preventivka :-)

Zpráva

aldik · #1 Příspěvek od **aldik** » 15 čer 2010 23:26

Logfile of random's system information tool 1.07 (written by random/random)
Run by Aldik at 2010-06-16 00:13:52
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive K: has 24 GB (38%) free of 63 GB
Total RAM: 1022 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:13:59, on 16.6.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
K:\Windows\system32\Dwm.exe
K:\Windows\system32\taskeng.exe
K:\Windows\Explorer.EXE
K:\Windows\PixArt\Pac207\Monitor.exe
K:\Windows\vVX6000.exe
K:\Program Files\Common Files\Java\Java Update\jusched.exe
K:\Program Files\Alwil Software\Avast5\AvastUI.exe
K:\Program Files\RocketDock\RocketDock.exe
K:\Windows\ehome\ehtray.exe
K:\Program Files\Windows Sidebar\sidebar.exe
K:\Windows\ehome\ehmsas.exe
K:\Program Files\Windows Sidebar\sidebar.exe
K:\Windows\system32\wbem\unsecapp.exe
K:\Program Files\iTV\iTV.exe
K:\Program Files\ICQ7.1\ICQ.exe
K:\Program Files\Windows Live\Messenger\msnmsgr.exe
K:\Program Files\Windows Live\Contacts\wlcomm.exe
K:\Windows\system32\wuauclt.exe
K:\Users\Aldik\AppData\Local\Google\Update\1.2.183.29\GoogleCrashHandler.exe
K:\Windows\system32\Taskmgr.exe
K:\Users\Aldik\Documents\Downloads\RSIT.exe
K:\Program Files\trend micro\Aldik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.yahoo.com/?fr=avantsearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = file://K:/Users/Aldik/AppData/Local/Google/Chrome/User%20Data/Default/Extensions/caehdcpeofiiigpdhbabniblemipncjj/SwitchyAuto.pac?1275260214901
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=8.8.8.8:80
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - K:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - K:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - K:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Monitor] K:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [VX6000] K:\Windows\vVX6000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "K:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] K:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [LifeCam] "K:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [RocketDock] "K:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] K:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] K:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [iTV] K:\Program Files\iTV\iTV.exe
O4 - HKCU\..\Run: [Google Update] "K:\Users\Aldik\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://K:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - K:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - K:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - K:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - K:\Program Files\ICQ7.1\ICQ.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://aldik7.spaces.live.com/PhotoUplo ... dcs-cz.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - K:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: K:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - K:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - K:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - K:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - K:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - K:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - K:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NMIndexingService - Nero AG - K:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - K:\Windows\system32\nvvsvc.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - K:\Windows\system32\drivers\pclepci.sys

--
End of file - 6327 bytes

======Scheduled tasks folder======

K:\Windows\tasks\GoogleUpdateTaskMachineCore.job
K:\Windows\tasks\GoogleUpdateTaskMachineUA.job
K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260108842-412208790-3957146249-1000Core.job
K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260108842-412208790-3957146249-1000UA.job
K:\Windows\tasks\User_Feed_Synchronization-{BFEB102E-C06C-4C5E-8D46-42D8FEFD8C5B}.job
K:\Windows\tasks\User_Feed_Synchronization-{F522172E-259A-48A3-B181-A1F1ECE4CFEF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - K:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-02-24 138624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - K:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - K:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Monitor"=K:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"VX6000"=K:\Windows\vVX6000.exe [2006-12-19 994072]
"SunJavaUpdateSched"=K:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"avast5"=K:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"LifeCam"=K:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-01-13 275800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=K:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"ehTray.exe"=K:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Sidebar"=K:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"iTV"=K:\Program Files\iTV\iTV.exe [2010-06-15 590336]
"Google Update"=K:\Users\Aldik\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
K:\Users\Aldik\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="K:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - K:\Windows\System32\Notepad.exe %1
.js - open - K:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-06-16 00:13:52 ----D---- K:\rsit
2010-06-16 00:05:13 ----D---- K:\Program Files\trend micro
2010-06-11 01:31:41 ----A---- K:\Windows\system32\mshtml.dll
2010-06-11 01:31:40 ----A---- K:\Windows\system32\ieframe.dll
2010-06-11 01:31:39 ----A---- K:\Windows\system32\urlmon.dll
2010-06-11 01:31:39 ----A---- K:\Windows\system32\iertutil.dll
2010-06-11 01:31:38 ----A---- K:\Windows\system32\wininet.dll
2010-06-11 01:31:38 ----A---- K:\Windows\system32\occache.dll
2010-06-11 01:31:38 ----A---- K:\Windows\system32\mstime.dll
2010-06-11 01:31:38 ----A---- K:\Windows\system32\msfeeds.dll
2010-06-11 01:31:38 ----A---- K:\Windows\system32\iedkcs32.dll
2010-06-11 01:31:37 ----A---- K:\Windows\system32\ieui.dll
2010-06-11 01:31:36 ----A---- K:\Windows\system32\msfeedsbs.dll
2010-06-11 01:31:36 ----A---- K:\Windows\system32\jsproxy.dll
2010-06-11 01:31:36 ----A---- K:\Windows\system32\ieUnatt.exe
2010-06-11 01:31:36 ----A---- K:\Windows\system32\iesysprep.dll
2010-06-11 01:31:36 ----A---- K:\Windows\system32\iepeers.dll
2010-06-11 01:31:31 ----A---- K:\Windows\system32\msfeedssync.exe
2010-06-11 01:31:31 ----A---- K:\Windows\system32\iesetup.dll
2010-06-11 01:31:31 ----A---- K:\Windows\system32\iernonce.dll
2010-06-11 01:31:31 ----A---- K:\Windows\system32\ie4uinit.exe
2010-06-11 01:31:16 ----A---- K:\Windows\system32\atmfd.dll
2010-06-11 01:31:15 ----A---- K:\Windows\system32\atmlib.dll
2010-06-11 01:30:15 ----A---- K:\Windows\system32\asycfilt.dll
2010-06-10 13:12:55 ----D---- K:\Program Files\Common Files\Software Update Utility
2010-05-30 03:06:58 ----A---- K:\Windows\system32\tzres.dll
2010-05-24 02:40:19 ----D---- K:\Users\Aldik\AppData\Roaming\Facebook

======List of files/folders modified in the last 1 months======

2010-06-16 00:13:55 ----D---- K:\Windows\temp
2010-06-16 00:05:25 ----D---- K:\Windows\Prefetch
2010-06-16 00:05:13 ----RD---- K:\Program Files
2010-06-15 23:35:40 ----D---- K:\Users\Aldik\AppData\Roaming\vlc
2010-06-15 16:43:34 ----SHD---- K:\System Volume Information
2010-06-15 13:41:22 ----D---- K:\Windows\System32
2010-06-15 13:41:22 ----D---- K:\Windows\inf
2010-06-15 13:41:22 ----A---- K:\Windows\system32\PerfStringBackup.INI
2010-06-15 13:37:08 ----D---- K:\Program Files\iTV
2010-06-13 01:41:43 ----SHD---- K:\Windows\Installer
2010-06-11 12:46:26 ----D---- K:\Users\Aldik\AppData\Roaming\ICQ
2010-06-11 12:46:19 ----D---- K:\Program Files\ICQ7.1
2010-06-11 12:30:56 ----D---- K:\Windows\Microsoft.NET
2010-06-11 12:30:46 ----RSD---- K:\Windows\assembly
2010-06-11 12:30:28 ----D---- K:\Windows\winsxs
2010-06-11 12:20:15 ----D---- K:\Windows\system32\catroot
2010-06-11 01:44:07 ----D---- K:\Windows\system32\migration
2010-06-11 01:44:07 ----D---- K:\Program Files\Windows Mail
2010-06-11 01:44:07 ----D---- K:\Program Files\Internet Explorer
2010-06-11 01:33:51 ----D---- K:\Windows\system32\wbem
2010-06-11 01:30:44 ----D---- K:\Windows\system32\catroot2
2010-06-10 13:20:30 ----HD---- K:\ProgramData
2010-06-10 13:20:30 ----D---- K:\Program Files\Common Files\AOL
2010-06-10 13:12:55 ----D---- K:\Program Files\Common Files
2010-06-09 09:24:28 ----D---- K:\Windows
2010-06-09 08:39:29 ----D---- K:\Program Files\Microsoft Silverlight
2010-06-09 02:08:31 ----SD---- K:\ProgramData\Microsoft
2010-06-07 13:34:45 ----D---- K:\Windows\Minidump
2010-06-06 15:05:08 ----D---- K:\Users\Aldik\AppData\Roaming\dvdcss
2010-06-05 17:21:30 ----D---- K:\Users\Aldik\AppData\Roaming\FileZilla
2010-05-30 13:53:08 ----D---- K:\Windows\rescache
2010-05-30 03:08:31 ----D---- K:\Windows\system32\cs-CZ
2010-05-29 02:45:59 ----D---- K:\Windows\Tasks
2010-05-29 02:45:59 ----D---- K:\Windows\system32\Tasks
2010-05-28 21:37:34 ----A---- K:\Windows\system32\mrt.exe
2010-05-23 16:46:50 ----D---- K:\Users\Aldik\AppData\Roaming\Adobe
2010-05-23 16:46:50 ----D---- K:\ProgramData\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; K:\Windows\system32\drivers\aswRdr.sys [2010-05-06 23376]
R1 aswSP;aswSP; K:\Windows\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; K:\Windows\system32\drivers\aswTdi.sys [2010-05-06 46672]
R2 aswFsBlk;aswFsBlk; K:\Windows\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMonFlt;aswMonFlt; \??\K:\Windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; K:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 MarvinBus;Pinnacle Marvin Bus; K:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; K:\Windows\system32\DRIVERS\mcdbus.sys [2007-09-05 92544]
R3 nvlddmkm;nvlddmkm; K:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-09-28 9509832]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; K:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 usbaudio;Ovladač zvuků USB (WDM); K:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
R3 VX6000;Microsoft LifeCam VX-6000; K:\Windows\system32\DRIVERS\VX6000Xp.sys [2006-12-19 2383256]
R3 WUDFRd;WUDFRd; K:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 61883;61883 Unit Device; K:\Windows\system32\DRIVERS\61883.sys [2008-01-18 45696]
S3 athrusb;Atheros Wireless LAN USB device driver; K:\Windows\system32\DRIVERS\athrusb.sys [2008-07-29 904192]
S3 Avc;Zařízení AVC; K:\Windows\system32\DRIVERS\avc.sys [2008-01-18 40448]
S3 catchme;catchme; \??\K:\Users\Aldik\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; K:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 MSDV;Microsoft DV Camera and VCR; K:\Windows\system32\DRIVERS\msdv.sys [2008-01-18 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; K:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; K:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; K:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; K:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 PAC207;SoC PC-Camera; K:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 rootrepeal;rootrepeal; \??\K:\Windows\system32\drivers\rootrepeal.sys []
S3 Ser2pl;Prolific Serial port driver; K:\Windows\system32\DRIVERS\ser2pl.sys []
S3 SPLITCAM;Splitcam, WDM Camera Stream Splitter; K:\Windows\system32\DRIVERS\splitcam.sys []
S3 usbvideo;Zobrazovací zařízení USB (WDM); K:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WimFltr;WimFltr; K:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 WpdUsb;WpdUsb; K:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; K:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; K:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 avast! Antivirus;avast! Antivirus; K:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 MSCamSvc;MSCamSvc; K:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-01-05 240408]
R2 nvsvc;NVIDIA Display Driver Service; K:\Windows\system32\nvvsvc.exe [2009-09-27 215656]
R2 SeaPort;SeaPort; K:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-02-24 242560]
R2 wlidsvc;Windows Live ID Sign-in Assistant; K:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 avast! Mail Scanner;avast! Mail Scanner; K:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; K:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S2 gupdate;Google Update Service (gupdate); K:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S2 PCLEPCI;PCLEPCI; K:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; K:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 NMIndexingService;NMIndexingService; K:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S4 Plánovač automatické aktualizace LiveUpdate;Plánovač automatické aktualizace LiveUpdate; K:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 čer 2010 07:21

Zdravim a pekne rano preji,

Tohle proxy 8.8.8.8:80 pouzivate umyslne

Jsou s PC nejake problemy

aldik · #3 Příspěvek od **aldik** » 16 čer 2010 12:53

vyosek píše:Zdravim a pekne rano preji,

Tohle proxy 8.8.8.8:80 pouzivate umyslne
Jsou s PC nejake problemy

proxy? Nee.. já mám připojený akorát na UPC modem router kvůli druhému počítači(notebooku).. žádné proxy sem ručně nenastavoval..

.. no žádné problémy s PC nepozoruji.. teda kromě nedostačující RAMky a DVD mechaniky co se nevysouvá, asi vzdala službu, ale to nebude problém k řešení na virovém fóru

#4 Příspěvek od **vyosek** » 16 čer 2010 16:12

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

aldik · #5 Příspěvek od **aldik** » 16 čer 2010 17:32

OTL.txt

OTL logfile created on: 16.6.2010 18:05:22 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = K:\Users\Aldik\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 022,00 Mb Total Physical Memory | 358,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 34,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = K: | %SystemRoot% = K:\Windows | %ProgramFiles% = K:\Program Files
Drive C: | 31,74 Gb Total Space | 25,33 Gb Free Space | 79,80% Space Free | Partition Type: NTFS
Drive D: | 96,25 Gb Total Space | 96,00 Gb Free Space | 99,74% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 61,04 Gb Total Space | 31,67 Gb Free Space | 51,89% Space Free | Partition Type: NTFS
Drive L: | 109,06 Gb Total Space | 17,30 Gb Free Space | 15,87% Space Free | Partition Type: NTFS

Computer Name: COMPUTER
Current User Name: Aldik
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.16 18:03:07 | 000,572,416 | ---- | M] (OldTimer Tools) -- K:\Users\Aldik\Dokumenty\Downloads\OTL.exe
PRC - [2010.06.15 13:35:52 | 000,590,336 | ---- | M] (Lazy) -- K:\Program Files\iTV\iTV.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- K:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- K:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.16 22:12:30 | 000,111,952 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Windows Live\Mail\wlmail.exe
PRC - [2010.04.16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010.04.03 02:08:57 | 000,910,296 | ---- | M] (Mozilla Corporation) -- K:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.02.24 18:12:30 | 000,318,848 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010.02.24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- K:\Windows\explorer.exe
PRC - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2007.09.02 13:58:52 | 000,495,616 | ---- | M] () -- K:\Program Files\RocketDock\RocketDock.exe
PRC - [2007.01.05 00:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2006.12.19 21:29:00 | 000,994,072 | ---- | M] (Microsoft Corporation
) -- K:\Windows\vVX6000.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- K:\Windows\PixArt\Pac207\Monitor.exe

========== Modules (SafeList) ==========

MOD - [2010.06.16 18:03:07 | 000,572,416 | ---- | M] (OldTimer Tools) -- K:\Users\Aldik\Dokumenty\Downloads\OTL.exe
MOD - [2009.04.11 00:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- K:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008.01.19 00:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- K:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (Plánovač automatické aktualizace LiveUpdate)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- K:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- K:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- K:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.02.24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- K:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- K:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- K:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.02.18 12:38:44 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- K:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- K:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.01.05 00:13:54 | 000,240,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- K:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2005.02.09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Auto | Stopped] -- K:\Windows\System32\drivers\Pclepci.sys -- (PCLEPCI)

========== Driver Services (SafeList) ==========

DRV - [2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- K:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- K:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- K:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.05.06 22:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- K:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- K:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.09.28 00:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- K:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.04.10 22:42:56 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- K:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvuků USB (WDM)
DRV - [2008.07.29 04:45:00 | 000,904,192 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- K:\Windows\System32\drivers\athrusb.sys -- (athrusb)
DRV - [2008.01.18 22:53:32 | 000,045,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- K:\Windows\System32\drivers\61883.sys -- (61883)
DRV - [2008.01.18 22:53:32 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- K:\Windows\System32\drivers\avc.sys -- (Avc)
DRV - [2008.01.18 22:53:30 | 000,052,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- K:\Windows\System32\drivers\msdv.sys -- (MSDV)
DRV - [2007.10.10 09:08:48 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- K:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007.09.05 01:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- K:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007.01.05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2007.01.05 22:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\nvraid.sys -- (nvraid) NVIDIA nForce(tm)
DRV - [2007.01.04 10:07:00 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- K:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2006.12.19 21:29:04 | 002,383,256 | ---- | M] (Microsoft Corporation
) [Kernel | On_Demand | Running] -- K:\Windows\System32\drivers\VX6000Xp.sys -- (VX6000)
DRV - [2006.12.05 12:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- K:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006.11.02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- K:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- K:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- K:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- K:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,047,104 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- K:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- K:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006.11.02 01:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- K:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://google.icq.com
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.yahoo.com/?fr=avantsearch
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=8.8.8.8:80
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://K:/Users/Aldik/AppData/Local/Google/Chrome/User%20Data/Default/Extensions/caehdcpeofiiigpdhbabniblemipncjj/SwitchyAuto.pac?1275260214901

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b1
FF - prefs.js..extensions.enabledItems: {02450954-cdd9-410f-b1da-db804e18c671}:0.96.3
FF - prefs.js..extensions.enabledItems: {20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}:1.6
FF - prefs.js..extensions.enabledItems: googleviewer@brandon.siegel:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.4.5
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: K:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.06.13 01:36:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: K:\Program Files\Mozilla Firefox\components [2010.04.03 02:09:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: K:\Program Files\Mozilla Firefox\plugins [2010.06.16 14:56:32 | 000,000,000 | ---D | M]

[2010.03.22 11:33:55 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Mozilla\Extensions
[2010.03.22 11:33:55 | 000,000,000 | ---D | M] (No name found) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Extensions\{33cb9019-c295-46dd-be21-8c4936574bee}
[2010.06.15 23:39:39 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions
[2010.03.27 14:03:09 | 000,000,000 | ---D | M] (Screengrab) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2010.04.27 20:39:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.12 07:08:17 | 000,000,000 | ---D | M] (No name found) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}
[2009.12.13 19:29:10 | 000,000,000 | ---D | M] (MinimizeToTray) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\{3502a070-ea2f-11dd-ba2f-0800200c9a66}
[2010.05.01 13:11:59 | 000,000,000 | ---D | M] (Adblock Plus) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.06.03 01:34:30 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2009.12.13 19:29:09 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\fastdial@telega.phpnet.us
[2010.06.05 15:05:55 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\firefox@facebook.com
[2010.04.19 01:39:25 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\extensions\googleviewer@brandon.siegel
[2010.01.10 18:25:35 | 000,002,172 | ---- | M] () -- K:\Users\Aldik\AppData\Roaming\Mozilla\Firefox\Profiles\hbn2pnch.default\searchplugins\bing.xml
[2010.04.20 22:45:57 | 000,000,000 | ---D | M] -- K:\Program Files\Mozilla Firefox\extensions
[2010.04.20 22:45:57 | 000,000,000 | ---D | M] (Java Console) -- K:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- K:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.08.03 16:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- K:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
[2010.01.22 00:37:29 | 000,000,638 | ---- | M] () -- K:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.22 00:37:29 | 000,001,687 | ---- | M] () -- K:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.22 00:37:29 | 000,001,367 | ---- | M] () -- K:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.22 00:37:29 | 000,000,654 | ---- | M] () -- K:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.22 00:37:29 | 000,001,179 | ---- | M] () -- K:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.06.04 18:36:20 | 000,000,734 | ---- | M]) - K:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - K:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - K:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O4 - HKLM..\Run: [avast5] K:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [LifeCam] K:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Monitor] K:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [VX6000] K:\Windows\vVX6000.exe (Microsoft Corporation
)
O4 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000..\Run: [iTV] K:\Program Files\iTV\iTV.exe (Lazy)
O4 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000..\Run: [RocketDock] K:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - K:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - K:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - K:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - K:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.4.8.cab (DLM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://aldik7.spaces.live.com/PhotoUplo ... dcs-cz.cab (Windows Live Photo Upload Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/Me ... b56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/Mi ... b56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - K:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - K:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - K:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - K:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (K:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - K:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - K:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.08 13:10:39 | 000,000,095 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - K:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - K:\Windows\System32\ias [2010.02.25 03:54:35 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - K:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - K:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - K:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: MSVideo8 - K:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - K:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2010.06.16 18:03:19 | 000,000,000 | ---D | C] -- K:\Users\Aldik\AppData\Local\AOL
[2010.06.16 15:42:43 | 000,000,000 | ---D | C] -- K:\Windows\LastGood
[2010.06.16 14:45:35 | 000,000,000 | ---D | C] -- K:\Users\Aldik\AppData\Local\Flock
[2010.06.16 00:13:52 | 000,000,000 | ---D | C] -- K:\rsit
[2010.06.16 00:05:13 | 000,000,000 | ---D | C] -- K:\Program Files\trend micro
[2010.06.11 01:31:38 | 000,611,840 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\mstime.dll
[2010.06.11 01:31:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\msfeeds.dll
[2010.06.11 01:31:38 | 000,387,584 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\iedkcs32.dll
[2010.06.11 01:31:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\inetcpl.cpl
[2010.06.11 01:31:37 | 000,164,352 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\ieui.dll
[2010.06.11 01:31:36 | 000,184,320 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\iepeers.dll
[2010.06.11 01:31:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\ieUnatt.exe
[2010.06.11 01:31:36 | 000,109,056 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\iesysprep.dll
[2010.06.11 01:31:36 | 000,055,296 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\msfeedsbs.dll
[2010.06.11 01:31:36 | 000,025,600 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\jsproxy.dll
[2010.06.11 01:31:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\mshtml.tlb
[2010.06.11 01:31:31 | 000,173,056 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\ie4uinit.exe
[2010.06.11 01:31:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\iesetup.dll
[2010.06.11 01:31:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\iernonce.dll
[2010.06.11 01:31:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\msfeedssync.exe
[2010.06.11 01:31:16 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- K:\Windows\System32\atmfd.dll
[2010.06.11 01:31:15 | 000,034,304 | ---- | C] (Adobe Systems) -- K:\Windows\System32\atmlib.dll
[2010.06.11 01:30:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\asycfilt.dll
[2010.06.11 01:29:31 | 002,037,248 | ---- | C] (Microsoft Corporation) -- K:\Windows\System32\win32k.sys
[8 K:\Windows\System32\*.tmp files -> K:\Windows\System32\*.tmp -> ]
[1 K:\Windows\System32\drivers\*.tmp files -> K:\Windows\System32\drivers\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.06.16 18:09:57 | 005,242,880 | -HS- | M] () -- K:\Users\Aldik\NTUSER.DAT
[2010.06.16 18:09:00 | 000,000,464 | -H-- | M] () -- K:\Windows\tasks\User_Feed_Synchronization-{F522172E-259A-48A3-B181-A1F1ECE4CFEF}.job
[2010.06.16 18:05:17 | 000,000,462 | -H-- | M] () -- K:\Windows\tasks\User_Feed_Synchronization-{BFEB102E-C06C-4C5E-8D46-42D8FEFD8C5B}.job
[2010.06.16 18:02:00 | 000,000,962 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260108842-412208790-3957146249-1000UA.job
[2010.06.16 17:39:31 | 000,003,696 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.16 17:39:31 | 000,003,696 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.16 17:26:00 | 000,000,938 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.16 17:26:00 | 000,000,934 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.16 15:02:00 | 000,000,910 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260108842-412208790-3957146249-1000Core.job
[2010.06.16 14:58:23 | 000,002,047 | ---- | M] () -- K:\Users\Aldik\Desktop\Google Chrome.lnk
[2010.06.16 13:45:33 | 001,393,930 | ---- | M] () -- K:\Windows\System32\PerfStringBackup.INI
[2010.06.16 13:45:33 | 000,598,600 | ---- | M] () -- K:\Windows\System32\perfh005.dat
[2010.06.16 13:45:33 | 000,586,980 | ---- | M] () -- K:\Windows\System32\perfh009.dat
[2010.06.16 13:45:33 | 000,114,808 | ---- | M] () -- K:\Windows\System32\perfc005.dat
[2010.06.16 13:45:33 | 000,101,052 | ---- | M] () -- K:\Windows\System32\perfc009.dat
[2010.06.16 13:39:55 | 000,070,463 | ---- | M] () -- K:\ProgramData\nvModes.dat
[2010.06.16 13:39:33 | 000,000,006 | -H-- | M] () -- K:\Windows\tasks\SA.DAT
[2010.06.16 13:39:32 | 000,070,463 | ---- | M] () -- K:\ProgramData\nvModes.001
[2010.06.16 13:39:27 | 000,067,584 | --S- | M] () -- K:\Windows\bootstat.dat
[2010.06.16 02:42:59 | 000,524,288 | -HS- | M] () -- K:\Users\Aldik\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.06.16 02:42:59 | 000,065,536 | -HS- | M] () -- K:\Users\Aldik\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.06.16 02:42:42 | 003,417,898 | -H-- | M] () -- K:\Users\Aldik\AppData\Local\IconCache.db
[2010.06.16 02:08:39 | 000,001,675 | ---- | M] () -- K:\Users\Aldik\Desktop\CCleaner.lnk
[2010.06.16 02:05:44 | 000,001,790 | ---- | M] () -- K:\Users\Public\Desktop\FileZilla Client.lnk
[2010.06.11 12:19:14 | 000,392,800 | ---- | M] () -- K:\Windows\System32\FNTCACHE.DAT
[2010.06.10 13:13:10 | 000,002,347 | -H-- | M] () -- K:\IPH.PH
[8 K:\Windows\System32\*.tmp files -> K:\Windows\System32\*.tmp -> ]
[1 K:\Windows\System32\drivers\*.tmp files -> K:\Windows\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.16 14:58:23 | 000,002,047 | ---- | C] () -- K:\Users\Aldik\Desktop\Google Chrome.lnk
[2010.06.16 14:57:48 | 000,000,962 | ---- | C] () -- K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260108842-412208790-3957146249-1000UA.job
[2010.06.16 14:57:48 | 000,000,910 | ---- | C] () -- K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2260108842-412208790-3957146249-1000Core.job
[2010.02.25 07:38:46 | 000,117,248 | ---- | C] () -- K:\Windows\System32\EhStorAuthn.dll
[2010.01.22 18:18:03 | 000,073,728 | ---- | C] () -- K:\Windows\System32\vbzlib1.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- K:\Windows\System32\OGACheckControl.dll
[2009.07.12 23:18:34 | 000,003,082 | ---- | C] () -- K:\Windows\System32\affv11300p4now.sys
[2008.02.11 09:39:26 | 000,253,952 | ---- | C] () -- K:\Windows\System32\OnlineScannerDLLA.dll
[2008.02.11 09:39:18 | 000,237,568 | ---- | C] () -- K:\Windows\System32\OnlineScannerDLLW.dll
[2008.02.08 13:53:46 | 000,110,592 | ---- | C] () -- K:\Windows\System32\OnlineScannerLang.dll
[2008.02.02 15:37:38 | 000,000,049 | ---- | C] () -- K:\Windows\NeroDigital.ini
[2008.01.09 17:10:34 | 000,000,021 | ---- | C] () -- K:\Windows\atid.ini
[2007.11.24 17:09:48 | 000,000,061 | ---- | C] () -- K:\Windows\Wininit.ini
[2007.11.01 16:46:34 | 000,000,017 | ---- | C] () -- K:\Windows\MovingPicture.ini
[2007.10.10 09:08:48 | 000,685,816 | ---- | C] () -- K:\Windows\System32\drivers\sptd.sys
[2007.10.08 13:41:17 | 000,086,016 | ---- | C] () -- K:\Windows\System32\DVResampleru.dll
[2007.08.28 11:43:33 | 000,000,384 | ---- | C] () -- K:\Windows\ODBC.INI
[2007.07.27 14:49:02 | 000,225,355 | ---- | C] () -- K:\Windows\System32\lnod32apiW.dll
[2007.07.27 14:49:02 | 000,196,683 | ---- | C] () -- K:\Windows\System32\lnod32apiA.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- K:\Windows\System32\sysprepMCE.dll
[2006.11.02 10:33:50 | 000,056,880 | ---- | C] () -- K:\Windows\System32\scvideo.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- K:\Windows\System32\pacerprf.ini
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- K:\Windows\System32\SP207.INI
[2005.12.05 19:25:22 | 000,139,264 | ---- | C] () -- K:\Windows\System32\lnod32umc.dll
[2005.12.05 12:37:10 | 000,106,496 | ---- | C] () -- K:\Windows\System32\lnod32upd.dll
[2004.12.10 03:23:00 | 000,015,497 | ---- | C] () -- K:\Windows\VX6KStd.ini
[2003.08.07 14:01:52 | 000,237,568 | ---- | C] () -- K:\Windows\System32\lame_enc.dll
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- K:\Windows\System32\MSRTEDIT.DLL

========== LOP Check ==========

[2010.03.15 02:18:36 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\.purple
[2009.11.20 19:38:20 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\acccore
[2010.04.02 02:35:49 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\AIMP
[2009.06.18 20:30:58 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Canon
[2010.05.24 02:40:21 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Facebook
[2010.06.16 02:06:40 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\FileZilla
[2009.08.28 19:13:41 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\GHISLER
[2009.04.07 19:41:48 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\GrabPro
[2010.06.16 18:03:19 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\ICQ
[2009.12.31 21:49:14 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\IrfanView
[2010.03.12 02:32:06 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\KompoZer
[2010.02.25 10:32:47 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\OpenOffice.org
[2009.12.24 14:17:40 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\PeerNetworking
[2010.03.26 23:36:48 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.01.07 22:27:27 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Windows Live Writer
[2009.12.02 22:56:43 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Xi
[2010.06.16 02:43:27 | 000,032,568 | ---- | M] () -- K:\Windows\Tasks\SCHEDLGU.TXT
[2010.06.16 18:05:17 | 000,000,462 | -H-- | M] () -- K:\Windows\Tasks\User_Feed_Synchronization-{BFEB102E-C06C-4C5E-8D46-42D8FEFD8C5B}.job
[2010.06.16 18:09:00 | 000,000,464 | -H-- | M] () -- K:\Windows\Tasks\User_Feed_Synchronization-{F522172E-259A-48A3-B181-A1F1ECE4CFEF}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RocketDock" = "K:\Program Files\RocketDock\RocketDock.exe" -- [2007.09.02 13:58:52 | 000,495,616 | ---- | M] ()
"ehTray.exe" = K:\Windows\ehome\ehTray.exe -- [2008.01.19 00:33:10 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Sidebar" = K:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.04.11 00:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation)
"iTV" = K:\Program Files\iTV\iTV.exe -- [2010.06.15 13:35:52 | 000,590,336 | ---- | M] (Lazy)
"Google Update" = "K:\Users\Aldik\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.03.18 18:21:07 | 000,136,176 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Nimbuzz]

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.03.15 02:18:36 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\.purple
[2009.11.20 19:38:20 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\acccore
[2010.05.23 16:46:50 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Adobe
[2007.09.29 17:49:32 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Ahead
[2010.04.02 02:35:49 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\AIMP
[2009.03.13 01:44:00 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Apple Computer
[2009.06.18 20:30:58 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Canon
[2010.06.06 15:05:08 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\dvdcss
[2010.05.24 02:40:21 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Facebook
[2010.06.16 02:06:40 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\FileZilla
[2009.08.28 19:13:41 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\GHISLER
[2010.01.02 03:41:22 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Google
[2009.04.07 19:41:48 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\GrabPro
[2010.06.16 18:03:19 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\ICQ
[2007.08.28 10:49:24 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Identities
[2009.12.31 21:49:14 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\IrfanView
[2010.03.12 02:32:06 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\KompoZer
[2007.08.28 12:54:26 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Macromedia
[2010.01.21 01:25:03 | 000,000,000 | --SD | M] -- K:\Users\Aldik\AppData\Roaming\Microsoft
[2009.12.13 19:17:10 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Mozilla
[2010.02.25 10:32:47 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\OpenOffice.org
[2009.12.24 14:17:40 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\PeerNetworking
[2010.04.07 23:18:01 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Skype
[2010.04.07 23:17:29 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\skypePM
[2009.09.27 17:43:46 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Talkback
[2010.03.26 23:36:48 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.06.16 15:34:13 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\vlc
[2010.01.07 22:27:27 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Windows Live Writer
[2009.09.21 12:43:34 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\WinRAR
[2009.12.02 22:56:43 | 000,000,000 | ---D | M] -- K:\Users\Aldik\AppData\Roaming\Xi

< %APPDATA%\*.exe /s >
[2010.05.24 02:40:21 | 000,050,354 | ---- | M] (Facebook, Inc.) -- K:\Users\Aldik\AppData\Roaming\Facebook\uninstall.exe
[2010.03.26 23:35:03 | 000,038,784 | ---- | M] () -- K:\Users\Aldik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.01.12 01:31:49 | 016,627,016 | ---- | M] () -- K:\Users\Aldik\AppData\Roaming\Microsoft\IM-HM\im-hm-uninst.exe

< MD5 for: AGP440.SYS >
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- K:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- K:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- K:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 00:42:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- K:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- K:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- K:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- K:\Windows\System32\drivers\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- K:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- K:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- K:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 00:41:32 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- K:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- K:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.14 00:28:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- K:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.14 00:28:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- K:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.14 00:27:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- K:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- K:\Windows\System32\autochk.exe
[2009.04.11 00:27:22 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- K:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 00:33:02 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- K:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 11:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- K:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- K:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.18 22:49:52 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- K:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- K:\Windows\System32\drivers\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- K:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009.04.10 22:39:18 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- K:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- K:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- K:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- K:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2006.11.02 11:46:03 | 000,123,392 | ---- | M] (Microsoft Corporation) MD5=1C26FB097170A2A91066D1E3A24366E3 -- K:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
[2008.01.19 00:34:02 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- K:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 00:28:20 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- K:\Windows\System32\cryptsvc.dll
[2009.04.11 00:28:20 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- K:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007.11.14 16:23:20 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007.11.14 16:23:19 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- K:\Windows\explorer.exe
[2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 00:33:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- K:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009.04.11 00:32:48 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- K:\Windows\System32\hal.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- K:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 00:42:52 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- K:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- K:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- K:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- K:\Windows\System32\drivers\isapnp.sys
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- K:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- K:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- K:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- K:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.19 00:42:16 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- K:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

...

aldik · #6 Příspěvek od **aldik** » 16 čer 2010 17:33

druhá část souboru OTL ..

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- K:\Windows\System32\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2006.11.02 11:45:21 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=6A0E382E74280E4CC0DF17FE2661D003 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.19 09:33:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- K:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 00:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- K:\Windows\System32\drivers\ndis.sys
[2009.04.11 00:32:50 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- K:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2006.11.02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- K:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
[2008.01.19 00:43:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- K:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- K:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- K:\Windows\System32\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- K:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 00:35:38 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- K:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.19 00:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- K:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.19 00:43:02 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- K:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2007.01.05 22:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) MD5=6F785DB62A6D8F3FAFD3E5695277E849 -- K:\Windows\System32\drivers\nvraid.sys
[2007.01.05 22:59:34 | 000,086,096 | ---- | M] (NVIDIA Corporation) MD5=6F785DB62A6D8F3FAFD3E5695277E849 -- K:\Windows\System32\DriverStore\FileRepository\nvraid.inf_45f67928\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- K:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2007.01.05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- K:\Windows\System32\drivers\nvstor.sys
[2007.01.05 22:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- K:\Windows\System32\DriverStore\FileRepository\nvraid.inf_45f67928\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- K:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- K:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 00:42:10 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- K:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 00:36:20 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- K:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- K:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- K:\Windows\System32\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- K:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.01.19 00:33:32 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- K:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2009.04.11 00:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- K:\Windows\System32\smss.exe
[2009.04.11 00:28:06 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- K:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe
[2006.11.02 11:45:45 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=CAA75757BB3695478C23CB0624342A61 -- K:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.16386_none_aa03e6011c468ee6\smss.exe

< MD5 for: SVCHOST.EXE >
[2006.11.02 11:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- K:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- K:\Windows\System32\svchost.exe
[2008.01.19 00:33:34 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- K:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.01.09 11:12:54 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=028061C7F6D2D03068C72E2A27E4228A -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[2009.04.11 00:33:04 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2008.01.09 11:12:53 | 000,804,352 | ---- | M] (Microsoft Corporation) MD5=43EAE40B50FE3E60D194DD9C97EBB1FD -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- K:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.02.14 00:26:50 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.02.14 00:26:50 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2007.04.20 11:55:56 | 000,803,840 | ---- | M] (Microsoft Corporation) MD5=D993AAC691DEEC99A064420FAF3437E0 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20582_none_5fd47169ab8fd179\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 00:43:40 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- K:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- K:\Windows\System32\userinit.exe
[2008.01.19 00:33:34 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- K:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- K:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- K:\Windows\System32\winlogon.exe
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- K:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- K:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 00:33:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- K:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.11.02 11:46:14 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=D99A071C1018BB3D4ABAAD4B62048AC2 -- K:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6000.16386_none_f080eec6d16af4f0\ws2_32.dll
[2008.01.19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- K:\Windows\System32\ws2_32.dll
[2008.01.19 00:37:10 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- K:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 00:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- K:\Windows\System32\rsaenh.dll
[2009.04.11 00:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- K:\Windows\System32\SLC.dll
[8 K:\Windows\system32\*.tmp files -> K:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.10.10 09:08:48 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- K:\Windows\System32\drivers\sptd.sys
[1 K:\Windows\system32\drivers\*.tmp files -> K:\Windows\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- K:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- K:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- K:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- K:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- K:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2009.04.11 00:27:48 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- K:\Windows\System32\rsaenh.dll
[2009.04.11 00:28:24 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- K:\Windows\System32\SLC.dll
[8 K:\Windows\system32\*.tmp files -> K:\Windows\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[1 K:\Windows\system32\drivers\*.tmp files -> K:\Windows\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2010.06.16 17:39:31 | 000,003,696 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.16 17:39:31 | 000,003,696 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.16 13:45:33 | 000,114,808 | ---- | M] () -- K:\Windows\System32\perfc005.dat
[2010.06.16 13:45:33 | 000,101,052 | ---- | M] () -- K:\Windows\System32\perfc009.dat
[2010.06.16 13:45:33 | 000,598,600 | ---- | M] () -- K:\Windows\System32\perfh005.dat
[2010.06.16 13:45:33 | 000,586,980 | ---- | M] () -- K:\Windows\System32\perfh009.dat
[2010.06.16 13:45:33 | 001,393,930 | ---- | M] () -- K:\Windows\System32\PerfStringBackup.INI
[8 K:\Windows\system32\*.tmp files -> K:\Windows\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> K:\ProgramData\TEMP:DFC5A2B2
< End of report >

aldik · #7 Příspěvek od **aldik** » 16 čer 2010 17:33

Extras.txt

OTL Extras logfile created on: 16.6.2010 18:05:22 - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = K:\Users\Aldik\Documents\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 022,00 Mb Total Physical Memory | 358,00 Mb Available Physical Memory | 35,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 34,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = K: | %SystemRoot% = K:\Windows | %ProgramFiles% = K:\Program Files
Drive C: | 31,74 Gb Total Space | 25,33 Gb Free Space | 79,80% Space Free | Partition Type: NTFS
Drive D: | 96,25 Gb Total Space | 96,00 Gb Free Space | 99,74% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 61,04 Gb Total Space | 31,67 Gb Free Space | 51,89% Space Free | Partition Type: NTFS
Drive L: | 109,06 Gb Total Space | 17,30 Gb Free Space | 15,87% Space Free | Partition Type: NTFS

Computer Name: COMPUTER
Current User Name: Aldik
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- K:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- K:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
https [open] -- N:\FIREFO~1\APP\FIREFOX\FIREFOX.EXE -requestPending -osint -url "%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "K:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "K:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- K:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "K:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08DA43B5-680C-4588-8D1A-A0AED2A66001}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{13ADA2FD-C09E-4295-86C0-65DFF0149B82}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{229DAC78-A15F-4768-B358-A693B2777F16}" = rport=5358 | protocol=6 | dir=out | app=system |
"{23948889-8E80-467C-817F-253D61EE2EAD}" = lport=5357 | protocol=6 | dir=in | app=system |
"{2B53E51A-2C21-4C7C-8BA8-8817FDF5B0B4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{2B5B8DEA-2B10-4B22-8E38-6FD2266AE2ED}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{33E8E95D-1601-4B16-8424-452B532A7252}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{43233832-EE9E-449C-B825-D299B6A446BE}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{45AB04E6-A061-44CC-91F9-7F2A50A04151}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{5995FBC1-D4EA-4651-BA44-95242BF367E8}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{64D81C58-48A2-4773-851D-DFA6C11B28CC}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{6B06ACE2-0D90-4F33-B524-8E606C4CDCD4}" = lport=5358 | protocol=6 | dir=in | app=system |
"{71DA05F9-AE0F-499C-9F6B-F753CEC097D1}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{728D4EC1-A89A-4106-A7C0-D7FFAE0E5273}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75D882CC-6CC4-4CAC-BABD-8474300232A5}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{85439567-0E2A-4756-9448-E940CB3C96D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8FFDD7B1-6AB9-47FA-81F3-AB86ACC9848C}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{99C5E1F1-428E-42CD-A597-2BB6BEC90E87}" = rport=5357 | protocol=6 | dir=out | app=system |
"{9AAFE9E6-1804-4BB2-9FA6-D01F978CAA97}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe |
"{A3D53348-1590-4CDB-8B0B-3A75DB0E2E95}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{AC94592F-B73E-49FE-8D1E-3A360989E9B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADA87D4A-D2F1-45D9-A571-74AB37CA1580}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7905F1E-F5E1-4D7D-B8D1-CE506CF5A218}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{BA223D27-C3D7-47E0-BF09-9AA49FC13A2B}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{BECA5F1F-E2D1-48C0-99C6-7D4D2CD99567}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E02A7983-D67B-4C22-9355-A27CC8538415}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{E178BF0F-A946-40F3-94A7-80BEF1D385FC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EBDD68B9-68F0-4DC6-A520-2FA0CA62A5C4}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe |
"{EEE2D5BB-4E87-400F-AC45-8CE61E265A92}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FBBBDC11-B240-43A1-AAD0-4E2E20688432}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01D1F86A-FA4A-4B58-8DA0-5D4945839060}" = protocol=6 | dir=in | app=k:\program files\microsoft lifecam\lifeexp.exe |
"{05457BA4-5360-4A83-B3BC-8C679748C544}" = protocol=17 | dir=in | app=k:\program files\aim\aim.exe |
"{07AF4FC1-89FB-463F-B394-2DE6455D5E38}" = protocol=17 | dir=in | app=k:\program files\microsoft lifecam\lifecam.exe |
"{08B50742-2CA6-435B-AF55-CBBCEACD81DD}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{0DA79FC9-1F45-448E-B99F-D5847A51365B}" = dir=in | app=k:\program files\windows live\messenger\msnmsgr.exe |
"{125845FE-235A-409D-88B8-046AA0C876B4}" = protocol=6 | dir=in | app=k:\program files\skype\phone\skype.exe |
"{160C2ED9-A0B0-43AC-AE0E-DF0A6639739E}" = protocol=17 | dir=in | app=k:\program files\aim\aim.exe |
"{19A8B258-92A3-462C-B033-A1A05B288091}" = protocol=17 | dir=in | app=k:\program files\icq7.0\aolload.exe |
"{2A1538A4-379E-4D3E-9E37-A4AB7B1BDF68}" = protocol=17 | dir=in | app=k:\program files\microsoft office\office12\groove.exe |
"{2B75D138-E122-436F-961D-46740F9842C2}" = protocol=6 | dir=in | app=k:\program files\aim\aim.exe |
"{2E79F9AB-1FDE-4674-BAAD-30535A4F1DCB}" = protocol=17 | dir=in | app=k:\program files\icq7.1\aolload.exe |
"{2ED39B92-971E-42E2-86BB-46EF6C014215}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{2F0FFAE1-1314-41A4-80CC-848BBA978A2C}" = protocol=17 | dir=in | app=k:\program files\microsoft office\office12\onenote.exe |
"{3C33495E-AFFC-4D45-BA97-2AD36610746F}" = protocol=17 | dir=in | app=k:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe |
"{3F006F5C-E5FB-4E57-BAC7-D7E756302DFD}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe |
"{3F230FAA-3F13-4F52-AE13-06557CE099B8}" = protocol=6 | dir=in | app=k:\program files\pinnacle\studio 11\programs\rm.exe |
"{40F250C4-7C5B-4DF1-B41E-C55B320E1C64}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{48F54BCF-A1F0-4F34-BD31-AEC3A5F1BFDB}" = protocol=6 | dir=in | app=k:\program files\icq7.0\icq.exe |
"{4ACB6F5E-3F39-4A66-952D-928BA3E7DDDF}" = protocol=17 | dir=in | app=k:\program files\icq7.0\icq.exe |
"{4C0569D4-2B68-48A9-B97E-9D4AE0CA01B2}" = protocol=6 | dir=in | app=k:\program files\microsoft lifecam\lifecam.exe |
"{4D741D9D-5BC1-4BF7-BF3A-5731C48E6367}" = protocol=6 | dir=in | app=k:\program files\icq7.1\aolload.exe |
"{5147702A-E1DC-40BB-B1A9-B34FF0A91C0D}" = protocol=17 | dir=in | app=k:\program files\icq7.1\icq.exe |
"{5479E294-B89D-4341-BD32-B6423DF69F46}" = dir=in | app=k:\program files\windows live\sync\windowslivesync.exe |
"{56491B84-A039-46C6-A857-317907726571}" = protocol=6 | dir=in | app=k:\program files\icq6.5\icq.exe |
"{6ABE083E-F31C-417A-9C79-796BAF432CF8}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{6FFE661B-D40A-4F6F-97B3-9C8C7FB5DD35}" = protocol=6 | dir=in | app=k:\program files\icq7.0\aolload.exe |
"{7D3FDA16-525B-4351-80FE-985475E3B9DC}" = protocol=6 | dir=in | app=k:\program files\icq7.0\aolload.exe |
"{881E7A39-8926-4CF3-8960-2819D9A898BF}" = protocol=6 | dir=in | app=k:\program files\opera\opera.exe |
"{8BD53681-BA0D-4578-8B34-04CB13573F6C}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{8EB37F0B-3624-4454-9030-094E9B66B6E4}" = protocol=6 | dir=in | app=k:\program files\icq7.0\icq.exe |
"{9917B77C-B231-42F9-B40E-9E2DD505A930}" = protocol=6 | dir=in | app=k:\program files\aim\aim.exe |
"{9DB4D80B-DDD1-4744-B511-3315C4213912}" = protocol=6 | dir=in | app=k:\program files\microsoft office\office12\groove.exe |
"{A1369699-C919-4294-AB6B-0A781EF688F1}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A44DE225-DB83-4045-A64D-19CCF91EA7CD}" = protocol=6 | dir=in | app=k:\program files\icq7.1\icq.exe |
"{A9DDEF4B-355E-4C13-8EE7-DAB26117C3F7}" = protocol=6 | dir=in | app=k:\program files\icq7.1\aolload.exe |
"{AF12FE02-CE88-4642-8ADE-EF0AF8EDB9CC}" = protocol=17 | dir=in | app=k:\program files\pinnacle\studio 11\programs\rm.exe |
"{B21A8A2E-59BC-4B98-98DE-F428CED509A3}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{B3140E0C-AF94-434F-A0CF-85DCB8EAA3BB}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{B6E20D74-EC17-433F-8CF7-689D8797DD61}" = protocol=17 | dir=in | app=k:\program files\opera\opera.exe |
"{B6EC03BC-DBBC-401E-91F2-72D2CDE26AE4}" = protocol=17 | dir=in | app=k:\program files\microsoft lifecam\lifeexp.exe |
"{D38E2BC9-2A65-4AD3-B364-BBEBCE98D9DE}" = protocol=17 | dir=in | app=k:\program files\icq7.1\aolload.exe |
"{D48BBD22-6868-4E38-AE40-9D6EFD1C504D}" = protocol=6 | dir=in | app=k:\program files\pinnacle\studio 11\programs\pmsregisterfile.exe |
"{D8950066-C6E6-4CAE-B578-45F1C2A81D93}" = protocol=17 | dir=in | app=k:\program files\icq7.0\icq.exe |
"{DD5D85A9-35EF-49FD-96F1-5894D0904728}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{DE4E431E-B305-4530-BDB6-E06CB2B2C16F}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe |
"{E140E031-C3BA-4333-8194-2879FB539BFD}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe |
"{E615E083-B6BA-4FBD-BA78-80ECAD9470EA}" = protocol=17 | dir=in | app=k:\program files\icq7.1\icq.exe |
"{E62E6148-4CEA-4CA3-A5BE-533E384106CB}" = protocol=6 | dir=in | app=k:\program files\icq7.1\icq.exe |
"{E85FF20C-0C21-4B00-84C8-B203A70BFBB8}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe |
"{EDF56C24-2CCC-41E9-A79A-94EB1B21BB82}" = protocol=17 | dir=in | app=k:\program files\icq6.5\icq.exe |
"{F586485F-5D13-4E36-91C4-2B77C5C680AB}" = protocol=6 | dir=in | app=k:\program files\microsoft office\office12\onenote.exe |
"{F985BF7B-B395-4007-B850-48B8F42ED511}" = protocol=17 | dir=in | app=k:\program files\icq7.0\aolload.exe |
"{FEAB2B28-8FA7-45EE-9C1B-D8FF00B0903F}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"TCP Query User{23608470-03CE-462D-AA89-F28E4F1EF34C}K:\users\aldik\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=k:\users\aldik\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{2A957CE7-EEAB-4BC7-87ED-EE27637CEED6}K:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=k:\program files\skype\phone\skype.exe |
"TCP Query User{5341B4FA-F00B-479C-88C9-4BD0C9A1ECC1}K:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=k:\program files\java\jre6\bin\java.exe |
"TCP Query User{70937C68-0530-4E90-B9F2-499DB125F73A}K:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=k:\program files\mozilla firefox\firefox.exe |
"TCP Query User{72E9ABFC-7448-424D-9DAC-895505C91A08}K:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=k:\program files\videolan\vlc\vlc.exe |
"TCP Query User{9301B50C-B138-4B97-97C4-918C7A955D4C}K:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=k:\program files\icq6.5\icq.exe |
"TCP Query User{A805B58C-C117-4E1C-A470-53D4D0F949DD}K:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=k:\program files\mozilla firefox\firefox.exe |
"TCP Query User{AE7EB83E-1059-4419-BC51-6EF936398DCF}K:\program files\itv\itv.exe" = protocol=6 | dir=in | app=k:\program files\itv\itv.exe |
"TCP Query User{AF7719F2-3C4D-4074-9688-2ADA9171768E}K:\qip infium jadrispack\infium.exe" = protocol=6 | dir=in | app=k:\qip infium jadrispack\infium.exe |
"TCP Query User{B944D72C-2D18-41A8-A7A5-F09078C687B3}K:\program files\qip infium jadrispack\infium.exe" = protocol=6 | dir=in | app=k:\program files\qip infium jadrispack\infium.exe |
"TCP Query User{C0ED10E3-E55D-4011-919A-77B12F8F44B9}K:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=k:\program files\internet explorer\iexplore.exe |
"TCP Query User{D2927591-A0F6-44DD-86FF-37C3E687AF39}K:\users\aldik\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=k:\users\aldik\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{D2AC9B8E-74B5-4261-8F54-D15CE35A9741}K:\program files\xi\netxfer\nettransport.exe" = protocol=6 | dir=in | app=k:\program files\xi\netxfer\nettransport.exe |
"TCP Query User{D428F10C-BA9F-4F1B-A625-E629DBC2EE00}K:\program files\xi\netxfer\nettransport.exe" = protocol=6 | dir=in | app=k:\program files\xi\netxfer\nettransport.exe |
"TCP Query User{DB085DD0-A697-4EB2-AA72-09B18EBED023}K:\program files\icqlite\icq.exe" = protocol=6 | dir=in | app=k:\program files\icqlite\icq.exe |
"TCP Query User{E51D8EC1-94E8-44B9-978A-6884F7F485CC}K:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=k:\program files\videolan\vlc\vlc.exe |
"TCP Query User{F5489D01-0D27-47D9-A3B9-B66E9F9262B9}K:\program files\itv\itv.exe" = protocol=6 | dir=in | app=k:\program files\itv\itv.exe |
"UDP Query User{0FF52090-3B87-4D75-BD1C-C48CF3BA873F}K:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=k:\program files\icq6.5\icq.exe |
"UDP Query User{35818F91-C8DE-4411-B63F-0C73651FD2F6}K:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=k:\program files\videolan\vlc\vlc.exe |
"UDP Query User{36F846F2-5F8C-4EB1-AE1D-3FC4675F5050}K:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=k:\program files\skype\phone\skype.exe |
"UDP Query User{4821D332-DEF9-43DF-A7CC-97E78B137E5D}K:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=k:\program files\mozilla firefox\firefox.exe |
"UDP Query User{56613400-27CA-4A31-939B-92DC1C73B1A4}K:\program files\itv\itv.exe" = protocol=17 | dir=in | app=k:\program files\itv\itv.exe |
"UDP Query User{60B1F658-4480-4EFC-A1DF-E248967D6E49}K:\program files\qip infium jadrispack\infium.exe" = protocol=17 | dir=in | app=k:\program files\qip infium jadrispack\infium.exe |
"UDP Query User{6B914E54-A9B5-4B2E-BEF9-49CBBFCF53DA}K:\program files\xi\netxfer\nettransport.exe" = protocol=17 | dir=in | app=k:\program files\xi\netxfer\nettransport.exe |
"UDP Query User{71AADE7A-357B-4796-84C4-578BDFE5D692}K:\program files\itv\itv.exe" = protocol=17 | dir=in | app=k:\program files\itv\itv.exe |
"UDP Query User{90791D29-AFD4-4B05-85FE-379E718F9CCF}K:\users\aldik\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=k:\users\aldik\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{B1A9C56B-C62A-4D54-A224-E0DAB399849F}K:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=k:\program files\mozilla firefox\firefox.exe |
"UDP Query User{B8870CEE-1EB4-43CF-B90C-5AE0683F8AA5}K:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=k:\program files\videolan\vlc\vlc.exe |
"UDP Query User{BECDB6EF-50F9-416C-8614-DDAE8B224457}K:\users\aldik\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=k:\users\aldik\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{C5A03DC3-DDBF-416C-A40B-3C9E1A51E954}K:\program files\icqlite\icq.exe" = protocol=17 | dir=in | app=k:\program files\icqlite\icq.exe |
"UDP Query User{CCA02E2A-C8D9-480F-AE0A-98C2A30C24F5}K:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=k:\program files\internet explorer\iexplore.exe |
"UDP Query User{D9A06F10-BC09-4390-AE5D-0F8289AD267F}K:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=k:\program files\java\jre6\bin\java.exe |
"UDP Query User{F2A96B96-91C9-4EBF-9C19-74651A5FEA7D}K:\program files\xi\netxfer\nettransport.exe" = protocol=17 | dir=in | app=k:\program files\xi\netxfer\nettransport.exe |
"UDP Query User{F5DAB4BC-288C-46A3-83A3-29FE3485D619}K:\qip infium jadrispack\infium.exe" = protocol=17 | dir=in | app=k:\qip infium jadrispack\infium.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06C32EA0-4A22-4919-979A-8700715865B8}" = Microsoft LifeCam
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
"{2FD177C0-A752-11DC-8314-0800200C9A66}" = Nástroj pro odesílání služby Windows Live SkyDrive
"{2FDD487C-A777-4BB5-BD23-56BECE1FF099}" = Windows Live Movie Maker
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F62782D-2798-4540-B493-F6472197900E}" = Microsoft Search Enhancement Pack
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81CD6232-10F5-4832-B3DA-1B88B1571029}" = Nero 7 Essentials
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90AF0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A908E57D-71A3-4AE1-9A76-C239521BBED9}" = Microsoft Kalkulačka+
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AIMP2" = AIMP2
"avast5" = avast! Free Antivirus
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"CCleaner" = CCleaner
"DPP" = Canon Utilities Digital Photo Professional 3.4
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"FileZilla Client" = FileZilla Client 3.3.3
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (odstranit)
"IrfanView" = IrfanView (remove only)
"iTV - televizní program_is1" = iTV - televizní program 1.5.481
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MyCamera" = Canon Utilities MyCamera
"NVIDIA Drivers" = NVIDIA Drivers
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoFiltre" = PhotoFiltre
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"rajče.net_is1" = rajče beta50
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"RocketDock_is1" = RocketDock 1.3.5
"stax-Pinnacle_is1" = SureThing Express Labeler
"VLC media player" = VLC media player 1.0.5
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 6.9.2008 10:25:11 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 6.9.2008 10:32:54 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 19.9.2008 16:48:35 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 30.10.2008 12:08:56 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 4.11.2008 14:06:05 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 4.11.2008 14:13:48 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 4.11.2008 14:49:42 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 6.4.2009 4:59:45 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 15.4.2009 7:53:43 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

Error - 12.7.2009 17:12:24 | Computer Name = Computer | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 10.11.2009 15:32:01 | Computer Name = Computer | Source = Application Error | ID = 1000
Description = Chybující aplikace rajce.exe, verze 1.56.134.0, časové razítko 0x4aeee849,
chybující modul FreeImage.dll, verze 3.12.0.0, časové razítko 0x49e4c6d8, kód výjimky
0xc0000005, posun chyby 0x0000118a, ID procesu 0x1684, čas spuštění aplikace 0x01ca623b0f263713.

Error - 14.11.2009 8:26:53 | Computer Name = Computer | Source = Google Update | ID = 20
Description =

Error - 14.11.2009 8:27:19 | Computer Name = Computer | Source = Google Update | ID = 20
Description =

Error - 1.12.2009 14:48:30 | Computer Name = Computer | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 7.12.2009 20:22:23 | Computer Name = Computer | Source = Application Hang | ID = 1002
Description = Program sidebar.exe verze 6.0.6000.16615 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: d54 Čas zahájení: 01ca7736f096f8b5 Čas ukončení: 0

Error - 7.12.2009 20:23:35 | Computer Name = Computer | Source = Application Hang | ID = 1002
Description = Program sidebar.exe verze 6.0.6000.16615 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: 878 Čas zahájení: 01ca7736e128fd65 Čas ukončení: 0

Error - 7.12.2009 20:29:55 | Computer Name = Computer | Source = Application Error | ID = 1000
Description = Chybující aplikace msnmsgr.exe, verze 14.0.8089.726, časové razítko
0x4a6ce533, chybující modul ntdll.dll, verze 6.0.6000.16386, časové razítko 0x4549bdc9,
kód výjimky 0xc0000374, posun chyby 0x000af1c9, ID procesu 0xcd0, čas spuštění aplikace
0x01ca773848d9d4b5.

Error - 9.12.2009 9:57:03 | Computer Name = Computer | Source = VSS | ID = 8194
Description =

Error - 9.12.2009 10:03:06 | Computer Name = Computer | Source = Application Error | ID = 1000
Description = Chybující aplikace AT.EXE, verze 1.0.0.0, časové razítko 0x3e9bfb01,
chybující modul AT.EXE, verze 1.0.0.0, časové razítko 0x3e9bfb01, kód výjimky 0xc0000005,
posun chyby 0x00238c4f, ID procesu 0x1734, čas spuštění aplikace 0x01ca78d848e22c42.

Error - 9.12.2009 10:05:19 | Computer Name = Computer | Source = VSS | ID = 8194
Description =

[ Media Center Events ]
Error - 16.4.2008 4:14:59 | Computer Name = Computer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: Stahování balíčku MCESpotlight
se nezdařilo.

[ System Events ]
Error - 10.6.2010 19:44:19 | Computer Name = Computer | Source = Service Control Manager | ID = 7016
Description =

Error - 11.6.2010 6:19:48 | Computer Name = Computer | Source = Service Control Manager | ID = 7000
Description =

Error - 12.6.2010 7:36:05 | Computer Name = Computer | Source = Service Control Manager | ID = 7000
Description =

Error - 12.6.2010 20:50:35 | Computer Name = Computer | Source = Service Control Manager | ID = 7016
Description =

Error - 13.6.2010 7:50:05 | Computer Name = Computer | Source = Service Control Manager | ID = 7000
Description =

Error - 14.6.2010 7:59:07 | Computer Name = Computer | Source = Service Control Manager | ID = 7000
Description =

Error - 15.6.2010 7:35:02 | Computer Name = Computer | Source = Service Control Manager | ID = 7000
Description =

Error - 15.6.2010 20:43:21 | Computer Name = Computer | Source = Service Control Manager | ID = 7016
Description =

Error - 16.6.2010 7:39:09 | Computer Name = Computer | Source = volsnap | ID = 393245
Description = Stínové kopie svazku K: byly přerušeny během rozpoznávání.

Error - 16.6.2010 7:39:56 | Computer Name = Computer | Source = Service Control Manager | ID = 7000
Description =

< End of report >

#8 Příspěvek od **vyosek** » 16 čer 2010 17:51

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Disabled | Stopped] -- -- (Plánovač automatické aktualizace LiveUpdate)
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.yahoo.com/?fr=avantsearch
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=8.8.8.8:80
IE - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://K:/Users/Aldik/AppData/Local/Goo ... 5260214901
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab  (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O18 - Protocol\Handler\cf - No CLSID value found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-2260108842-412208790-3957146249-1000\...exe [@ = exefile] -- Reg Error: Key error. File not foun
[8 K:\Windows\System32\*.tmp files -> K:\Windows\System32\*.tmp ->  ]
[1 K:\Windows\System32\drivers\*.tmp files -> K:\Windows\System32\drivers\*.tmp -> ]
@Alternate Data Stream - 106 bytes -> K:\ProgramData\TEMP:DFC5A2B2
[2010.06.16 17:39:31 | 000,003,696 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.16 17:39:31 | 000,003,696 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
K:\Users\Aldik\AppData\Roaming\Microsoft\IM-HM\im-hm-uninst.exe

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

aldik · #9 Příspěvek od **aldik** » 17 čer 2010 01:38

All processes killed
========== OTL ==========
Service Plánovač automatické aktualizace LiveUpdate stopped successfully!
Service Plánovač automatické aktualizace LiveUpdate deleted successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKU\S-1-5-21-2260108842-412208790-3957146249-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKU\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE7C3CF0-4B15-11D1-ABED-709549C10000}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
K:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
K:\Windows\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\cf\ deleted successfully.
File Protocol\Handler\cf - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry key HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000_Classes\.exe\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-2260108842-412208790-3957146249-1000_Classes\exefile\ not found.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
K:\Windows\System32\asw5512.tmp deleted successfully.
K:\Windows\System32\asw893B.tmp deleted successfully.
K:\Windows\System32\asw925C.tmp deleted successfully.
K:\Windows\System32\aswD346.tmp deleted successfully.
K:\Windows\System32\ava5513.tmp deleted successfully.
K:\Windows\System32\ava895B.tmp deleted successfully.
K:\Windows\System32\ava950C.tmp deleted successfully.
K:\Windows\System32\avaD356.tmp deleted successfully.
K:\Windows\System32\drivers\~GLH0014.TMP deleted successfully.
ADS K:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
File move failed. K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt3.tmp moved successfully.
C:\WINDOWS\Temp\gd1.tmp moved successfully.
K:\Users\Aldik\AppData\Roaming\Microsoft\IM-HM\im-hm-uninst.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Aldik
->Temp folder emptied: 430827367 bytes
->Temporary Internet Files folder emptied: 67393066 bytes
->Java cache emptied: 72199938 bytes
->FireFox cache emptied: 35579126 bytes
->Google Chrome cache emptied: 11081211 bytes
->Apple Safari cache emptied: 9793720 bytes
->Flash cache emptied: 76284 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 43928 bytes
->Flash cache emptied: 41704 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42488936 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 639,00 mb

[EMPTYFLASH]

User: Aldik
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.6.0 log created on 06172010_022856

Files\Folders moved on Reboot...
File move failed. K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 scheduled to be moved on reboot.
File move failed. K:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#10 Příspěvek od **vyosek** » 17 čer 2010 07:23

Dobre rano,

jak se chova PC

aldik · #11 Příspěvek od **aldik** » 17 čer 2010 13:16

vyosek píše:Dobre rano,

jak se chova PC

chová se tak, že mi Vista vyskočila s hláškou že byla provedena neautorizovaná změna a chce to po mě znovu zadat kod Product key, ten mi ovšem nechce vzít (ale je možné že ho jen opisuju špatně, přepisovat ty malé písmenka kde si vzadu z bedny se dost dobře nedá) .. a online aktivace taky selže

... žádný jiný problém sem nezaznamenal...

#12 Příspěvek od **vyosek** » 17 čer 2010 13:20

Nevidim tam nic ze bychom neco odpraskli

Zkuste ten Product key opravdu svedomite opsat a zadat, pokud nepomuze, restartujte PC, mackejte F8 a zvolte Posledni znama funkcni konfigurace.

aldik · #13 Příspěvek od **aldik** » 18 čer 2010 06:21

sry, že píšu tak pozdě od poslední odpovědi, ale v průběhu používání PC nerad restartuji když to není nutnéé

pfff, restart nepomohl, furt to chce aktivaci a ProductKey to zase nevzalo a ted sem opisoval pomalu a s kontrolou

.. eště teda zkusím při dalším restartu F8

#14 Příspěvek od **vyosek** » 18 čer 2010 06:29

V poradku, zkuste obnovu k datu kdy fungoval korektne - pri restartu mackat F8 a pak zvolit posledni znamou konfiguraci - tohle by melo zabrat...

aldik · #15 Příspěvek od **aldik** » 19 čer 2010 15:52

vyosek píše:V poradku, zkuste obnovu k datu kdy fungoval korektne - pri restartu mackat F8 a pak zvolit posledni znamou konfiguraci - tohle by melo zabrat...

F8 a poslední známá funkční konfigurace nezabrala.. furt to chce aktivaci... a klíč to nebere..

VIRY.CZ

preventivka :-)

preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)

Re: preventivka :-)