1/
All processes killed
========== OTL ==========
Process explorer.exe killed successfully!
No active process named firefox.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002179_.tmp moved successfully.
C:\WINDOWS\002540_.tmp moved successfully.
C:\WINDOWS\SET1C.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET31.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SecTaskMan folder moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Blue Spirit
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 604760 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1025 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 89082 bytes
Total Files Cleaned = 1,00 mb
OTL by OldTimer - Version 3.1.36.0 log created on 03102010_202427
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Prosím o kontrolu - 2 šmejdi Vyřešeno
-
guest
- Pohlaví:
Re: Prosím o kontrolu - 2 šmejdi
2/
OTL logfile created on: 10.3.2010 20:29:13 - Run 2
OTL by OldTimer - Version 3.1.36.0 Folder = C:\Documents and Settings\Blue Spirit\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,00 Mb Total Physical Memory | 266,00 Mb Available Physical Memory | 52,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 760 766 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 88,74 Gb Free Space | 90,87% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 34,00 Gb Free Space | 34,81% Space Free | Partition Type: NTFS
Drive E: | 37,57 Gb Total Space | 18,49 Gb Free Space | 49,21% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SHARP-9PKS1MO9G
Current User Name: Blue Spirit
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\IObit\IObit Security 360\is360tray.exe (IObit)
PRC - C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Program Files\Timer Wizard\Timer Wizard.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\IObit\IObit Security 360\is360mon.dll (IObit)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (OOD2000) -- C:\WINDOWS\System32\OOD2000.exe (O&O Software GmbH)
========== Driver Services (SafeList) ==========
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (BootScreen) -- C:\WINDOWS\System32\drivers\vidstub.sys ()
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys ()
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (tv2ktunr) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys (Leadtek Research Inc.)
DRV - (Tv2kXbar) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys (Leadtek Research Inc.)
DRV - (BT848) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys (Leadtek Research Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.03.10 15:29:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010.03.10 18:10:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [BootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Timer Wizard.lnk = C:\Program Files\Timer Wizard\Timer Wizard.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.01.02 18:56:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002.01.02 18:56:09 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (63898212737482752)
========== Files/Folders - Created Within 30 Days ==========
[2010.03.10 20:24:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.03.10 19:57:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.03.10 19:34:22 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe
[2010.03.10 16:53:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.03.10 16:53:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.03.10 16:53:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.03.10 16:53:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.03.10 16:52:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.03.10 16:39:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.03.10 15:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.03.10 15:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.03.09 10:13:32 | 000,095,872 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010.03.09 10:13:00 | 000,114,984 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010.03.09 10:11:22 | 000,139,192 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.03.06 11:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2010.03.06 11:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2010.03.02 14:02:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Blue Spirit\Recent
[2009.03.09 13:52:34 | 000,262,144 | ---- | C] (ZoneAlarm) -- C:\Program Files\Uninstall Spy Blocker.dll
[2009.02.03 21:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2009.02.01 14:05:54 | 000,246,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNICOWS.DLL
[2009.02.01 14:05:50 | 000,155,648 | ---- | C] (POLAR) -- C:\Program Files\AutoCorrectDLL.DLL
[2009.02.01 14:05:49 | 000,212,992 | ---- | C] (Polar) -- C:\Program Files\POLSPELL.DLL
[2009.02.01 14:05:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ATL.DLL
[2009.02.01 14:05:36 | 000,174,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\RICHED32.DLL
[2009.02.01 14:05:36 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WRITE32.WPC
[2009.02.01 14:05:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MSWD6_32.WPC
[2009.02.01 14:05:31 | 000,244,736 | ---- | C] (Sequiter Software Inc.) -- C:\Program Files\C4DLL320.DLL
[2009.02.01 14:05:01 | 001,009,152 | ---- | C] (Langsoft & METEOR Software) -- C:\Program Files\WTRAN32.EXE
[2009.01.15 08:19:00 | 003,734,272 | ---- | C] (NVIDIA Corporation ) -- C:\Program Files\PDsetup.exe
[2009.01.15 08:19:00 | 000,535,552 | ---- | C] (Macrovision Corporation) -- C:\Program Files\ISSetup.dll
[2009.01.15 08:19:00 | 000,453,152 | ---- | C] (NVIDIA Corporation) -- C:\Program Files\nvudisp.exe
[2009.01.15 08:19:00 | 000,148,416 | ---- | C] (Macrovision Corporation) -- C:\Program Files\_setup.dll
[2002.01.02 19:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2002.01.02 19:00:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2002.01.02 19:00:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2002.01.02 19:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
========== Files - Modified Within 30 Days ==========
[2010.03.10 20:25:56 | 000,200,828 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.03.10 20:25:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.10 20:25:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.10 20:25:04 | 008,388,608 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\NTUSER.DAT
[2010.03.10 19:34:32 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe
[2010.03.10 19:00:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.10 18:10:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.03.10 18:09:05 | 005,891,196 | -H-- | M] () -- C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\IconCache.db
[2010.03.10 16:38:36 | 003,885,368 | R--- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\ComboFix.exe
[2010.03.09 16:21:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.09 10:13:32 | 000,095,872 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010.03.09 10:13:00 | 000,114,984 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010.03.09 10:11:22 | 000,139,192 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.03.05 19:13:59 | 000,001,232 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\default.pls
[2010.03.05 19:13:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.05 12:02:21 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\IObit Security 360.lnk
[2010.03.02 12:01:18 | 000,000,444 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - PhotoFunia.lnk
[2010.02.23 13:28:10 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Microsoft Office Word 2003.lnk
[2010.02.18 18:55:53 | 000,002,436 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Dokumenty\cc_20100218_185549.reg
[2010.02.16 09:04:50 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - HJTInstall.lnk
[2010.02.14 09:40:52 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Dr.Web.lnk
[2010.02.10 20:28:21 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\CCleaner.lnk
========== Files Created - No Company Name ==========
[2010.03.10 16:53:03 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.03.10 16:53:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.03.10 16:53:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.03.10 16:53:03 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.03.10 16:53:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.03.10 16:37:40 | 003,885,368 | R--- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\ComboFix.exe
[2010.03.05 12:02:21 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\IObit Security 360.lnk
[2010.03.02 12:01:18 | 000,000,444 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - PhotoFunia.lnk
[2010.02.18 18:55:52 | 000,002,436 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Dokumenty\cc_20100218_185549.reg
[2010.02.16 09:04:50 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - HJTInstall.lnk
[2010.02.14 09:40:52 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\Dr.Web.lnk
[2009.07.13 14:54:16 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009.06.12 15:33:29 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.04.24 11:48:31 | 000,000,244 | ---- | C] () -- C:\Program Files\Custom.ini
[2009.04.24 11:48:31 | 000,000,187 | ---- | C] () -- C:\Program Files\info.ini
[2009.04.06 12:15:19 | 000,009,216 | -HS- | C] () -- C:\Program Files\Thumbs.db
[2009.03.05 13:30:07 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.02.11 08:02:50 | 000,001,564 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.02.09 19:05:59 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2009.02.08 17:32:48 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.07 12:20:32 | 000,000,239 | ---- | C] () -- C:\Program Files\Powerdvd.sim
[2009.02.07 12:20:32 | 000,000,183 | ---- | C] () -- C:\Program Files\CLAud.sim
[2009.02.07 12:20:30 | 000,344,923 | ---- | C] () -- C:\Program Files\ikernel.ex_
[2009.02.07 12:19:51 | 000,000,119 | ---- | C] () -- C:\Program Files\iPower.txt
[2009.02.07 12:19:51 | 000,000,030 | ---- | C] () -- C:\Program Files\Serial.txt
[2009.02.02 12:56:53 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\ood2kmsg.dll
[2009.02.02 12:56:51 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\OODCSPRO.dll
[2009.02.02 12:02:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.01 21:08:29 | 000,163,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009.02.01 15:55:20 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.01 14:07:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2009.02.01 14:07:38 | 003,465,911 | ---- | C] () -- C:\Program Files\pronan.dbf
[2009.02.01 14:07:38 | 000,923,648 | ---- | C] () -- C:\Program Files\pronan.cdx
[2009.02.01 14:07:38 | 000,001,514 | ---- | C] () -- C:\Program Files\SPCS.CET
[2009.02.01 14:07:38 | 000,001,262 | ---- | C] () -- C:\Program Files\RUCS.CET
[2009.02.01 14:07:38 | 000,000,682 | ---- | C] () -- C:\Program Files\SLOZENI.DTA
[2009.02.01 14:07:37 | 000,884,706 | ---- | C] () -- C:\Program Files\PRONAN.DAT
[2009.02.01 14:07:37 | 000,618,496 | ---- | C] () -- C:\Program Files\NAME.CDX
[2009.02.01 14:07:37 | 000,472,062 | ---- | C] () -- C:\Program Files\NAME.DBF
[2009.02.01 14:07:37 | 000,001,358 | ---- | C] () -- C:\Program Files\GRCS.CET
[2009.02.01 14:07:37 | 000,001,286 | ---- | C] () -- C:\Program Files\FRCS.CET
[2009.02.01 14:07:37 | 000,001,253 | ---- | C] () -- C:\Program Files\ITCS.CET
[2009.02.01 14:07:36 | 000,719,568 | ---- | C] () -- C:\Program Files\CZL4.DBF
[2009.02.01 14:07:36 | 000,696,320 | ---- | C] () -- C:\Program Files\CZL4.CDX
[2009.02.01 14:07:35 | 001,678,504 | ---- | C] () -- C:\Program Files\CZCS.DIC
[2009.02.01 14:07:35 | 000,112,851 | ---- | C] () -- C:\Program Files\CORRECT.CS0
[2009.02.01 14:07:35 | 000,021,606 | ---- | C] () -- C:\Program Files\CORRECT.CZA
[2009.02.01 14:07:35 | 000,021,496 | ---- | C] () -- C:\Program Files\CORRECT.CZN
[2009.02.01 14:07:35 | 000,018,859 | ---- | C] () -- C:\Program Files\CORRECT.CS
[2009.02.01 14:07:35 | 000,007,113 | ---- | C] () -- C:\Program Files\CORRECT.PJS
[2009.02.01 14:07:35 | 000,005,881 | ---- | C] () -- C:\Program Files\CORRECTF.AN
[2009.02.01 14:07:35 | 000,004,547 | ---- | C] () -- C:\Program Files\CORRECT.AN
[2009.02.01 14:07:35 | 000,002,787 | ---- | C] () -- C:\Program Files\CORRECT.AN0
[2009.02.01 14:07:35 | 000,001,052 | ---- | C] () -- C:\Program Files\CORRECTX.AN
[2009.02.01 14:07:34 | 004,136,609 | ---- | C] () -- C:\Program Files\COR4AN.DBF
[2009.02.01 14:07:32 | 004,160,512 | ---- | C] () -- C:\Program Files\COR4AN.CDX
[2009.02.01 14:07:32 | 001,030,343 | ---- | C] () -- C:\Program Files\ANCS.DIC
[2009.02.01 14:07:32 | 000,001,170 | ---- | C] () -- C:\Program Files\ANCS.CET
[2009.02.01 14:07:31 | 001,381,236 | ---- | C] () -- C:\Program Files\CSAN.TCX
[2009.02.01 14:07:28 | 009,759,612 | ---- | C] () -- C:\Program Files\ANCS.TCX
[2009.02.01 14:07:28 | 000,013,022 | ---- | C] () -- C:\Program Files\ANCS.GRM
[2009.02.01 14:07:26 | 006,169,600 | ---- | C] () -- C:\Program Files\CSAN.CDX
[2009.02.01 14:07:24 | 005,924,352 | ---- | C] () -- C:\Program Files\ANCS.CDX
[2009.02.01 14:07:23 | 001,703,563 | ---- | C] () -- C:\Program Files\ANCS2.DBF
[2009.02.01 14:07:12 | 039,798,371 | ---- | C] () -- C:\Program Files\ANCS.DBF
[2009.02.01 14:06:29 | 011,265,369 | ---- | C] () -- C:\Program Files\A4.CMP
[2009.02.01 14:06:25 | 015,636,753 | ---- | C] () -- C:\Program Files\A3.CMP
[2009.02.01 14:06:21 | 015,319,767 | ---- | C] () -- C:\Program Files\A2.CMP
[2009.02.01 14:06:16 | 017,604,649 | ---- | C] () -- C:\Program Files\A1.CMP
[2009.02.01 14:06:12 | 017,179,235 | ---- | C] () -- C:\Program Files\A0.CMP
[2009.02.01 14:06:11 | 000,365,568 | ---- | C] () -- C:\Program Files\READERA.CDX
[2009.02.01 14:06:10 | 001,912,405 | ---- | C] () -- C:\Program Files\READERA.DBF
[2009.02.01 14:06:00 | 000,105,456 | ---- | C] () -- C:\Program Files\APPENDO.DTN
[2009.02.01 14:05:59 | 000,343,689 | ---- | C] () -- C:\Program Files\APPEND.DTN
[2009.02.01 14:05:59 | 000,000,226 | ---- | C] () -- C:\Program Files\MAILTRAN.CFG
[2009.02.01 14:05:58 | 000,032,109 | ---- | C] () -- C:\Program Files\APPEND.DTA
[2009.02.01 14:05:58 | 000,010,401 | ---- | C] () -- C:\Program Files\APPENDO.DTA
[2009.02.01 14:05:58 | 000,001,224 | ---- | C] () -- C:\Program Files\TRNCOM.CFG
[2009.02.01 14:05:54 | 000,000,226 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2009.02.01 14:05:53 | 000,011,362 | ---- | C] () -- C:\Program Files\MAILTRAN.HLP
[2009.02.01 14:05:50 | 000,198,656 | ---- | C] () -- C:\Program Files\MAILTRAN.EXE
[2009.02.01 14:05:50 | 000,001,224 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.02.01 14:05:49 | 000,375,774 | ---- | C] () -- C:\Program Files\TRNIKONY.BMP
[2009.02.01 14:05:49 | 000,375,774 | ---- | C] () -- C:\Program Files\SETUPWEB.BMP
[2009.02.01 14:05:48 | 000,360,448 | ---- | C] () -- C:\Program Files\WEBIE.DL_
[2009.02.01 14:05:48 | 000,098,304 | ---- | C] () -- C:\Program Files\REG.EXE
[2009.02.01 14:05:47 | 001,683,456 | ---- | C] () -- C:\Program Files\TRNCOM.DL_
[2009.02.01 14:05:45 | 000,000,877 | ---- | C] () -- C:\Program Files\SETUPWEB.IST
[2009.02.01 14:05:43 | 000,162,816 | ---- | C] () -- C:\Program Files\SETUPWEB.EXE
[2009.02.01 14:05:42 | 000,000,614 | ---- | C] () -- C:\Program Files\TRNIKONY.IST
[2009.02.01 14:05:40 | 000,162,816 | ---- | C] () -- C:\Program Files\TRNIKONY.EXE
[2009.02.01 14:05:39 | 000,499,878 | ---- | C] () -- C:\Program Files\WINTRAN.DCZ
[2009.02.01 14:05:29 | 000,001,831 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2009.02.01 14:05:28 | 000,018,653 | ---- | C] () -- C:\Program Files\WDICT32.HLP
[2009.02.01 14:05:28 | 000,015,178 | ---- | C] () -- C:\Program Files\WTRDCTM.HLP
[2009.02.01 14:05:28 | 000,004,233 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.02.01 14:05:27 | 000,051,010 | ---- | C] () -- C:\Program Files\WTRAN32.HLP
[2009.02.01 14:05:17 | 000,737,280 | ---- | C] () -- C:\Program Files\WDICT32.EXE
[2009.02.01 14:05:11 | 000,189,440 | ---- | C] () -- C:\Program Files\WTRDCTM.EXE
[2009.02.01 14:05:00 | 000,004,193 | ---- | C] () -- C:\Program Files\WTRAN32.CFG
[2009.02.01 14:05:00 | 000,001,777 | ---- | C] () -- C:\Program Files\WDICT32.CFG
[2009.01.20 03:12:58 | 000,032,539 | ---- | C] () -- C:\Program Files\nv4_disp.cat
[2009.01.15 08:19:00 | 007,914,489 | ---- | C] () -- C:\Program Files\data2.cab
[2009.01.15 08:19:00 | 007,789,504 | ---- | C] () -- C:\Program Files\NvCpl.dl_
[2009.01.15 08:19:00 | 004,408,971 | ---- | C] () -- C:\Program Files\nvoglnt.dl_
[2009.01.15 08:19:00 | 003,605,504 | ---- | C] () -- C:\Program Files\nvDispS.dl_
[2009.01.15 08:19:00 | 003,595,361 | ---- | C] () -- C:\Program Files\nv4_disp.dl_
[2009.01.15 08:19:00 | 003,391,581 | ---- | C] () -- C:\Program Files\nv4_mini.sy_
[2009.01.15 08:19:00 | 003,155,912 | ---- | C] () -- C:\Program Files\nvViTvS.dl_
[2009.01.15 08:19:00 | 002,195,673 | ---- | C] () -- C:\Program Files\nvGameS.dl_
[2009.01.15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.15 08:19:00 | 001,628,583 | ---- | C] () -- C:\Program Files\nvwss.dl_
[2009.01.15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.15 08:19:00 | 001,078,849 | ---- | C] () -- C:\Program Files\data1.cab
[2009.01.15 08:19:00 | 000,986,076 | ---- | C] () -- C:\Program Files\nvcuda.dl_
[2009.01.15 08:19:00 | 000,886,767 | ---- | C] () -- C:\Program Files\nvwdmcpl.dl_
[2009.01.15 08:19:00 | 000,696,530 | ---- | C] () -- C:\Program Files\nvMoblS.dl_
[2009.01.15 08:19:00 | 000,682,988 | ---- | C] () -- C:\Program Files\nwiz.ex_
[2009.01.15 08:19:00 | 000,677,695 | ---- | C] () -- C:\Program Files\nview.dl_
[2009.01.15 08:19:00 | 000,559,919 | ---- | C] () -- C:\Program Files\NvPVEnc.ax_
[2009.01.15 08:19:00 | 000,474,242 | ---- | C] () -- C:\Program Files\nvdspsch.ex_
[2009.01.15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.01.15 08:19:00 | 000,435,004 | ---- | C] () -- C:\Program Files\nvcplui.ex_
[2009.01.15 08:19:00 | 000,354,919 | ---- | C] () -- C:\Program Files\nvwimg.dl_
[2009.01.15 08:19:00 | 000,308,110 | ---- | C] () -- C:\Program Files\nvapi.dl_
[2009.01.15 08:19:00 | 000,306,712 | ---- | C] () -- C:\Program Files\setup.inx
[2009.01.15 08:19:00 | 000,228,812 | ---- | C] () -- C:\Program Files\keystone.ex_
[2009.01.15 08:19:00 | 000,210,986 | ---- | C] () -- C:\Program Files\nvappbar.ex_
[2009.01.15 08:19:00 | 000,202,444 | ---- | C] () -- C:\Program Files\nvshell.dl_
[2009.01.15 08:19:00 | 000,187,817 | ---- | C] () -- C:\Program Files\nvdsp.chm
[2009.01.15 08:19:00 | 000,176,756 | ---- | C] () -- C:\Program Files\setup.bmp
[2009.01.15 08:19:00 | 000,164,070 | ---- | C] () -- C:\Program Files\nvmccs.dl_
[2009.01.15 08:19:00 | 000,155,983 | ---- | C] () -- C:\Program Files\nvnt4cpl.dl_
[2009.01.15 08:19:00 | 000,154,402 | ---- | C] () -- C:\Program Files\NVCPL.HL_
[2009.01.15 08:19:00 | 000,123,842 | ---- | C] () -- C:\Program Files\nv3d.chm
[2009.01.15 08:19:00 | 000,123,643 | ---- | C] () -- C:\Program Files\nvcpl.chm
[2009.01.15 08:19:00 | 000,117,527 | ---- | C] () -- C:\Program Files\nvcpl.cp_
[2009.01.15 08:19:00 | 000,105,012 | ---- | C] () -- C:\Program Files\nvMccsS.dl_
[2009.01.15 08:19:00 | 000,090,908 | ---- | C] () -- C:\Program Files\nvsvc32.ex_
[2009.01.15 08:19:00 | 000,086,869 | ---- | C] () -- C:\Program Files\NvColor.ex_
[2009.01.15 08:19:00 | 000,080,771 | ---- | C] () -- C:\Program Files\NVEPClnt.ex_
[2009.01.15 08:19:00 | 000,076,009 | ---- | C] () -- C:\Program Files\setup.isn
[2009.01.15 08:19:00 | 000,075,057 | ---- | C] () -- C:\Program Files\nv4_disp.inf
[2009.01.15 08:19:00 | 000,073,826 | ---- | C] () -- C:\Program Files\nvcod.dl_
[2009.01.15 08:19:00 | 000,058,584 | ---- | C] () -- C:\Program Files\modes.txt
[2009.01.15 08:19:00 | 000,054,988 | ---- | C] () -- C:\Program Files\nvmob.chm
[2009.01.15 08:19:00 | 000,048,497 | ---- | C] () -- C:\Program Files\nvwddi.dl_
[2009.01.15 08:19:00 | 000,045,119 | ---- | C] () -- C:\Program Files\NvMCTray.dl_
[2009.01.15 08:19:00 | 000,044,516 | ---- | C] () -- C:\Program Files\NvApps.xm_
[2009.01.15 08:19:00 | 000,040,057 | ---- | C] () -- C:\Program Files\nvtuicpl.cp_
[2009.01.15 08:19:00 | 000,037,359 | ---- | C] () -- C:\Program Files\nvwcplen.hl_
[2009.01.15 08:19:00 | 000,023,543 | ---- | C] () -- C:\Program Files\data1.hdr
[2009.01.15 08:19:00 | 000,018,725 | ---- | C] () -- C:\Program Files\nvdisp.nvu
[2009.01.15 08:19:00 | 000,010,222 | ---- | C] () -- C:\Program Files\default.tv_
[2009.01.15 08:19:00 | 000,009,088 | ---- | C] () -- C:\Program Files\nvmccsrs.dl_
[2009.01.15 08:19:00 | 000,008,322 | ---- | C] () -- C:\Program Files\NvwsApps.xm_
[2009.01.15 08:19:00 | 000,006,144 | ---- | C] () -- C:\Program Files\Finance.tv_
[2009.01.15 08:19:00 | 000,006,101 | ---- | C] () -- C:\Program Files\Advanced.tv_
[2009.01.15 08:19:00 | 000,005,857 | ---- | C] () -- C:\Program Files\DCC.tv_
[2009.01.15 08:19:00 | 000,005,661 | ---- | C] () -- C:\Program Files\CAD.tv_
[2009.01.15 08:19:00 | 000,003,593 | ---- | C] () -- C:\Program Files\Readme.txt
[2009.01.15 08:19:00 | 000,000,431 | ---- | C] () -- C:\Program Files\setup.iss
[2009.01.15 08:19:00 | 000,000,417 | ---- | C] () -- C:\Program Files\layout.bin
[2009.01.15 08:19:00 | 000,000,095 | ---- | C] () -- C:\Program Files\setup.ini
[2008.12.10 23:13:50 | 036,075,288 | ---- | C] () -- C:\Program Files\PhysX_9.09.0010_SystemSoftware.exe
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.01.02 19:26:23 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2002.01.02 19:25:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2002.01.02 19:07:25 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 19:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.20 19:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 19:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: VIAMRAID.SYS >
[2006.11.08 14:25:24 | 000,116,688 | R--- | M] (VIA Technologies inc,.ltd) MD5=68B41DFA083C2734340BA254532700F3 -- C:\Instalovaný software\VIA4in1_MB\VIA\drvdisk\i386\NT4\viamraid.sys
[2006.11.08 14:25:24 | 000,116,688 | R--- | M] (VIA Technologies inc,.ltd) MD5=68B41DFA083C2734340BA254532700F3 -- C:\Instalovaný software\VIA4in1_MB\VIA\VIARaid\DRIVER\Raid\winnt40\viamraid.sys
[2006.11.08 14:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Instalovaný software\VIA4in1_MB\VIA\drvdisk\i386\NT5\viamraid.sys
[2006.11.08 14:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Instalovaný software\VIA4in1_MB\VIA\VIARaid\DRIVER\Raid\winxp\viamraid.sys
< %systemroot%\*. /mp /s >
< End of report >
OTL logfile created on: 10.3.2010 20:29:13 - Run 2
OTL by OldTimer - Version 3.1.36.0 Folder = C:\Documents and Settings\Blue Spirit\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,00 Mb Total Physical Memory | 266,00 Mb Available Physical Memory | 52,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 760 766 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 88,74 Gb Free Space | 90,87% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 34,00 Gb Free Space | 34,81% Space Free | Partition Type: NTFS
Drive E: | 37,57 Gb Total Space | 18,49 Gb Free Space | 49,21% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SHARP-9PKS1MO9G
Current User Name: Blue Spirit
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\Program Files\IObit\IObit Security 360\is360tray.exe (IObit)
PRC - C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Program Files\Timer Wizard\Timer Wizard.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
========== Modules (SafeList) ==========
MOD - C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\IObit\IObit Security 360\is360mon.dll (IObit)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (OOD2000) -- C:\WINDOWS\System32\OOD2000.exe (O&O Software GmbH)
========== Driver Services (SafeList) ==========
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (BootScreen) -- C:\WINDOWS\System32\drivers\vidstub.sys ()
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (WFIOCTL) -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys ()
DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\ASPI32.SYS (Adaptec)
DRV - (tv2ktunr) -- C:\WINDOWS\system32\drivers\wf2ktunr.sys (Leadtek Research Inc.)
DRV - (Tv2kXbar) -- C:\WINDOWS\system32\drivers\wf2kXbar.sys (Leadtek Research Inc.)
DRV - (BT848) -- C:\WINDOWS\system32\drivers\wf2kvcap.sys (Leadtek Research Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.03.10 15:29:26 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2010.03.10 18:10:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O4 - HKLM..\Run: [BootSkin Startup Jobs] C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Timer Wizard.lnk = C:\Program Files\Timer Wizard\Timer Wizard.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.01.02 18:56:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2002.01.02 18:56:09 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (63898212737482752)
========== Files/Folders - Created Within 30 Days ==========
[2010.03.10 20:24:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.03.10 19:57:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.03.10 19:34:22 | 000,554,496 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe
[2010.03.10 16:53:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.03.10 16:53:03 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.03.10 16:53:03 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.03.10 16:53:03 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.03.10 16:52:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.03.10 16:39:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.03.10 15:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.03.10 15:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.03.09 10:13:32 | 000,095,872 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010.03.09 10:13:00 | 000,114,984 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010.03.09 10:11:22 | 000,139,192 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.03.06 11:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2010.03.06 11:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2010.03.02 14:02:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Blue Spirit\Recent
[2009.03.09 13:52:34 | 000,262,144 | ---- | C] (ZoneAlarm) -- C:\Program Files\Uninstall Spy Blocker.dll
[2009.02.03 21:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2009.02.01 14:05:54 | 000,246,424 | ---- | C] (Microsoft Corporation) -- C:\Program Files\UNICOWS.DLL
[2009.02.01 14:05:50 | 000,155,648 | ---- | C] (POLAR) -- C:\Program Files\AutoCorrectDLL.DLL
[2009.02.01 14:05:49 | 000,212,992 | ---- | C] (Polar) -- C:\Program Files\POLSPELL.DLL
[2009.02.01 14:05:46 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Program Files\ATL.DLL
[2009.02.01 14:05:36 | 000,174,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\RICHED32.DLL
[2009.02.01 14:05:36 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WRITE32.WPC
[2009.02.01 14:05:35 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MSWD6_32.WPC
[2009.02.01 14:05:31 | 000,244,736 | ---- | C] (Sequiter Software Inc.) -- C:\Program Files\C4DLL320.DLL
[2009.02.01 14:05:01 | 001,009,152 | ---- | C] (Langsoft & METEOR Software) -- C:\Program Files\WTRAN32.EXE
[2009.01.15 08:19:00 | 003,734,272 | ---- | C] (NVIDIA Corporation ) -- C:\Program Files\PDsetup.exe
[2009.01.15 08:19:00 | 000,535,552 | ---- | C] (Macrovision Corporation) -- C:\Program Files\ISSetup.dll
[2009.01.15 08:19:00 | 000,453,152 | ---- | C] (NVIDIA Corporation) -- C:\Program Files\nvudisp.exe
[2009.01.15 08:19:00 | 000,148,416 | ---- | C] (Macrovision Corporation) -- C:\Program Files\_setup.dll
[2002.01.02 19:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2002.01.02 19:00:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2002.01.02 19:00:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2002.01.02 19:00:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
========== Files - Modified Within 30 Days ==========
[2010.03.10 20:25:56 | 000,200,828 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.03.10 20:25:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.03.10 20:25:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.03.10 20:25:04 | 008,388,608 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\NTUSER.DAT
[2010.03.10 19:34:32 | 000,554,496 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Blue Spirit\Plocha\OTL.exe
[2010.03.10 19:00:05 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.10 18:10:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.03.10 18:09:05 | 005,891,196 | -H-- | M] () -- C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\IconCache.db
[2010.03.10 16:38:36 | 003,885,368 | R--- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\ComboFix.exe
[2010.03.09 16:21:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.03.09 10:13:32 | 000,095,872 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010.03.09 10:13:00 | 000,114,984 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010.03.09 10:11:22 | 000,139,192 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010.03.05 19:13:59 | 000,001,232 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\default.pls
[2010.03.05 19:13:58 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.05 12:02:21 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\IObit Security 360.lnk
[2010.03.02 12:01:18 | 000,000,444 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - PhotoFunia.lnk
[2010.02.23 13:28:10 | 000,002,561 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Microsoft Office Word 2003.lnk
[2010.02.18 18:55:53 | 000,002,436 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Dokumenty\cc_20100218_185549.reg
[2010.02.16 09:04:50 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - HJTInstall.lnk
[2010.02.14 09:40:52 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\Dr.Web.lnk
[2010.02.10 20:28:21 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Blue Spirit\Plocha\CCleaner.lnk
========== Files Created - No Company Name ==========
[2010.03.10 16:53:03 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.03.10 16:53:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.03.10 16:53:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.03.10 16:53:03 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.03.10 16:53:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.03.10 16:37:40 | 003,885,368 | R--- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\ComboFix.exe
[2010.03.05 12:02:21 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\IObit Security 360.lnk
[2010.03.02 12:01:18 | 000,000,444 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - PhotoFunia.lnk
[2010.02.18 18:55:52 | 000,002,436 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Dokumenty\cc_20100218_185549.reg
[2010.02.16 09:04:50 | 000,000,616 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\Zástupce - HJTInstall.lnk
[2010.02.14 09:40:52 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Plocha\Dr.Web.lnk
[2009.07.13 14:54:16 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
[2009.06.12 15:33:29 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.04.24 11:48:31 | 000,000,244 | ---- | C] () -- C:\Program Files\Custom.ini
[2009.04.24 11:48:31 | 000,000,187 | ---- | C] () -- C:\Program Files\info.ini
[2009.04.06 12:15:19 | 000,009,216 | -HS- | C] () -- C:\Program Files\Thumbs.db
[2009.03.05 13:30:07 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2009.02.11 08:02:50 | 000,001,564 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.02.09 19:05:59 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2009.02.08 17:32:48 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Blue Spirit\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.07 12:20:32 | 000,000,239 | ---- | C] () -- C:\Program Files\Powerdvd.sim
[2009.02.07 12:20:32 | 000,000,183 | ---- | C] () -- C:\Program Files\CLAud.sim
[2009.02.07 12:20:30 | 000,344,923 | ---- | C] () -- C:\Program Files\ikernel.ex_
[2009.02.07 12:19:51 | 000,000,119 | ---- | C] () -- C:\Program Files\iPower.txt
[2009.02.07 12:19:51 | 000,000,030 | ---- | C] () -- C:\Program Files\Serial.txt
[2009.02.02 12:56:53 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\ood2kmsg.dll
[2009.02.02 12:56:51 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\OODCSPRO.dll
[2009.02.02 12:02:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.02.01 21:08:29 | 000,163,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009.02.01 15:55:20 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.02.01 14:07:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2009.02.01 14:07:38 | 003,465,911 | ---- | C] () -- C:\Program Files\pronan.dbf
[2009.02.01 14:07:38 | 000,923,648 | ---- | C] () -- C:\Program Files\pronan.cdx
[2009.02.01 14:07:38 | 000,001,514 | ---- | C] () -- C:\Program Files\SPCS.CET
[2009.02.01 14:07:38 | 000,001,262 | ---- | C] () -- C:\Program Files\RUCS.CET
[2009.02.01 14:07:38 | 000,000,682 | ---- | C] () -- C:\Program Files\SLOZENI.DTA
[2009.02.01 14:07:37 | 000,884,706 | ---- | C] () -- C:\Program Files\PRONAN.DAT
[2009.02.01 14:07:37 | 000,618,496 | ---- | C] () -- C:\Program Files\NAME.CDX
[2009.02.01 14:07:37 | 000,472,062 | ---- | C] () -- C:\Program Files\NAME.DBF
[2009.02.01 14:07:37 | 000,001,358 | ---- | C] () -- C:\Program Files\GRCS.CET
[2009.02.01 14:07:37 | 000,001,286 | ---- | C] () -- C:\Program Files\FRCS.CET
[2009.02.01 14:07:37 | 000,001,253 | ---- | C] () -- C:\Program Files\ITCS.CET
[2009.02.01 14:07:36 | 000,719,568 | ---- | C] () -- C:\Program Files\CZL4.DBF
[2009.02.01 14:07:36 | 000,696,320 | ---- | C] () -- C:\Program Files\CZL4.CDX
[2009.02.01 14:07:35 | 001,678,504 | ---- | C] () -- C:\Program Files\CZCS.DIC
[2009.02.01 14:07:35 | 000,112,851 | ---- | C] () -- C:\Program Files\CORRECT.CS0
[2009.02.01 14:07:35 | 000,021,606 | ---- | C] () -- C:\Program Files\CORRECT.CZA
[2009.02.01 14:07:35 | 000,021,496 | ---- | C] () -- C:\Program Files\CORRECT.CZN
[2009.02.01 14:07:35 | 000,018,859 | ---- | C] () -- C:\Program Files\CORRECT.CS
[2009.02.01 14:07:35 | 000,007,113 | ---- | C] () -- C:\Program Files\CORRECT.PJS
[2009.02.01 14:07:35 | 000,005,881 | ---- | C] () -- C:\Program Files\CORRECTF.AN
[2009.02.01 14:07:35 | 000,004,547 | ---- | C] () -- C:\Program Files\CORRECT.AN
[2009.02.01 14:07:35 | 000,002,787 | ---- | C] () -- C:\Program Files\CORRECT.AN0
[2009.02.01 14:07:35 | 000,001,052 | ---- | C] () -- C:\Program Files\CORRECTX.AN
[2009.02.01 14:07:34 | 004,136,609 | ---- | C] () -- C:\Program Files\COR4AN.DBF
[2009.02.01 14:07:32 | 004,160,512 | ---- | C] () -- C:\Program Files\COR4AN.CDX
[2009.02.01 14:07:32 | 001,030,343 | ---- | C] () -- C:\Program Files\ANCS.DIC
[2009.02.01 14:07:32 | 000,001,170 | ---- | C] () -- C:\Program Files\ANCS.CET
[2009.02.01 14:07:31 | 001,381,236 | ---- | C] () -- C:\Program Files\CSAN.TCX
[2009.02.01 14:07:28 | 009,759,612 | ---- | C] () -- C:\Program Files\ANCS.TCX
[2009.02.01 14:07:28 | 000,013,022 | ---- | C] () -- C:\Program Files\ANCS.GRM
[2009.02.01 14:07:26 | 006,169,600 | ---- | C] () -- C:\Program Files\CSAN.CDX
[2009.02.01 14:07:24 | 005,924,352 | ---- | C] () -- C:\Program Files\ANCS.CDX
[2009.02.01 14:07:23 | 001,703,563 | ---- | C] () -- C:\Program Files\ANCS2.DBF
[2009.02.01 14:07:12 | 039,798,371 | ---- | C] () -- C:\Program Files\ANCS.DBF
[2009.02.01 14:06:29 | 011,265,369 | ---- | C] () -- C:\Program Files\A4.CMP
[2009.02.01 14:06:25 | 015,636,753 | ---- | C] () -- C:\Program Files\A3.CMP
[2009.02.01 14:06:21 | 015,319,767 | ---- | C] () -- C:\Program Files\A2.CMP
[2009.02.01 14:06:16 | 017,604,649 | ---- | C] () -- C:\Program Files\A1.CMP
[2009.02.01 14:06:12 | 017,179,235 | ---- | C] () -- C:\Program Files\A0.CMP
[2009.02.01 14:06:11 | 000,365,568 | ---- | C] () -- C:\Program Files\READERA.CDX
[2009.02.01 14:06:10 | 001,912,405 | ---- | C] () -- C:\Program Files\READERA.DBF
[2009.02.01 14:06:00 | 000,105,456 | ---- | C] () -- C:\Program Files\APPENDO.DTN
[2009.02.01 14:05:59 | 000,343,689 | ---- | C] () -- C:\Program Files\APPEND.DTN
[2009.02.01 14:05:59 | 000,000,226 | ---- | C] () -- C:\Program Files\MAILTRAN.CFG
[2009.02.01 14:05:58 | 000,032,109 | ---- | C] () -- C:\Program Files\APPEND.DTA
[2009.02.01 14:05:58 | 000,010,401 | ---- | C] () -- C:\Program Files\APPENDO.DTA
[2009.02.01 14:05:58 | 000,001,224 | ---- | C] () -- C:\Program Files\TRNCOM.CFG
[2009.02.01 14:05:54 | 000,000,226 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2009.02.01 14:05:53 | 000,011,362 | ---- | C] () -- C:\Program Files\MAILTRAN.HLP
[2009.02.01 14:05:50 | 000,198,656 | ---- | C] () -- C:\Program Files\MAILTRAN.EXE
[2009.02.01 14:05:50 | 000,001,224 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2009.02.01 14:05:49 | 000,375,774 | ---- | C] () -- C:\Program Files\TRNIKONY.BMP
[2009.02.01 14:05:49 | 000,375,774 | ---- | C] () -- C:\Program Files\SETUPWEB.BMP
[2009.02.01 14:05:48 | 000,360,448 | ---- | C] () -- C:\Program Files\WEBIE.DL_
[2009.02.01 14:05:48 | 000,098,304 | ---- | C] () -- C:\Program Files\REG.EXE
[2009.02.01 14:05:47 | 001,683,456 | ---- | C] () -- C:\Program Files\TRNCOM.DL_
[2009.02.01 14:05:45 | 000,000,877 | ---- | C] () -- C:\Program Files\SETUPWEB.IST
[2009.02.01 14:05:43 | 000,162,816 | ---- | C] () -- C:\Program Files\SETUPWEB.EXE
[2009.02.01 14:05:42 | 000,000,614 | ---- | C] () -- C:\Program Files\TRNIKONY.IST
[2009.02.01 14:05:40 | 000,162,816 | ---- | C] () -- C:\Program Files\TRNIKONY.EXE
[2009.02.01 14:05:39 | 000,499,878 | ---- | C] () -- C:\Program Files\WINTRAN.DCZ
[2009.02.01 14:05:29 | 000,001,831 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2009.02.01 14:05:28 | 000,018,653 | ---- | C] () -- C:\Program Files\WDICT32.HLP
[2009.02.01 14:05:28 | 000,015,178 | ---- | C] () -- C:\Program Files\WTRDCTM.HLP
[2009.02.01 14:05:28 | 000,004,233 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2009.02.01 14:05:27 | 000,051,010 | ---- | C] () -- C:\Program Files\WTRAN32.HLP
[2009.02.01 14:05:17 | 000,737,280 | ---- | C] () -- C:\Program Files\WDICT32.EXE
[2009.02.01 14:05:11 | 000,189,440 | ---- | C] () -- C:\Program Files\WTRDCTM.EXE
[2009.02.01 14:05:00 | 000,004,193 | ---- | C] () -- C:\Program Files\WTRAN32.CFG
[2009.02.01 14:05:00 | 000,001,777 | ---- | C] () -- C:\Program Files\WDICT32.CFG
[2009.01.20 03:12:58 | 000,032,539 | ---- | C] () -- C:\Program Files\nv4_disp.cat
[2009.01.15 08:19:00 | 007,914,489 | ---- | C] () -- C:\Program Files\data2.cab
[2009.01.15 08:19:00 | 007,789,504 | ---- | C] () -- C:\Program Files\NvCpl.dl_
[2009.01.15 08:19:00 | 004,408,971 | ---- | C] () -- C:\Program Files\nvoglnt.dl_
[2009.01.15 08:19:00 | 003,605,504 | ---- | C] () -- C:\Program Files\nvDispS.dl_
[2009.01.15 08:19:00 | 003,595,361 | ---- | C] () -- C:\Program Files\nv4_disp.dl_
[2009.01.15 08:19:00 | 003,391,581 | ---- | C] () -- C:\Program Files\nv4_mini.sy_
[2009.01.15 08:19:00 | 003,155,912 | ---- | C] () -- C:\Program Files\nvViTvS.dl_
[2009.01.15 08:19:00 | 002,195,673 | ---- | C] () -- C:\Program Files\nvGameS.dl_
[2009.01.15 08:19:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.01.15 08:19:00 | 001,628,583 | ---- | C] () -- C:\Program Files\nvwss.dl_
[2009.01.15 08:19:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.01.15 08:19:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.01.15 08:19:00 | 001,078,849 | ---- | C] () -- C:\Program Files\data1.cab
[2009.01.15 08:19:00 | 000,986,076 | ---- | C] () -- C:\Program Files\nvcuda.dl_
[2009.01.15 08:19:00 | 000,886,767 | ---- | C] () -- C:\Program Files\nvwdmcpl.dl_
[2009.01.15 08:19:00 | 000,696,530 | ---- | C] () -- C:\Program Files\nvMoblS.dl_
[2009.01.15 08:19:00 | 000,682,988 | ---- | C] () -- C:\Program Files\nwiz.ex_
[2009.01.15 08:19:00 | 000,677,695 | ---- | C] () -- C:\Program Files\nview.dl_
[2009.01.15 08:19:00 | 000,559,919 | ---- | C] () -- C:\Program Files\NvPVEnc.ax_
[2009.01.15 08:19:00 | 000,474,242 | ---- | C] () -- C:\Program Files\nvdspsch.ex_
[2009.01.15 08:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.01.15 08:19:00 | 000,435,004 | ---- | C] () -- C:\Program Files\nvcplui.ex_
[2009.01.15 08:19:00 | 000,354,919 | ---- | C] () -- C:\Program Files\nvwimg.dl_
[2009.01.15 08:19:00 | 000,308,110 | ---- | C] () -- C:\Program Files\nvapi.dl_
[2009.01.15 08:19:00 | 000,306,712 | ---- | C] () -- C:\Program Files\setup.inx
[2009.01.15 08:19:00 | 000,228,812 | ---- | C] () -- C:\Program Files\keystone.ex_
[2009.01.15 08:19:00 | 000,210,986 | ---- | C] () -- C:\Program Files\nvappbar.ex_
[2009.01.15 08:19:00 | 000,202,444 | ---- | C] () -- C:\Program Files\nvshell.dl_
[2009.01.15 08:19:00 | 000,187,817 | ---- | C] () -- C:\Program Files\nvdsp.chm
[2009.01.15 08:19:00 | 000,176,756 | ---- | C] () -- C:\Program Files\setup.bmp
[2009.01.15 08:19:00 | 000,164,070 | ---- | C] () -- C:\Program Files\nvmccs.dl_
[2009.01.15 08:19:00 | 000,155,983 | ---- | C] () -- C:\Program Files\nvnt4cpl.dl_
[2009.01.15 08:19:00 | 000,154,402 | ---- | C] () -- C:\Program Files\NVCPL.HL_
[2009.01.15 08:19:00 | 000,123,842 | ---- | C] () -- C:\Program Files\nv3d.chm
[2009.01.15 08:19:00 | 000,123,643 | ---- | C] () -- C:\Program Files\nvcpl.chm
[2009.01.15 08:19:00 | 000,117,527 | ---- | C] () -- C:\Program Files\nvcpl.cp_
[2009.01.15 08:19:00 | 000,105,012 | ---- | C] () -- C:\Program Files\nvMccsS.dl_
[2009.01.15 08:19:00 | 000,090,908 | ---- | C] () -- C:\Program Files\nvsvc32.ex_
[2009.01.15 08:19:00 | 000,086,869 | ---- | C] () -- C:\Program Files\NvColor.ex_
[2009.01.15 08:19:00 | 000,080,771 | ---- | C] () -- C:\Program Files\NVEPClnt.ex_
[2009.01.15 08:19:00 | 000,076,009 | ---- | C] () -- C:\Program Files\setup.isn
[2009.01.15 08:19:00 | 000,075,057 | ---- | C] () -- C:\Program Files\nv4_disp.inf
[2009.01.15 08:19:00 | 000,073,826 | ---- | C] () -- C:\Program Files\nvcod.dl_
[2009.01.15 08:19:00 | 000,058,584 | ---- | C] () -- C:\Program Files\modes.txt
[2009.01.15 08:19:00 | 000,054,988 | ---- | C] () -- C:\Program Files\nvmob.chm
[2009.01.15 08:19:00 | 000,048,497 | ---- | C] () -- C:\Program Files\nvwddi.dl_
[2009.01.15 08:19:00 | 000,045,119 | ---- | C] () -- C:\Program Files\NvMCTray.dl_
[2009.01.15 08:19:00 | 000,044,516 | ---- | C] () -- C:\Program Files\NvApps.xm_
[2009.01.15 08:19:00 | 000,040,057 | ---- | C] () -- C:\Program Files\nvtuicpl.cp_
[2009.01.15 08:19:00 | 000,037,359 | ---- | C] () -- C:\Program Files\nvwcplen.hl_
[2009.01.15 08:19:00 | 000,023,543 | ---- | C] () -- C:\Program Files\data1.hdr
[2009.01.15 08:19:00 | 000,018,725 | ---- | C] () -- C:\Program Files\nvdisp.nvu
[2009.01.15 08:19:00 | 000,010,222 | ---- | C] () -- C:\Program Files\default.tv_
[2009.01.15 08:19:00 | 000,009,088 | ---- | C] () -- C:\Program Files\nvmccsrs.dl_
[2009.01.15 08:19:00 | 000,008,322 | ---- | C] () -- C:\Program Files\NvwsApps.xm_
[2009.01.15 08:19:00 | 000,006,144 | ---- | C] () -- C:\Program Files\Finance.tv_
[2009.01.15 08:19:00 | 000,006,101 | ---- | C] () -- C:\Program Files\Advanced.tv_
[2009.01.15 08:19:00 | 000,005,857 | ---- | C] () -- C:\Program Files\DCC.tv_
[2009.01.15 08:19:00 | 000,005,661 | ---- | C] () -- C:\Program Files\CAD.tv_
[2009.01.15 08:19:00 | 000,003,593 | ---- | C] () -- C:\Program Files\Readme.txt
[2009.01.15 08:19:00 | 000,000,431 | ---- | C] () -- C:\Program Files\setup.iss
[2009.01.15 08:19:00 | 000,000,417 | ---- | C] () -- C:\Program Files\layout.bin
[2009.01.15 08:19:00 | 000,000,095 | ---- | C] () -- C:\Program Files\setup.ini
[2008.12.10 23:13:50 | 036,075,288 | ---- | C] () -- C:\Program Files\PhysX_9.09.0010_SystemSoftware.exe
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.01.02 19:26:23 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2002.01.02 19:25:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\vusetup.dll
[2002.01.02 19:07:25 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 19:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2002.08.29 02:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2002.09.20 19:03:50 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2002.09.20 19:04:34 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2002.09.20 19:04:42 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: VIAMRAID.SYS >
[2006.11.08 14:25:24 | 000,116,688 | R--- | M] (VIA Technologies inc,.ltd) MD5=68B41DFA083C2734340BA254532700F3 -- C:\Instalovaný software\VIA4in1_MB\VIA\drvdisk\i386\NT4\viamraid.sys
[2006.11.08 14:25:24 | 000,116,688 | R--- | M] (VIA Technologies inc,.ltd) MD5=68B41DFA083C2734340BA254532700F3 -- C:\Instalovaný software\VIA4in1_MB\VIA\VIARaid\DRIVER\Raid\winnt40\viamraid.sys
[2006.11.08 14:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Instalovaný software\VIA4in1_MB\VIA\drvdisk\i386\NT5\viamraid.sys
[2006.11.08 14:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Instalovaný software\VIA4in1_MB\VIA\VIARaid\DRIVER\Raid\winxp\viamraid.sys
< %systemroot%\*. /mp /s >
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - 2 šmejdi
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
Smaž složku:
C:\_OTL
Zkus dát ještě na VT:
C:\Program Files\Timer Wizard\Timer Wizard.exe
Zkus Znovu MbAM , příp. dej smazat :
Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> No action taken.
Restart a znovu log z MbAM.
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
Smaž složku:
C:\_OTL
Zkus dát ještě na VT:
C:\Program Files\Timer Wizard\Timer Wizard.exe
Zkus Znovu MbAM , příp. dej smazat :
Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> No action taken.
Restart a znovu log z MbAM.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
guest
- Pohlaví:
Re: Prosím o kontrolu - 2 šmejdi
Tak jsem z toho jelen, vše jsem provedl a je to tam furt. Zkoušel jsem to odstranit v regedit a tam to také nejde, přitom to memá žádnou hodnotu. Asi to tam bude pořád, pokud bude nainstalovaný NOD. 
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3849
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
10.3.2010 21:57:07
mbam-log-2010-03-10 (21-57-07).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 155192
Uplynulý čas: 18 minute(s), 57 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> Delete on reboot.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3849
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
10.3.2010 21:57:07
mbam-log-2010-03-10 (21-57-07).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 155192
Uplynulý čas: 18 minute(s), 57 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe (Security.Hijack) -> Delete on reboot.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
- Přílohy
-
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - 2 šmejdi
Zkus odebrat celý adresáš vlevo (oba).
Co ten soubor na virus Total:
C:\Program Files\Timer Wizard\Timer Wizard.exe ??
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
Zítra.
Co ten soubor na virus Total:
C:\Program Files\Timer Wizard\Timer Wizard.exe ??
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
Zítra.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
guest
- Pohlaví:
Re: Prosím o kontrolu - 2 šmejdi
Jo a toto C:\Program Files\Timer Wizard\Timer Wizard.exe kontrolovat nemusím, je to takový upozorňovač na to co kdy udělat a mám ho asi 3 roky.
Je možný, že ty dvě věci mbam špatně vyhodnocuje, ale v předchozí verzi NODu to nedělalo, až dnes když jsem stáhl znova Trial.
Celý adresář také nejde, hlásí to chyba při odstraňování klíče.
Je možný, že ty dvě věci mbam špatně vyhodnocuje, ale v předchozí verzi NODu to nedělalo, až dnes když jsem stáhl znova Trial.
Celý adresář také nejde, hlásí to chyba při odstraňování klíče.
-
guest
- Pohlaví:
Re: Prosím o kontrolu - 2 šmejdi
Ahoj jaro3, tak jsem s tím zase trochu laboroval a výsledek je takový, že opravdu jak jsi psal hned v úvodu je to chyba mbam - špatně ty 2 záznamy v registru vyhodnocuje.
Dnes jsem udělal následující:
1/ Odinstalace NODu
2/ Restart
3/ NOD32removal
4/ CCleaner
5/ Mbam - log je čistý
Pak jsem znovu nainstaloval NOD a je to tam znova ! Tudíž je to správně a má to tam být.
Ale veškerá práce nebyla na draka, protože komp se podstatně zrychlil.
Ještě počkám na tvůj názor a pak dávám fajfku! Díky moc!
Dnes jsem udělal následující:
1/ Odinstalace NODu
2/ Restart
3/ NOD32removal
4/ CCleaner
5/ Mbam - log je čistý
Pak jsem znovu nainstaloval NOD a je to tam znova ! Tudíž je to správně a má to tam být.
Ale veškerá práce nebyla na draka, protože komp se podstatně zrychlil.
Ještě počkám na tvůj názor a pak dávám fajfku! Díky moc!
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43294
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - 2 šmejdi
Zkusím je přes někoho kontaktovat, sám to vidím na chybu , pokud to chyba je tak náprava bude třeba až za dva týdny...
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
guest
- Pohlaví:
Re: Prosím o kontrolu - 2 šmejdi Vyřešeno
Rozumím, tak ještě jednou dík a dávám fajfku.
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti