time Written: 20101230221053.000000+060
Event Type: Chyba
User:
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x0027cc1a.
Record Number: 414
Source Name: Application Error
Time Written: 20101230221020.000000+060
Event Type: Chyba
User:
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x00276732.
Record Number: 413
Source Name: Application Error
Time Written: 20101230220950.000000+060
Event Type: Chyba
User:
Computer Name: SELDA-9F39A30ED
Event Code: 4097
Message: Aplikace C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe vygenerovala aplikační chybu.
K chybě došlo dne 30. 12. 2010 v 22:09:39,984
Vygenerovaná výjimka: c0000005 na adrese 0067CC1A (iw3mp)
Record Number: 412
Source Name: DrWatson
Time Written: 20101230220940.000000+060
Event Type: Informace
User:
Computer Name: SELDA-9F39A30ED
Event Code: 1000
Message: Chybující aplikace iw3mp.exe, verze 0.0.0.0, chybující modul iw3mp.exe, verze 0.0.0.0, adresa chyby 0x0027cc1a.
Record Number: 411
Source Name: Application Error
Time Written: 20101230220937.000000+060
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"NUMBER_OF_PROCESSORS"=3
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Ano.
Re: Preventivka a problém s ff
FireFox zkuste preinstalovat Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
netsvcs drivers32 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s c:\windows\*.* /U %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s /md5start adp3132.sys AGP440.sys ahcix86.sys ahcix86s.sys atapi.sys autochk.exe cdrom.sys cngaudit.dll cryptsvc.dll eNetHook.dll eventlog.dll explorer.exe hal.dll Changer.sys iaStor.sys iastorv.sys IdeChnDr.sys isapnp.sys JakNDis.sys KR10N.sys logevent.dll lsass.exe mv61xx.sys ndis.sys netlogon.dll ntelogon.dll nvata.sys nvatabus.sys nvgts.sys nvraid.sys nvrd32.sys nvstor.sys nvstor32.sys scecli.dll sceclt.dll smss.exe svchost.exe symmpi.sys tcpip.sys userinit.exe vaxscsi.sys viamraid.sys viasraid.sys ViPrt.sys winlogon.exe ws2_32.dll /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 CREATERESTOREPOINT- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 5 az 10 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka a problém s ff
Problémy s Firefoxem již přestaly. 
OTL.txt
OTL logfile created on: 3.3.2011 12:47:06 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Selda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 758,31 Gb Free Space | 81,41% Space Free | Partition Type: NTFS
Computer Name: SELDA-9F39A30ED | User Name: Selda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.03.03 12:24:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
PRC - [2011.03.03 12:15:18 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.01.13 17:05:24 | 006,012,800 | ---- | M] () -- C:\Program Files\QIP Infium\infium.exe
PRC - [2010.11.18 14:11:36 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.11.18 14:11:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010.05.14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.03.16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011.03.03 12:24:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
MOD - [2008.04.14 08:37:06 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.01.05 23:20:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.18 14:12:06 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.11.18 14:11:36 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
========== Driver Services (SafeList) ==========
DRV - [2011.01.01 17:38:22 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.08.04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.08.03 12:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.07.29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.06 11:26:54 | 006,088,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.07.06 11:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.05.05 03:45:04 | 004,807,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.04.08 09:11:36 | 000,101,904 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007.12.14 09:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.03 12:15:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.03 12:15:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.12.26 13:54:17 | 000,000,000 | ---D | M]
[2010.12.25 23:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Extensions
[2011.03.02 16:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions
[2011.03.02 15:37:23 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011.03.02 15:37:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.12.28 15:03:03 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\npfax@microgaming.co.uk
[2011.01.07 18:44:52 | 000,004,140 | ---- | M] () -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\searchplugins\youtube.xml
[2011.03.02 16:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.26 14:21:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\NPFAX@MICROGAMING.CO.UK
[2010.12.26 14:21:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.12.26 14:21:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\Toolbar\WebBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-299502267-1958367476-682003330-1003..\Run: [{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}] C:\WINDOWS\system32\App64\App64.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-299502267-1958367476-682003330-1003..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 5375383781 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.25 22:54:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\Shell\AutoRun\command - "" = D:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 7 Days ==========
[2011.03.03 12:24:55 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
[2011.03.01 00:39:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Selda\Recent
[2011.02.28 23:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox
[2011.02.28 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\AskToolbar
[2011.02.28 22:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
[2011.02.28 22:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Dokumenty\The KMPlayer
[2011.02.28 22:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011.02.28 22:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Nabídka Start\Programy\The KMPlayer
[2011.02.28 22:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2011.02.28 14:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.02.28 14:47:33 | 000,000,000 | ---D | C] -- C:\rsit
[2011.02.27 16:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Plocha\textury
[2011.02.25 21:38:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\App64
[2011.02.25 13:33:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Plocha\testy
[2006.11.13 16:50:08 | 000,224,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files\richink.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.03.03 12:24:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
[2011.03.03 12:14:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.02 23:54:05 | 000,062,464 | ---- | M] () -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.02 23:31:23 | 000,138,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.03.02 23:31:18 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.03.02 23:21:25 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Selda\Data aplikací\winscp.rnd
[2011.03.02 23:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.03.02 19:26:02 | 730,398,720 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Evoluce cz avi.avi
[2011.03.02 15:54:31 | 001,523,360 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\selda_1.avi
[2011.03.02 15:45:57 | 000,376,031 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\selda.flv
[2011.03.02 14:20:27 | 000,791,046 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\MozBackup-1.4.10-CZ.exe
[2011.03.02 12:23:19 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011.03.01 11:43:35 | 528,784,968 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t
[2011.03.01 11:43:35 | 000,000,140 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t.sfl
[2011.03.01 11:27:46 | 004,112,636 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\FloRida - Right Round.mp3
[2011.03.01 00:31:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\CCleaner.lnk
[2011.03.01 00:30:25 | 504,559,610 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 2 (dokument) - DVB-T CZ.avi
[2011.02.28 23:33:15 | 528,099,352 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 1 (dokument) - DVB-T CZ.avi
[2011.02.28 23:02:59 | 001,601,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.28 14:47:14 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\RSIT.exe
[2011.02.27 19:07:16 | 000,003,921 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\server.cfg
[2011.02.27 18:35:01 | 1020,830,488 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Dostante agenta Smarta CZ.avi
[2011.02.27 18:10:20 | 000,003,082 | ---- | M] () -- C:\Documents and Settings\Selda\Data aplikací\8660.bcf
[2011.02.26 16:35:53 | 734,035,968 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Yes Man (cz).avi
[2011.02.26 15:11:19 | 729,348,096 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Sluha dvou pánů.avi
[2011.02.25 23:19:15 | 738,677,760 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Peacemaker CZ.avi
[2011.02.25 12:42:54 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Paintball2.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.02 21:24:39 | 000,003,921 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\server.cfg
[2011.03.02 18:01:57 | 730,398,720 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Evoluce cz avi.avi
[2011.03.02 15:54:29 | 001,523,360 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\selda_1.avi
[2011.03.02 15:45:57 | 000,376,031 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\selda.flv
[2011.03.02 14:20:27 | 000,791,046 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\MozBackup-1.4.10-CZ.exe
[2011.03.01 11:27:13 | 004,112,636 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\FloRida - Right Round.mp3
[2011.02.28 23:50:48 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t.sfl
[2011.02.28 23:50:10 | 528,784,968 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t
[2011.02.28 23:33:25 | 504,559,610 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 2 (dokument) - DVB-T CZ.avi
[2011.02.28 22:24:32 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.02.28 22:22:42 | 528,099,352 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 1 (dokument) - DVB-T CZ.avi
[2011.02.28 14:47:14 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\RSIT.exe
[2011.02.27 18:10:20 | 000,003,082 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\8660.bcf
[2011.02.27 16:36:12 | 1020,830,488 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Dostante agenta Smarta CZ.avi
[2011.02.26 15:12:37 | 734,035,968 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Yes Man (cz).avi
[2011.02.26 13:44:44 | 729,348,096 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Sluha dvou pánů.avi
[2011.02.25 21:59:00 | 738,677,760 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Peacemaker CZ.avi
[2011.02.18 23:13:33 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.02.04 19:50:40 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\winscp.rnd
[2011.01.31 20:46:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\$_hpcst$.hpc
[2011.01.29 21:17:16 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2011.01.04 21:35:32 | 000,847,088 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.01.04 13:33:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.30 16:13:22 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\PnkBstrK.sys
[2010.12.29 15:55:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.29 01:17:22 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.29 01:17:13 | 000,271,200 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.12.29 01:16:57 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.12.26 12:37:10 | 000,062,464 | ---- | C] () -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 23:45:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.25 23:44:51 | 001,601,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.25 23:40:43 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.12.25 23:40:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.12.25 23:40:42 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.12.25 23:40:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.12.25 23:40:42 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.12.25 23:31:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.12.25 23:10:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.12.25 23:10:25 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.12.25 23:10:25 | 000,203,331 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.12.25 23:10:25 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.12.25 23:10:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010.12.25 23:10:14 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010.12.25 23:02:11 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.12.25 22:55:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.12.25 22:51:54 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.08.02 23:03:51 | 000,224,768 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll
[2001.10.25 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 13:00:00 | 000,435,396 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 13:00:00 | 000,432,334 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 13:00:00 | 000,079,266 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 13:00:00 | 000,068,292 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2010.12.27 16:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.01.03 20:40:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.02.02 22:59:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2010.12.30 15:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.26 13:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.12.29 16:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
[2011.02.18 21:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.12.27 16:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Ashampoo
[2011.02.28 22:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
[2011.02.02 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Canon
[2010.12.30 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\DAEMON Tools Lite
[2011.02.16 00:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\gtk-2.0
[2011.01.13 19:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\IrfanView
[2011.02.18 23:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Publish Providers
[2010.12.25 23:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\QIP
[2011.02.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Sony
[2011.01.17 17:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\TeamViewer
[2010.12.26 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\VitySoft
[2011.03.02 23:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"OfficeSyncProcess" = "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" -- [2010.03.16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 16:50:20 | 001,289,000 | ---- | M] (Microsoft Corporation)
"{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}" = C:\WINDOWS\system32\App64\App64.exe -- [2011.02.25 21:51:43 | 000,650,124 | ---- | M] (Adobe Systems Incorporated)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.25 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Adobe
[2010.12.27 16:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Ashampoo
[2010.12.25 23:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\ATI
[2011.02.28 22:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
[2011.02.02 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Canon
[2010.12.30 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\DAEMON Tools Lite
[2011.02.16 00:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\gtk-2.0
[2011.02.19 15:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Hamachi
[2010.12.25 22:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Identities
[2010.12.25 23:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\InstallShield
[2011.01.13 19:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\IrfanView
[2010.12.25 23:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Macromedia
[2011.03.01 00:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Media Player Classic
[2011.02.28 23:14:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Selda\Data aplikací\Microsoft
[2010.12.25 23:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Mozilla
[2011.02.18 23:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Publish Providers
[2010.12.25 23:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\QIP
[2011.02.20 14:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Skype
[2011.02.20 14:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\skypePM
[2011.02.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Sony
[2010.12.26 14:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Sun
[2011.01.17 17:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\TeamViewer
[2010.12.26 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\VitySoft
[2010.12.25 23:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\WinRAR
[2010.12.28 16:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Xfire
< %APPDATA%\*.exe /s >
[2007.12.30 05:01:18 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.30 05:01:18 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\Win2K\sata_ide\nvata.sys
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\WinXP\sata_ide\nvata.sys
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: NVATABUS.SYS >
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\Win2K\sataraid\nvatabus.sys
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2006.08.14 14:51:36 | 000,089,344 | ---- | M] (NVIDIA Corporation) MD5=78A7BAF00D238B442A056F951A2AB434 -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\Win2K\sataraid\nvraid.sys
[2006.08.14 14:51:36 | 000,089,344 | ---- | M] (NVIDIA Corporation) MD5=78A7BAF00D238B442A056F951A2AB434 -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\WinXP\sataraid\nvraid.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 02:39:32 | 000,446,464 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.12.25 23:44:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.12.25 23:44:25 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.12.25 23:44:25 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 02:39:32 | 000,446,464 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2011.03.02 23:31:23 | 000,138,160 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
< %systemroot%\system32\*.* /3 >
[2011.02.28 23:02:59 | 001,601,280 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.03.02 12:23:19 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.ex0
[2011.03.02 23:31:18 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2011.03.02 23:31:18 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
OTL.txt
OTL logfile created on: 3.3.2011 12:47:06 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Selda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 758,31 Gb Free Space | 81,41% Space Free | Partition Type: NTFS
Computer Name: SELDA-9F39A30ED | User Name: Selda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2011.03.03 12:24:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
PRC - [2011.03.03 12:15:18 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.01.13 17:05:24 | 006,012,800 | ---- | M] () -- C:\Program Files\QIP Infium\infium.exe
PRC - [2010.11.18 14:11:36 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2010.11.18 14:11:32 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010.05.14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.03.16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011.03.03 12:24:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
MOD - [2008.04.14 08:37:06 | 001,054,208 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011.01.05 23:20:43 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.18 14:12:06 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2010.11.18 14:11:36 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
========== Driver Services (SafeList) ==========
DRV - [2011.01.01 17:38:22 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.08.04 10:50:36 | 000,140,752 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.08.03 12:28:36 | 000,095,896 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.07.29 12:31:26 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.07.06 11:26:54 | 006,088,296 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.07.06 11:13:10 | 000,234,392 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010.05.05 03:45:04 | 004,807,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.04.08 09:11:36 | 000,101,904 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.11.18 00:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 00:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007.12.14 09:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.09.24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "QIP Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: npfax@microgaming.co.uk:2.1.0.19
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.03 12:15:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.03 12:15:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.12.26 13:54:17 | 000,000,000 | ---D | M]
[2010.12.25 23:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Extensions
[2011.03.02 16:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions
[2011.03.02 15:37:23 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2011.03.02 15:37:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.12.28 15:03:03 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\npfax@microgaming.co.uk
[2011.01.07 18:44:52 | 000,004,140 | ---- | M] () -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\searchplugins\youtube.xml
[2011.03.02 16:16:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.26 14:21:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\NPFAX@MICROGAMING.CO.UK
[2010.12.26 14:21:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.12.26 14:21:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:08:29 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.03 19:08:29 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.03 19:08:29 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.03 19:08:29 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2001.10.25 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\Toolbar\WebBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found.
O3 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-299502267-1958367476-682003330-1003..\Run: [{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}] C:\WINDOWS\system32\App64\App64.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-299502267-1958367476-682003330-1003..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 5375383781 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.25 22:54:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\Shell\AutoRun\command - "" = D:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XFR1 - C:\WINDOWS\System32\xfcodec.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 7 Days ==========
[2011.03.03 12:24:55 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
[2011.03.01 00:39:04 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Selda\Recent
[2011.02.28 23:03:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox
[2011.02.28 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\AskToolbar
[2011.02.28 22:48:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
[2011.02.28 22:24:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Dokumenty\The KMPlayer
[2011.02.28 22:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011.02.28 22:24:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Nabídka Start\Programy\The KMPlayer
[2011.02.28 22:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2011.02.28 14:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.02.28 14:47:33 | 000,000,000 | ---D | C] -- C:\rsit
[2011.02.27 16:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Plocha\textury
[2011.02.25 21:38:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\App64
[2011.02.25 13:33:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Plocha\testy
[2006.11.13 16:50:08 | 000,224,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files\richink.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2011.03.03 12:24:55 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Selda\Plocha\OTL.exe
[2011.03.03 12:14:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.03.02 23:54:05 | 000,062,464 | ---- | M] () -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.02 23:31:23 | 000,138,160 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.03.02 23:31:18 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.03.02 23:21:25 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Selda\Data aplikací\winscp.rnd
[2011.03.02 23:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.03.02 19:26:02 | 730,398,720 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Evoluce cz avi.avi
[2011.03.02 15:54:31 | 001,523,360 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\selda_1.avi
[2011.03.02 15:45:57 | 000,376,031 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\selda.flv
[2011.03.02 14:20:27 | 000,791,046 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\MozBackup-1.4.10-CZ.exe
[2011.03.02 12:23:19 | 000,271,200 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011.03.01 11:43:35 | 528,784,968 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t
[2011.03.01 11:43:35 | 000,000,140 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t.sfl
[2011.03.01 11:27:46 | 004,112,636 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\FloRida - Right Round.mp3
[2011.03.01 00:31:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\CCleaner.lnk
[2011.03.01 00:30:25 | 504,559,610 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 2 (dokument) - DVB-T CZ.avi
[2011.02.28 23:33:15 | 528,099,352 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 1 (dokument) - DVB-T CZ.avi
[2011.02.28 23:02:59 | 001,601,280 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.02.28 14:47:14 | 000,339,991 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\RSIT.exe
[2011.02.27 19:07:16 | 000,003,921 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\server.cfg
[2011.02.27 18:35:01 | 1020,830,488 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Dostante agenta Smarta CZ.avi
[2011.02.27 18:10:20 | 000,003,082 | ---- | M] () -- C:\Documents and Settings\Selda\Data aplikací\8660.bcf
[2011.02.26 16:35:53 | 734,035,968 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Yes Man (cz).avi
[2011.02.26 15:11:19 | 729,348,096 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Sluha dvou pánů.avi
[2011.02.25 23:19:15 | 738,677,760 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Peacemaker CZ.avi
[2011.02.25 12:42:54 | 000,000,630 | ---- | M] () -- C:\Documents and Settings\Selda\Plocha\Paintball2.lnk
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.02 21:24:39 | 000,003,921 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\server.cfg
[2011.03.02 18:01:57 | 730,398,720 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Evoluce cz avi.avi
[2011.03.02 15:54:29 | 001,523,360 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\selda_1.avi
[2011.03.02 15:45:57 | 000,376,031 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\selda.flv
[2011.03.02 14:20:27 | 000,791,046 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\MozBackup-1.4.10-CZ.exe
[2011.03.01 11:27:13 | 004,112,636 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\FloRida - Right Round.mp3
[2011.02.28 23:50:48 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t.sfl
[2011.02.28 23:50:10 | 528,784,968 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\seldas.m2t
[2011.02.28 23:33:25 | 504,559,610 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 2 (dokument) - DVB-T CZ.avi
[2011.02.28 22:24:32 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.02.28 22:22:42 | 528,099,352 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Pátrání po mimozemských civilizacích, část 1 (dokument) - DVB-T CZ.avi
[2011.02.28 14:47:14 | 000,339,991 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\RSIT.exe
[2011.02.27 18:10:20 | 000,003,082 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\8660.bcf
[2011.02.27 16:36:12 | 1020,830,488 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Dostante agenta Smarta CZ.avi
[2011.02.26 15:12:37 | 734,035,968 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Yes Man (cz).avi
[2011.02.26 13:44:44 | 729,348,096 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Sluha dvou pánů.avi
[2011.02.25 21:59:00 | 738,677,760 | ---- | C] () -- C:\Documents and Settings\Selda\Plocha\Peacemaker CZ.avi
[2011.02.18 23:13:33 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.02.04 19:50:40 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\winscp.rnd
[2011.01.31 20:46:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\$_hpcst$.hpc
[2011.01.29 21:17:16 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2011.01.04 21:35:32 | 000,847,088 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.01.04 13:33:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.30 16:13:22 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Selda\Data aplikací\PnkBstrK.sys
[2010.12.29 15:55:39 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.12.29 01:17:22 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.29 01:17:13 | 000,271,200 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.12.29 01:16:57 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.12.26 12:37:10 | 000,062,464 | ---- | C] () -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 23:45:45 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.25 23:44:51 | 001,601,280 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.25 23:40:43 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.12.25 23:40:43 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.12.25 23:40:42 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.12.25 23:40:42 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.12.25 23:40:42 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.12.25 23:31:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.12.25 23:10:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.12.25 23:10:25 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.12.25 23:10:25 | 000,203,331 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.12.25 23:10:25 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.12.25 23:10:20 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2010.12.25 23:10:14 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2010.12.25 23:02:11 | 000,080,416 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.12.25 22:55:24 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.12.25 22:51:54 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.07.09 20:00:32 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008.04.14 09:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.31 07:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005.08.02 23:03:51 | 000,224,768 | ---- | C] () -- C:\WINDOWS\System32\b4fm.dll
[2001.10.25 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 13:00:00 | 000,435,396 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 13:00:00 | 000,432,334 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 13:00:00 | 000,079,266 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 13:00:00 | 000,068,292 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 13:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
========== LOP Check ==========
[2010.12.27 16:15:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.01.03 20:40:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.02.02 22:59:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2010.12.30 15:51:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.12.26 13:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.12.29 16:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
[2011.02.18 21:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.12.27 16:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Ashampoo
[2011.02.28 22:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
[2011.02.02 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Canon
[2010.12.30 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\DAEMON Tools Lite
[2011.02.16 00:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\gtk-2.0
[2011.01.13 19:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\IrfanView
[2011.02.18 23:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Publish Providers
[2010.12.25 23:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\QIP
[2011.02.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Sony
[2011.01.17 17:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\TeamViewer
[2010.12.26 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\VitySoft
[2011.03.02 23:01:00 | 000,000,234 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"OfficeSyncProcess" = "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" -- [2010.03.16 02:58:36 | 000,718,208 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 16:50:20 | 001,289,000 | ---- | M] (Microsoft Corporation)
"{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}" = C:\WINDOWS\system32\App64\App64.exe -- [2011.02.25 21:51:43 | 000,650,124 | ---- | M] (Adobe Systems Incorporated)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.02.25 13:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Adobe
[2010.12.27 16:16:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Ashampoo
[2010.12.25 23:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\ATI
[2011.02.28 22:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\BSplayer Pro
[2011.02.02 22:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Canon
[2010.12.30 15:50:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\DAEMON Tools Lite
[2011.02.16 00:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\gtk-2.0
[2011.02.19 15:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Hamachi
[2010.12.25 22:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Identities
[2010.12.25 23:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\InstallShield
[2011.01.13 19:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\IrfanView
[2010.12.25 23:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Macromedia
[2011.03.01 00:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Media Player Classic
[2011.02.28 23:14:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Selda\Data aplikací\Microsoft
[2010.12.25 23:31:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Mozilla
[2011.02.18 23:17:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Publish Providers
[2010.12.25 23:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\QIP
[2011.02.20 14:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Skype
[2011.02.20 14:52:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\skypePM
[2011.02.18 23:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Sony
[2010.12.26 14:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Sun
[2011.01.17 17:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\TeamViewer
[2010.12.26 14:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\VitySoft
[2010.12.25 23:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\WinRAR
[2010.12.28 16:41:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Selda\Data aplikací\Xfire
< %APPDATA%\*.exe /s >
[2007.12.30 05:01:18 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.30 05:01:18 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Selda\Data aplikací\Mozilla\Firefox\Profiles\hvjt0ioi.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe
< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\Win2K\sata_ide\nvata.sys
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\WinXP\sata_ide\nvata.sys
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: NVATABUS.SYS >
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\Win2K\sataraid\nvatabus.sys
[2006.08.14 14:51:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) MD5=947C4A0E7B25BCECC3B40F0F1070378B -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2006.08.14 14:51:36 | 000,089,344 | ---- | M] (NVIDIA Corporation) MD5=78A7BAF00D238B442A056F951A2AB434 -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\Win2K\sataraid\nvraid.sys
[2006.08.14 14:51:36 | 000,089,344 | ---- | M] (NVIDIA Corporation) MD5=78A7BAF00D238B442A056F951A2AB434 -- C:\Program Files\Setup Files\NVIDIA MCP61 System Driver v1109\IDE\WinXP\sataraid\nvraid.sys
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 02:39:32 | 000,446,464 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.12.25 23:44:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.12.25 23:44:25 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.12.25 23:44:25 | 000,499,712 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 02:39:32 | 000,446,464 | R--- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2011.03.02 23:31:23 | 000,138,160 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
< %systemroot%\system32\*.* /3 >
[2011.02.28 23:02:59 | 001,601,280 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2011.03.02 12:23:19 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.ex0
[2011.03.02 23:31:18 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.exe
[2011.03.02 23:31:18 | 000,271,200 | ---- | M] () -- C:\WINDOWS\system32\PnkBstrB.xtr
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Re: Preventivka a problém s ff
Extras.txt
OTL Extras logfile created on: 3.3.2011 12:47:06 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Selda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 758,31 Gb Free Space | 81,41% Space Free | Partition Type: NTFS
Computer Name: SELDA-9F39A30ED | User Name: Selda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MagicTune Premium\MagicTune.exe" = C:\Program Files\MagicTune Premium\MagicTune.exe:*:Enabled:MagicTune
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\QIP 2010\qip.exe" = C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- ()
"C:\Games\Paintball2\paintball2.exe" = C:\Games\Paintball2\paintball2.exe:*:Enabled:Digital Paint: Paintball 2 -- (Digital Paint)
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe" = C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps -- ()
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOpsMP.exe" = C:\Program Files\Activision\Call of Duty - Black Ops\BlackOpsMP.exe:*:Enabled:BlackOpsMP -- ()
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Program Files\Garena Messenger\Room\garena_room.exe" = C:\Program Files\Garena Messenger\Room\garena_room.exe:*:Enabled:Garena
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe" = C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe:*:Enabled:Grand Theft Auto IV - Episodes From Liberty City -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\WinSCP\WinSCP.exe" = C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:WinSCP: SFTP, FTP and SCP client -- (Martin Prikryl)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06C353F1-F003-815A-846B-11A49573F510}" = CCC Help Japanese
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{146381FF-4E2E-37C6-142B-96487BFFF68C}" = CCC Help Finnish
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C028B3C-72BB-6AF8-5023-17CADA0C68CA}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FE644DF-66E6-405E-865E-BBA8A5E7B330}" = Age of Empires
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{266C3874-7805-4519-4887-7C2CC5AF7723}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{291A772C-FFB9-4681-B720-AB2A0A620896}" = Adobe Reader for Pocket PC 2.0
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29D18D4E-4A48-A2FE-D40F-BF8E9BBEF364}" = CCC Help Hungarian
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E7FB03D-1F9D-C2BF-2E3D-E1754697C1FA}" = CCC Help French
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{45B2F267-98D6-2100-34C9-68E0EE215DF2}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4DDF19-F79C-3C68-CAF2-BD67843E4D19}" = Catalyst Control Center InstallProxy
"{4B6AD13A-E60C-5DEB-0A1C-BE914FB9E6BE}" = CCC Help Turkish
"{4B8CA953-1350-4E29-8C56-DD6D66A6290E}" = ESET NOD32 Antivirus
"{4E58F5DE-D0E0-A363-3984-AF355ACE196F}" = CCC Help Swedish
"{4EB03D52-BB1C-98F5-7FA4-0EE0A131103B}" = Catalyst Control Center Graphics Full New
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{520F5B6C-44B8-418F-BBA2-3AD149F59A75}" = Age of Empires Scenarios
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{571138E3-595A-8B69-D89A-1D5ED30DB400}" = CCC Help Portuguese
"{5833E1EC-2D52-A08E-8316-9CF117795360}" = Catalyst Control Center HydraVision Full
"{5B00A513-5EC9-45FE-8073-73A6C8F7E399}" = Age of Empires Video
"{5DAE8059-7157-63F4-5AC3-BBA571E93848}" = CCC Help Danish
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{61D4B21F-EC4D-56F5-9460-2C44D7EF46EA}" = CCC Help Dutch
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B433560-10DD-40FD-87DE-222355798CC7}" = Age of Empires Campaigns
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6F55031B-A4E9-B9C1-079C-4D3C229A8644}" = CCC Help Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75722E6F-FCCA-7C44-E4BB-7BC0390F65E3}" = CCC Help Chinese Standard
"{7635BF2D-18B7-3D85-D84E-4393743A13D8}" = CCC Help Italian
"{78090C44-154F-E296-3AC3-A2FC16D08DF2}" = CCC Help Greek
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{832C9764-D951-059D-05C7-E8EC41A5E510}" = ATI Problem Report Wizard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{87F12DCD-4288-29D4-C327-FE47B42D5B80}" = CCC Help Norwegian
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{96677085-CCD8-EE14-B9E0-407A7EF5F8B4}" = ccc-core-preinstall
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D7C03B7-59C9-9BE7-CE28-4CD3FEAC85CE}" = Catalyst Control Center Graphics Light
"{9DE879FB-2FE2-3D61-D4F5-F9BD33A33B0C}" = CCC Help Russian
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A30637EC-B31B-24DA-92EF-5D7C15589D52}" = ccc-core-static
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B055306F-39F6-C306-D71A-0D8FA334EDFD}" = CCC Help Chinese Traditional
"{B1BC4391-9F83-575D-9D5E-B2429DE7FBB2}" = CCC Help Thai
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7B280B6-E4C7-CF6A-A144-40709AFFFFAB}" = CCC Help Czech
"{B8D3BF6A-EB43-E27B-3A5C-E1563A1B92BB}" = CCC Help German
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C7817822-57E6-7564-8400-CEF1C8DEF7CA}" = ATI AVIVO Codecs
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D853AC86-E781-D62E-4327-E94FDF050FF4}" = ccc-utility
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DA8EDE2A-732D-431C-8E8A-D085A9D5BE4B}" = Age of Empires Manual
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DF849B8D-325A-0B01-7DE9-5EC3EF48B054}" = CCC Help Polish
"{E10EF44B-BB6E-6633-5207-8A2D22A9950D}" = Catalyst Control Center Graphics Full Existing
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2C757C9-C40E-07A0-9397-56A7C66F84F3}" = ATI Catalyst Install Manager
"{F34307E0-E6BA-BEB7-3CF0-9EF56DF9D18F}" = Catalyst Control Center Core Implementation
"{F64B592A-C33F-4D15-5FEA-C5C0CBF358EA}" = CCC Help English
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Atomic Cannon PPC" = Atomic Cannon PPC
"Burn4Free" = Burn4Free CD and DVD
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Fraps" = Fraps (remove only)
"Gadwin PrintScreen" = Gadwin PrintScreen
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{291A772C-FFB9-4681-B720-AB2A0A620896}" = Adobe Reader for Pocket PC 2.0
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full)
"Liveupdate4_is1" = Liveupdate4
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"MediaInfo" = MediaInfo 0.7.41
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.14)" = Mozilla Firefox (3.6.14)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Paintball2" = Paintball2 Alpha build 32 update
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.9
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 3.0.9042
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1.1.2011 16:18:02 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 1.1.2011 16:18:09 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 1.1.2011 16:18:22 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 1.1.2011 16:18:30 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 10.1.2011 16:05:15 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace eflc.exe, verze 1.1.1.0, chybující modul eflc.exe,
verze 1.1.1.0, adresa chyby 0x000114a6.
Error - 13.1.2011 14:19:10 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace egui.exe, verze 4.2.67.13, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x003b0291.
Error - 14.1.2011 16:46:17 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 9.2.2011 8:52:51 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
flash.ocx, verze 6.0.79.0, adresa chyby 0x0002715e.
Error - 9.2.2011 11:19:33 | Computer Name = SELDA-9F39A30ED | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.5.7.1051, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.2.2011 13:26:14 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace bsp.exe, verze 0.96.2773.4325, chybující modul
bsp.exe, verze 0.96.2773.4325, adresa chyby 0x00031753.
[ System Events ]
Error - 24.2.2011 17:56:36 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 25.2.2011 19:33:24 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 26.2.2011 9:06:06 | Computer Name = SELDA-9F39A30ED | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{2FFFDBC6-C65A-4779-94A7-B0725638F1CA}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 26.2.2011 12:21:07 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 26.2.2011 18:55:50 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 27.2.2011 8:15:14 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 2.3.2011 11:54:44 | Computer Name = SELDA-9F39A30ED | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{2FFFDBC6-C65A-4779-94A7-B0725638F1CA}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 3.3.2011 7:14:21 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
< End of report >
OTL Extras logfile created on: 3.3.2011 12:47:06 - Run 1
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Selda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 758,31 Gb Free Space | 81,41% Space Free | Partition Type: NTFS
Computer Name: SELDA-9F39A30ED | User Name: Selda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\MagicTune Premium\MagicTune.exe" = C:\Program Files\MagicTune Premium\MagicTune.exe:*:Enabled:MagicTune
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\QIP 2010\qip.exe" = C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- ()
"C:\Games\Paintball2\paintball2.exe" = C:\Games\Paintball2\paintball2.exe:*:Enabled:Digital Paint: Paintball 2 -- (Digital Paint)
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe" = C:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps -- ()
"C:\Program Files\Activision\Call of Duty - Black Ops\BlackOpsMP.exe" = C:\Program Files\Activision\Call of Duty - Black Ops\BlackOpsMP.exe:*:Enabled:BlackOpsMP -- ()
"C:\Program Files\Xfire\Xfire.exe" = C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire -- (Xfire Inc.)
"C:\Program Files\Garena Messenger\Room\garena_room.exe" = C:\Program Files\Garena Messenger\Room\garena_room.exe:*:Enabled:Garena
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe" = C:\Program Files\Grand Theft Auto IV - Episodes From Liberty City\EFLC.exe:*:Enabled:Grand Theft Auto IV - Episodes From Liberty City -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\WinSCP\WinSCP.exe" = C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:WinSCP: SFTP, FTP and SCP client -- (Martin Prikryl)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06C353F1-F003-815A-846B-11A49573F510}" = CCC Help Japanese
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{146381FF-4E2E-37C6-142B-96487BFFF68C}" = CCC Help Finnish
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1C028B3C-72BB-6AF8-5023-17CADA0C68CA}" = Catalyst Control Center Graphics Previews Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FE644DF-66E6-405E-865E-BBA8A5E7B330}" = Age of Empires
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{266C3874-7805-4519-4887-7C2CC5AF7723}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{291A772C-FFB9-4681-B720-AB2A0A620896}" = Adobe Reader for Pocket PC 2.0
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29D18D4E-4A48-A2FE-D40F-BF8E9BBEF364}" = CCC Help Hungarian
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E7FB03D-1F9D-C2BF-2E3D-E1754697C1FA}" = CCC Help French
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{45B2F267-98D6-2100-34C9-68E0EE215DF2}" = CCC Help Korean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4DDF19-F79C-3C68-CAF2-BD67843E4D19}" = Catalyst Control Center InstallProxy
"{4B6AD13A-E60C-5DEB-0A1C-BE914FB9E6BE}" = CCC Help Turkish
"{4B8CA953-1350-4E29-8C56-DD6D66A6290E}" = ESET NOD32 Antivirus
"{4E58F5DE-D0E0-A363-3984-AF355ACE196F}" = CCC Help Swedish
"{4EB03D52-BB1C-98F5-7FA4-0EE0A131103B}" = Catalyst Control Center Graphics Full New
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{520F5B6C-44B8-418F-BBA2-3AD149F59A75}" = Age of Empires Scenarios
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{571138E3-595A-8B69-D89A-1D5ED30DB400}" = CCC Help Portuguese
"{5833E1EC-2D52-A08E-8316-9CF117795360}" = Catalyst Control Center HydraVision Full
"{5B00A513-5EC9-45FE-8073-73A6C8F7E399}" = Age of Empires Video
"{5DAE8059-7157-63F4-5AC3-BBA571E93848}" = CCC Help Danish
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{61D4B21F-EC4D-56F5-9460-2C44D7EF46EA}" = CCC Help Dutch
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B433560-10DD-40FD-87DE-222355798CC7}" = Age of Empires Campaigns
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6F55031B-A4E9-B9C1-079C-4D3C229A8644}" = CCC Help Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75722E6F-FCCA-7C44-E4BB-7BC0390F65E3}" = CCC Help Chinese Standard
"{7635BF2D-18B7-3D85-D84E-4393743A13D8}" = CCC Help Italian
"{78090C44-154F-E296-3AC3-A2FC16D08DF2}" = CCC Help Greek
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{832C9764-D951-059D-05C7-E8EC41A5E510}" = ATI Problem Report Wizard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{87F12DCD-4288-29D4-C327-FE47B42D5B80}" = CCC Help Norwegian
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{96677085-CCD8-EE14-B9E0-407A7EF5F8B4}" = ccc-core-preinstall
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D7C03B7-59C9-9BE7-CE28-4CD3FEAC85CE}" = Catalyst Control Center Graphics Light
"{9DE879FB-2FE2-3D61-D4F5-F9BD33A33B0C}" = CCC Help Russian
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A30637EC-B31B-24DA-92EF-5D7C15589D52}" = ccc-core-static
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B055306F-39F6-C306-D71A-0D8FA334EDFD}" = CCC Help Chinese Traditional
"{B1BC4391-9F83-575D-9D5E-B2429DE7FBB2}" = CCC Help Thai
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7B280B6-E4C7-CF6A-A144-40709AFFFFAB}" = CCC Help Czech
"{B8D3BF6A-EB43-E27B-3A5C-E1563A1B92BB}" = CCC Help German
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C7817822-57E6-7564-8400-CEF1C8DEF7CA}" = ATI AVIVO Codecs
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D853AC86-E781-D62E-4327-E94FDF050FF4}" = ccc-utility
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DA8EDE2A-732D-431C-8E8A-D085A9D5BE4B}" = Age of Empires Manual
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DF849B8D-325A-0B01-7DE9-5EC3EF48B054}" = CCC Help Polish
"{E10EF44B-BB6E-6633-5207-8A2D22A9950D}" = Catalyst Control Center Graphics Full Existing
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2C757C9-C40E-07A0-9397-56A7C66F84F3}" = ATI Catalyst Install Manager
"{F34307E0-E6BA-BEB7-3CF0-9EF56DF9D18F}" = Catalyst Control Center Core Implementation
"{F64B592A-C33F-4D15-5FEA-C5C0CBF358EA}" = CCC Help English
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Atomic Cannon PPC" = Atomic Cannon PPC
"Burn4Free" = Burn4Free CD and DVD
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CCleaner" = CCleaner
"Fraps" = Fraps (remove only)
"Gadwin PrintScreen" = Gadwin PrintScreen
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.2.5
"InstallShield_{291A772C-FFB9-4681-B720-AB2A0A620896}" = Adobe Reader for Pocket PC 2.0
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"iWisoft Free Video Converter_is1" = iWisoft Free Video Converter 1.2
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.4.0 (Full)
"Liveupdate4_is1" = Liveupdate4
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"MediaInfo" = MediaInfo 0.7.41
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.14)" = Mozilla Firefox (3.6.14)
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Paintball2" = Paintball2 Alpha build 32 update
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.9
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP Infium" = QIP Infium 3.0.9042
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1.1.2011 16:18:02 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 1.1.2011 16:18:09 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 1.1.2011 16:18:22 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 1.1.2011 16:18:30 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 10.1.2011 16:05:15 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace eflc.exe, verze 1.1.1.0, chybující modul eflc.exe,
verze 1.1.1.0, adresa chyby 0x000114a6.
Error - 13.1.2011 14:19:10 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace egui.exe, verze 4.2.67.13, chybující modul unknown,
verze 0.0.0.0, adresa chyby 0x003b0291.
Error - 14.1.2011 16:46:17 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace updateex.exe, verze 0.0.0.0, chybující modul msvcr90.dll,
verze 9.0.30729.4148, adresa chyby 0x0003b9f0.
Error - 9.2.2011 8:52:51 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
flash.ocx, verze 6.0.79.0, adresa chyby 0x0002715e.
Error - 9.2.2011 11:19:33 | Computer Name = SELDA-9F39A30ED | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.5.7.1051, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 9.2.2011 13:26:14 | Computer Name = SELDA-9F39A30ED | Source = Application Error | ID = 1000
Description = Chybující aplikace bsp.exe, verze 0.96.2773.4325, chybující modul
bsp.exe, verze 0.96.2773.4325, adresa chyby 0x00031753.
[ System Events ]
Error - 24.2.2011 17:56:36 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 25.2.2011 19:33:24 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 26.2.2011 9:06:06 | Computer Name = SELDA-9F39A30ED | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{2FFFDBC6-C65A-4779-94A7-B0725638F1CA}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 26.2.2011 12:21:07 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 26.2.2011 18:55:50 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 27.2.2011 8:15:14 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
Error - 2.3.2011 11:54:44 | Computer Name = SELDA-9F39A30ED | Source = BROWSER | ID = 8032
Description = Službě Browser se při přenosu \Device\NetBT_Tcpip_{2FFFDBC6-C65A-4779-94A7-B0725638F1CA}
příliš často nezdařilo načíst záložní seznam. Záložní prohledávač bude ukončen.
Error - 3.3.2011 7:14:21 | Computer Name = SELDA-9F39A30ED | Source = BTHUSB | ID = 327697
Description = Místní vysílač Bluetooth selhal. Důvod selhaní nebylo možno určit
a ovladač vysílače bude vyjmut z paměti.
< End of report >
Re: Preventivka a problém s ff
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- C:\WINDOWS\system32\App64\App64.exe
- Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Send File
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) FF - prefs.js..browser.search.defaultenginename: "QIP Search" FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query=" File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D} File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\SELDA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\HVJT0IOI.DEFAULT\EXTENSIONS\NPFAX@MICROGAMING.CO.UK O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O2 - BHO: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\Toolbar\WebBrowser: (no name) - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No CLSID value found. O3 - HKU\S-1-5-21-299502267-1958367476-682003330-1003\..\Toolbar\WebBrowser: (PandoraTV Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O33 - MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\Shell - "" = AutoRun [2011.02.28 22:59:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Selda\Local Settings\Data aplikací\AskToolbar [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [2011.02.28 22:24:32 | 000,000,234 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}"=- :files C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk C:\Program Files\Ask.com %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp /s :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka a problém s ff
http://www.virustotal.com/file-scan/rep ... 1299182235
OTL log:
All processes killed
========== OTL ==========
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{55FAF0F2-44D4-425F-B5F5-6B275B621EAB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55FAF0F2-44D4-425F-B5F5-6B275B621EAB}\ not found.
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\ not found.
C:\Documents and Settings\Selda\Local Settings\Data aplikací\AskToolbar folder moved successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk moved successfully.
C:\Program Files\Ask.com folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\94e2de28cb8ee27606822ca199876d4a\BIT3B0.tmp moved successfully.
C:\WINDOWS\system32\App64\01_03_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\02_03_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\03_03_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\25_02_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\26_02_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\27_02_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\28_02_2011.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Free
->Temp folder emptied: 701936 bytes
->Temporary Internet Files folder emptied: 20950177 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45539584 bytes
->Flash cache emptied: 642 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Selda
->Temp folder emptied: 186333211 bytes
->Temporary Internet Files folder emptied: 1115237 bytes
->Java cache emptied: 2732803 bytes
->FireFox cache emptied: 102473277 bytes
->Flash cache emptied: 8280 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 94514 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1076861809 bytes
Total Files Cleaned = 1 370,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Free
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Selda
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.22.2 log created on 03032011_210441
Files\Folders moved on Reboot...
C:\Documents and Settings\Selda\Local Settings\Temp\WCESLog.log moved successfully.
Registry entries deleted on Reboot...
OTL log:
All processes killed
========== OTL ==========
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-299502267-1958367476-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
Prefs.js: "QIP Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
File C:\Documents and Settings\Selda\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{55FAF0F2-44D4-425F-B5F5-6B275B621EAB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55FAF0F2-44D4-425F-B5F5-6B275B621EAB}\ not found.
Registry value HKEY_USERS\S-1-5-21-299502267-1958367476-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8fc09dc2-1078-11e0-8fa0-806d6172696f}\ not found.
C:\Documents and Settings\Selda\Local Settings\Data aplikací\AskToolbar folder moved successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}\ not found.
========== FILES ==========
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Synchronizer.lnk moved successfully.
C:\Program Files\Ask.com folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\94e2de28cb8ee27606822ca199876d4a\BIT3B0.tmp moved successfully.
C:\WINDOWS\system32\App64\01_03_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\02_03_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\03_03_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\25_02_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\26_02_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\27_02_2011.tmp moved successfully.
C:\WINDOWS\system32\App64\28_02_2011.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Free
->Temp folder emptied: 701936 bytes
->Temporary Internet Files folder emptied: 20950177 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 45539584 bytes
->Flash cache emptied: 642 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Selda
->Temp folder emptied: 186333211 bytes
->Temporary Internet Files folder emptied: 1115237 bytes
->Java cache emptied: 2732803 bytes
->FireFox cache emptied: 102473277 bytes
->Flash cache emptied: 8280 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 94514 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1076861809 bytes
Total Files Cleaned = 1 370,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Free
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Selda
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.22.2 log created on 03032011_210441
Files\Folders moved on Reboot...
C:\Documents and Settings\Selda\Local Settings\Temp\WCESLog.log moved successfully.
Registry entries deleted on Reboot...
Re: Preventivka a problém s ff
Tak jeste jeden skript pro OTL - postup stejny
Kód: Vybrat vše
:files
C:\WINDOWS\system32\App64\App64.exe
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}"=-
:commands
[EMPTYTEMP]
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka a problém s ff
All processes killed
========== FILES ==========
C:\WINDOWS\system32\App64\App64.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Free
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Selda
->Temp folder emptied: 810637 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 81681099 bytes
->Flash cache emptied: 776 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3343815584 bytes
Total Files Cleaned = 3 268,00 mb
OTL by OldTimer - Version 3.2.22.2 log created on 03042011_125215
Files\Folders moved on Reboot...
C:\Documents and Settings\Selda\Local Settings\Temp\WCESLog.log moved successfully.
File\Folder C:\WINDOWS\System32\PerfStringBackup.TMP not found!
Registry entries deleted on Reboot...
========== FILES ==========
C:\WINDOWS\system32\App64\App64.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Free
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Selda
->Temp folder emptied: 810637 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 81681099 bytes
->Flash cache emptied: 776 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3343815584 bytes
Total Files Cleaned = 3 268,00 mb
OTL by OldTimer - Version 3.2.22.2 log created on 03042011_125215
Files\Folders moved on Reboot...
C:\Documents and Settings\Selda\Local Settings\Temp\WCESLog.log moved successfully.
File\Folder C:\WINDOWS\System32\PerfStringBackup.TMP not found!
Registry entries deleted on Reboot...
Re: Preventivka a problém s ff
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka a problém s ff
Vše jede v pořádku. Díky moc za pomoc.
Díky moc za pomoc. Re: Preventivka a problém s ff
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A je to vse, nemate zac "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?