OTL:
OTL logfile created on: 14.7.2010 9:08:13 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Pavel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 45,08 Gb Free Space | 15,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 698,64 Gb Total Space | 444,65 Gb Free Space | 63,65% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: POLIC
Current User Name: Pavel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.07.14 09:04:43 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
PRC - [2010.07.14 09:04:20 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTH.scr
PRC - [2010.04.01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
========== Modules (SafeList) ==========
MOD - [2010.07.14 09:04:43 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
MOD - [2008.04.14 05:21:46 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008.04.14 05:21:36 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.04.01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.09.10 11:06:46 | 000,306,432 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.12.20 10:41:56 | 000,029,440 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007.01.11 06:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Documents and Settings\All Users\Data aplikací\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
========== Driver Services (SafeList) ==========
DRV - [2010.04.03 22:55:32 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010.03.01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.09.17 09:53:24 | 000,023,217 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Lineage II\system\npkcrypt.sys -- (npkcrypt)
DRV - [2009.09.17 09:53:24 | 000,015,472 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\Lineage II\system\npkcusb.sys -- (npkcusb)
DRV - [2009.06.10 16:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.05.14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.05.14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007.03.26 21:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.03.15 16:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2006.10.18 21:12:16 | 000,012,664 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006.02.14 14:45:33 | 000,024,320 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\VClone.sys -- (VClone)
DRV - [2005.08.06 15:13:12 | 000,009,661 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Moufiltr.sys -- (Moufiltr)
DRV - [2005.04.21 13:40:36 | 000,010,624 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2004.08.13 20:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.09.16 17:14:32 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 FF A4 36 B0 22 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.22 20:12:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.12 14:46:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.12 14:46:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2009.09.10 16:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Extensions
[2010.07.12 11:25:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\extensions
[2010.07.11 11:16:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.11 11:16:50 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.07.11 11:12:45 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\searchplugins\icqplugin-1.xml
[2010.03.22 20:07:35 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\searchplugins\icqplugin-2.xml
[2010.04.29 17:57:50 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\searchplugins\icqplugin-3.xml
[2010.07.13 22:58:47 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\searchplugins\icqplugin-4.xml
[2010.02.03 15:49:36 | 000,000,955 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\searchplugins\icqplugin.xml
[2009.11.23 23:16:58 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\0hqa3q06.default\searchplugins\sweetim.xml
[2010.07.12 11:25:29 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.13 11:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.15 11:58:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.12 14:46:38 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.12 14:46:38 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.12 14:46:38 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.12 14:46:38 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.12 14:46:38 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.07.13 23:27:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co.,Ltd.)
O4 - HKCU..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\postak.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_20.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.92.146.5 82.113.34.18
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel\Data aplikací\IrfanView\IrfanView_Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel\Data aplikací\IrfanView\IrfanView_Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (32664708049797120)
========== Files/Folders - Created Within 90 Days ==========
[2010.07.14 09:04:59 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
[2010.07.14 09:04:59 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTH.scr
[2010.07.14 09:01:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[2010.07.14 09:00:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavel\Recent
[2010.07.14 09:00:07 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.07.13 23:26:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.07.13 23:18:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\Avira
[2010.07.13 23:17:05 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.07.13 23:17:04 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.07.13 23:17:04 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.07.13 23:17:04 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.07.13 23:17:04 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.07.13 23:17:03 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010.07.13 23:17:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Avira
[2010.07.13 21:48:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\Malwarebytes
[2010.07.13 21:48:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.13 21:48:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.13 21:48:20 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.07.13 21:48:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.07.13 14:39:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Sunbelt Software
[2010.07.11 12:24:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\Stažené soubory
[2010.07.07 21:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Big Pizza Mountainbike Challenge 10 (DE)
[2010.06.15 19:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\pdfsam
[2010.06.15 19:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\AdvancedReliableSoftware
[2010.06.13 00:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.06.11 17:33:47 | 000,000,000 | ---D | C] -- C:\Program Files\GameSpy Arcade
[2010.06.11 17:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Celeris
[2010.06.07 22:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\PowerQuest
[2010.06.05 14:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Data aplikací\Teleca
[2010.06.05 14:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\HTC
[2010.06.05 14:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\HTC
[2010.06.05 14:53:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared
[2010.06.05 14:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.06.05 14:52:55 | 000,024,576 | ---- | C] (HTC, Corporation) -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys
[2010.06.05 14:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications
[2010.06.05 14:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\HTC
[2010.06.05 14:51:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.06.04 09:57:59 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010.06.04 09:57:59 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\WINDOWS\System32\i420vfw.dll
[2010.06.04 09:57:51 | 000,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSSplitter.ax
[2010.06.04 09:57:51 | 000,090,112 | RHS- | C] (-) -- C:\WINDOWS\System32\TTADSDecoder.ax
[2010.06.04 09:57:50 | 000,092,672 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLVorbisDec.ax
[2010.06.04 09:57:50 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\WINDOWS\System32\RLTheoraDec.ax
[2010.06.04 09:57:49 | 000,186,880 | RHS- | C] (RadLight) -- C:\WINDOWS\System32\RLOgg.ax
[2010.06.04 09:57:45 | 000,161,792 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\RealMediaDX.ax
[2010.06.04 09:57:42 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\WINDOWS\System32\nbDX.dll
[2010.06.04 09:57:41 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\WINDOWS\System32\msfDX.dll
[2010.06.04 09:57:39 | 000,169,472 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\MatroskaDX.ax
[2010.06.04 09:57:39 | 000,163,328 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\flvDX.dll
[2010.06.04 09:57:36 | 000,179,200 | RHS- | C] (Gabest) -- C:\WINDOWS\System32\DiracSplitter.ax
[2010.06.04 09:57:35 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\WINDOWS\System32\AVCDX.ax
[2010.06.04 09:56:14 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2010.05.25 21:45:11 | 000,000,000 | ---D | C] -- C:\TEMP
[2010.05.25 13:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DivX
[2010.05.03 20:42:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pavel\Dokumenty\Sčítání dopravy - brigáda
[2010.04.30 15:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
========== Files - Modified Within 90 Days ==========
[2010.07.14 09:04:43 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTL.exe
[2010.07.14 09:04:20 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel\Plocha\OTH.scr
[2010.07.14 08:52:50 | 000,272,437 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.07.14 08:52:40 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1801674531-682003330-1004.job
[2010.07.14 08:52:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.14 08:52:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.14 08:52:31 | 2146,553,856 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.13 23:54:49 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\Pavel\NTUSER.DAT
[2010.07.13 23:50:49 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1801674531-682003330-1004.job
[2010.07.13 23:44:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.07.13 23:27:45 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.07.13 23:17:14 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2010.07.13 22:24:13 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\Pavel\ntuser.ini
[2010.07.13 21:48:23 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.07.13 18:16:32 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.13 18:11:51 | 002,115,018 | -H-- | M] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\IconCache.db
[2010.07.13 15:51:55 | 000,219,128 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.07.13 15:16:24 | 000,138,592 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.07.13 14:43:34 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010.07.09 17:32:50 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\Úklid 1 kliknutím.job
[2010.07.09 17:32:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2010.07.06 20:18:59 | 000,088,064 | ---- | M] () -- C:\Documents and Settings\Pavel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.05 11:07:32 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\Google Chrome.lnk
[2010.07.02 09:02:30 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2010.06.30 10:18:19 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.06.23 13:21:50 | 001,012,958 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.23 13:21:50 | 000,443,724 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.23 13:21:50 | 000,440,590 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.23 13:21:50 | 000,083,832 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.23 13:21:50 | 000,071,982 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.22 13:33:24 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\CorelDRAW 11.lnk
[2010.06.19 23:41:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.06.11 17:34:40 | 000,000,814 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\vp3.lnk
[2010.06.11 14:09:55 | 000,004,790 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\avatar_cz_forced.srt
[2010.06.11 11:59:45 | 000,287,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.05 14:57:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010.06.05 14:57:34 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.06.05 14:54:31 | 000,001,921 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\HTC Sync.lnk
[2010.06.04 09:57:51 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SUPER ©.lnk
[2010.05.21 11:50:17 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2010.05.16 15:24:06 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.05.12 19:17:42 | 000,015,813 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\Algorimy vymáhání k revizi.docx
[2010.05.09 14:41:38 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Pavel\PUTTY.RND
[2010.04.30 15:57:41 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\Pavel\Plocha\Wow.lnk
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\WINDOWS\System32\DivXControlPanelApplet.cpl
========== Files Created - No Company Name ==========
[2010.07.13 23:17:14 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira AntiVir Control Center.lnk
[2010.07.13 21:48:23 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.06.11 22:01:26 | 000,004,790 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\avatar_cz_forced.srt
[2010.06.11 17:34:40 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\vp3.lnk
[2010.06.05 14:57:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010.06.05 14:57:34 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010.06.05 14:54:31 | 000,001,921 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\HTC Sync.lnk
[2010.06.04 09:57:51 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SUPER ©.lnk
[2010.06.04 09:57:49 | 000,051,712 | RHS- | C] () -- C:\WINDOWS\System32\RLSpeexDec.ax
[2010.06.04 09:57:47 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\RLMPCDec.ax
[2010.06.04 09:57:46 | 000,070,656 | RHS- | C] () -- C:\WINDOWS\System32\RLAPEDec.ax
[2010.06.04 09:57:40 | 000,120,832 | RHS- | C] () -- C:\WINDOWS\System32\MPCDx.ax
[2010.06.04 09:57:37 | 000,097,280 | RHS- | C] () -- C:\WINDOWS\System32\FLACDX.ax
[2010.06.04 09:57:36 | 000,175,104 | RHS- | C] () -- C:\WINDOWS\System32\CoreAAC.ax
[2010.06.04 09:57:35 | 000,227,328 | RHS- | C] () -- C:\WINDOWS\System32\ac3DX.ax
[2010.06.04 09:57:35 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\System32\aac_parser.ax
[2010.05.12 19:17:42 | 000,015,813 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\Algorimy vymáhání k revizi.docx
[2010.04.30 15:57:41 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\Pavel\Plocha\Wow.lnk
[2010.04.12 23:36:55 | 000,000,067 | ---- | C] () -- C:\WINDOWS\AVIConverter.INI
[2010.04.12 23:22:53 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010.04.12 23:22:53 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010.04.12 23:22:53 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010.04.12 23:22:52 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010.04.12 20:01:14 | 000,777,728 | ---- | C] () -- C:\WINDOWS\System32\SSLSVC.DLL
[2010.04.12 20:01:14 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2010.04.12 20:01:13 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\cfmsg.dll
[2010.04.12 20:01:13 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2010.04.12 20:01:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\lang_cfml.dll
[2010.04.12 20:01:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\xml_datagrove.dll
[2010.04.04 13:35:40 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.12.10 23:06:43 | 006,294,528 | ---- | C] () -- C:\WINDOWS\System32\MediaIO1.dll
[2009.12.10 23:06:42 | 009,974,784 | ---- | C] () -- C:\WINDOWS\System32\MioPlayer2.dll
[2009.12.09 22:31:19 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.12.09 22:31:18 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.10.29 17:01:34 | 000,138,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.09.10 13:15:03 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.09.09 23:39:42 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009.09.09 23:19:27 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2009.09.09 23:07:56 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.09.09 23:07:56 | 000,012,664 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.09.09 23:07:54 | 000,012,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009.09.09 23:07:54 | 000,010,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009.09.09 22:56:08 | 000,014,370 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.09.09 22:55:56 | 000,014,139 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.09.09 22:55:56 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.09.09 22:55:44 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.11.07 01:00:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003.09.16 17:52:28 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.16 17:43:31 | 000,884,736 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2003.09.16 17:41:43 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2001.10.28 17:42:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
========== LOP Check ==========
[2009.12.06 15:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2010.04.12 22:16:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA
[2009.09.09 23:47:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2009.09.14 18:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.06.05 14:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HTC
[2009.12.13 11:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2009.09.15 13:39:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ijjigame
[2009.10.30 16:20:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2010.06.05 14:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.07.04 15:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.09.10 11:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.10.29 17:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2009.09.09 23:42:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2009.12.08 22:38:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Apowersoft
[2010.04.11 23:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\BSplayer PRO
[2009.09.19 19:56:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\EPSON
[2009.09.16 15:59:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\FUEL
[2009.11.17 19:13:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\GHISLER
[2010.07.13 09:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\ICQ
[2009.09.10 13:45:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\IrfanView
[2009.09.10 17:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Opera
[2009.10.01 16:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\play2p
[2009.10.07 16:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Sparx Systems
[2010.06.05 14:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\Teleca
[2009.09.10 11:06:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\TuneUp Software
[2010.04.12 23:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel\Data aplikací\WinAVI
[2010.07.09 17:32:47 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2010.07.09 17:32:50 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2010.02.04 15:07:50 | 000,000,110 | -H-- | M] () -- C:\aaw7boot.cmd
[2009.09.09 22:38:08 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010.05.21 11:50:17 | 000,000,282 | RHS- | M] () -- C:\boot.ini
[2006.03.02 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004.08.04 00:00:04 | 000,261,312 | ---- | M] () -- C:\cmldr
[2009.09.09 22:50:01 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010.07.13 22:57:03 | 000,000,132 | ---- | M] () -- C:\DevList.txt
[2010.07.14 08:52:31 | 2146,553,856 | -HS- | M] () -- C:\hiberfil.sys
[2009.09.09 22:50:01 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009.09.09 22:50:01 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2006.03.02 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009.09.10 00:05:22 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2010.07.14 08:52:30 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009.11.25 17:25:52 | 000,092,187 | -H-- | M] () -- C:\treeinfo.wc
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.09.10 00:31:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.09.10 00:31:32 | 000,638,976 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.09.10 00:31:32 | 000,495,616 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\drivers\*.sys /90 >
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010.07.13 15:16:24 | 000,138,592 | ---- | M] () -- C:\WINDOWS\system32\drivers\PnkBstrK.sys
[2010.07.13 14:43:34 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\system32\drivers\SBREDrv.sys
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:073341D1
< End of report >
Prosím o kontrolu logu Vyřešeno
Re: Prosím o kontrolu logu
Extras:
OTL Extras logfile created on: 14.7.2010 9:08:13 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Pavel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 45,08 Gb Free Space | 15,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 698,64 Gb Total Space | 444,65 Gb Free Space | 63,65% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: POLIC
Current User Name: Pavel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Codemasters\DiRT\DiRT.exe" = C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable -- (Codemasters)
"C:\Program Files\Codemasters\FUEL\FUEL.exe" = C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL -- (Codemasters)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- (Codemasters)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\NCsoft\Launcher\IALauncher.exe" = C:\Program Files\NCsoft\Launcher\IALauncher.exe:*:Enabled: -- ()
"C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe" = C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine -- ()
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Launcher.exe -- (Blizzard Entertainment)
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Celeris\Virtual Pool 3 DL\vp3.exe" = C:\Program Files\Celeris\Virtual Pool 3 DL\vp3.exe:*:Enabled:Virtual Pool 3 DL -- (Celeris Inc.)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0 -- (IGN Entertainment, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}" = Lineage II
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{361693F2-A153-4359-A4CB-A1B9FF2AA5E6}" = A4tech USB Mouse Quality Testing Program V5.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}" = Virtual Pool 3 DL
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC4174D1-7970-40E6-AC57-F095F961FB08}" = HTC Sync
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB49B376-1136-44B4-83FA-036334B59937}" = OLYMPUS Master 2
"{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}" = Enterprise Architect 7.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{D964D3EC-B909-4196-9041-A11EFDA9C512}" = GM Rally
"{DDDE47E5-C711-4D17-9FA6-E3D7C340192A}" = OLYMPUS muvee theaterPack
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4CE6CEC-4E73-43E3-943A-0A59CB42CB62}" = Chilkat Upload ActiveX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"3GP Player_is1" = 3GP Player 1.1.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"AVI MPEG RM WMV Joiner_is1" = AVI/MPEG/RM/WMV Joiner 4.82
"AVI ReComp" = AVI ReComp 1.2.3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BSPlayerp" = BS.Player PRO
"Bus-Simulator 2009_is1" = Bus-Simulator 2009
"CABAL Online (Europe)_is1" = CABAL Online
"CCleaner" = CCleaner (remove only)
"Combined Community Codec Pack BETA_is1" = Combined Community Codec Pack BETA 2010-04-07
"Counter-Strike: Source" = Counter-Strike: Source
"CX4300_5500_DX4400 Manuál" = CX4300_5500_DX4400 Manuál
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Video to Audio Converter_is1" = Easy Video to Audio Converter 1.0.3
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps (remove only)
"GAMEFORGE Nostale(CZ)_is1" = Nostale Online CZ (Remove)
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero 9 Micro_is1" = Nero 9.0.9.4d Micro (sestavení 1)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenAL" = OpenAL
"PowerArchiver_is1" = PowerArchiver 2006 v9.60
"Protege 3.3.1" = Protege 3.3.1
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealAlt_is1" = Real Alternative 1.52
"RealPlayer 12.0" = RealPlayer
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"SystemRequirementsLab" = System Requirements Lab
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TopStyle Lite (Version 3.0)" = TopStyle Lite (Version 3.0)
"Totalcmd" = Total Commander (Remove or Repair)
"VirtualCloneDrive" = VirtualCloneDrive
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WheelMouse" = Smart-X7 7.80
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.0.4
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"pdfsam" = pdfsam
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.5.2010 4:57:22 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace egui.exe, verze 4.0.474.0, chybující modul eguiupdate.dll,
verze 4.0.474.0, adresa chyby 0x000084e7.
Error - 6.6.2010 5:43:59 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace shift.exe, verze 1.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.6.2010 8:00:34 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace aisuite.exe, verze 0.0.0.0, chybující modul aisuite.exe,
verze 0.0.0.0, adresa chyby 0x00028ffd.
Error - 10.6.2010 8:06:46 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace aisuite.exe, verze 0.0.0.0, chybující modul aisuite.exe,
verze 0.0.0.0, adresa chyby 0x00028ffd.
Error - 11.6.2010 5:57:07 | Computer Name = POLIC | Source = System.ServiceModel.Install 3.0.0.0 | ID = 0
Description =
Error - 11.6.2010 12:10:47 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vp3.exe, verze 3.3.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.6.2010 16:54:23 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vp3.exe, verze 3.3.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.6.2010 8:00:04 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace aisuite.exe, verze 0.0.0.0, chybující modul aisuite.exe,
verze 0.0.0.0, adresa chyby 0x00028ffd.
Error - 20.6.2010 11:53:04 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace gameparkclient.exe, verze 1.1.0.24, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 23.6.2010 7:22:33 | Computer Name = POLIC | Source = System.ServiceModel.Install 3.0.0.0 | ID = 0
Description =
[ System Events ]
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Windows Installer byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba EPSON V3 Service4(01) byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 13.7.2010 17:21:53 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 14.7.2010 3:06:09 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrB byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba EPSON V3 Service4(01) byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
OTL Extras logfile created on: 14.7.2010 9:08:13 - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Documents and Settings\Pavel\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 81,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 45,08 Gb Free Space | 15,12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 698,64 Gb Total Space | 444,65 Gb Free Space | 63,65% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: POLIC
Current User Name: Pavel
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:UPnP System
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:UPnP System
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Codemasters\DiRT\DiRT.exe" = C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable -- (Codemasters)
"C:\Program Files\Codemasters\FUEL\FUEL.exe" = C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL -- (Codemasters)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Codemasters\DiRT2\dirt2_game.exe" = C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2 -- (Codemasters)
"C:\Program Files\ICQ7.0\ICQ.exe" = C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.0\aolload.exe" = C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\NCsoft\Launcher\IALauncher.exe" = C:\Program Files\NCsoft\Launcher\IALauncher.exe:*:Enabled: -- ()
"C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe" = C:\Program Files\Games-Masters.com\CABAL Online (Europe)\launcher\update\ESTdnheadless.exe:*:Enabled:EST! download engine -- ()
"C:\Program Files\World of Warcraft\Launcher.exe" = C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Launcher.exe -- (Blizzard Entertainment)
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Celeris\Virtual Pool 3 DL\vp3.exe" = C:\Program Files\Celeris\Virtual Pool 3 DL\vp3.exe:*:Enabled:Virtual Pool 3 DL -- (Celeris Inc.)
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.0 -- (IGN Entertainment, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}" = Lineage II
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{361693F2-A153-4359-A4CB-A1B9FF2AA5E6}" = A4tech USB Mouse Quality Testing Program V5.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}" = DiRT
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}" = Virtual Pool 3 DL
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8D3562E7-C795-4B5D-A091-6DAA3FF0DF3B}" = Macromedia HomeSite+
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BC4174D1-7970-40E6-AC57-F095F961FB08}" = HTC Sync
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB49B376-1136-44B4-83FA-036334B59937}" = OLYMPUS Master 2
"{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}" = Enterprise Architect 7.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{D964D3EC-B909-4196-9041-A11EFDA9C512}" = GM Rally
"{DDDE47E5-C711-4D17-9FA6-E3D7C340192A}" = OLYMPUS muvee theaterPack
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4CE6CEC-4E73-43E3-943A-0A59CB42CB62}" = Chilkat Upload ActiveX
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F51FF206-2273-4B3E-A90A-4752AE288C12}" = FUEL
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"3GP Player_is1" = 3GP Player 1.1.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AtcL1" = Attansic L1 Gigabit Ethernet Driver
"AVI MPEG RM WMV Joiner_is1" = AVI/MPEG/RM/WMV Joiner 4.82
"AVI ReComp" = AVI ReComp 1.2.3
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BSPlayerp" = BS.Player PRO
"Bus-Simulator 2009_is1" = Bus-Simulator 2009
"CABAL Online (Europe)_is1" = CABAL Online
"CCleaner" = CCleaner (remove only)
"Combined Community Codec Pack BETA_is1" = Combined Community Codec Pack BETA 2010-04-07
"Counter-Strike: Source" = Counter-Strike: Source
"CX4300_5500_DX4400 Manuál" = CX4300_5500_DX4400 Manuál
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"Easy Video to Audio Converter_is1" = Easy Video to Audio Converter 1.0.3
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"Fraps" = Fraps (remove only)
"GAMEFORGE Nostale(CZ)_is1" = Nostale Online CZ (Remove)
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"Heroes of Might and Magic® III" = Heroes of Might and Magic® III Complete
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0 Demo
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero 9 Micro_is1" = Nero 9.0.9.4d Micro (sestavení 1)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"OpenAL" = OpenAL
"PowerArchiver_is1" = PowerArchiver 2006 v9.60
"Protege 3.3.1" = Protege 3.3.1
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealAlt_is1" = Real Alternative 1.52
"RealPlayer 12.0" = RealPlayer
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"SystemRequirementsLab" = System Requirements Lab
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TopStyle Lite (Version 3.0)" = TopStyle Lite (Version 3.0)
"Totalcmd" = Total Commander (Remove or Repair)
"VirtualCloneDrive" = VirtualCloneDrive
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WheelMouse" = Smart-X7 7.80
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.0.4
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"pdfsam" = pdfsam
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.5.2010 4:57:22 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace egui.exe, verze 4.0.474.0, chybující modul eguiupdate.dll,
verze 4.0.474.0, adresa chyby 0x000084e7.
Error - 6.6.2010 5:43:59 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace shift.exe, verze 1.0.0.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 10.6.2010 8:00:34 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace aisuite.exe, verze 0.0.0.0, chybující modul aisuite.exe,
verze 0.0.0.0, adresa chyby 0x00028ffd.
Error - 10.6.2010 8:06:46 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace aisuite.exe, verze 0.0.0.0, chybující modul aisuite.exe,
verze 0.0.0.0, adresa chyby 0x00028ffd.
Error - 11.6.2010 5:57:07 | Computer Name = POLIC | Source = System.ServiceModel.Install 3.0.0.0 | ID = 0
Description =
Error - 11.6.2010 12:10:47 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vp3.exe, verze 3.3.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.6.2010 16:54:23 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vp3.exe, verze 3.3.1.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.6.2010 8:00:04 | Computer Name = POLIC | Source = Application Error | ID = 1000
Description = Chybující aplikace aisuite.exe, verze 0.0.0.0, chybující modul aisuite.exe,
verze 0.0.0.0, adresa chyby 0x00028ffd.
Error - 20.6.2010 11:53:04 | Computer Name = POLIC | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace gameparkclient.exe, verze 1.1.0.24, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 23.6.2010 7:22:33 | Computer Name = POLIC | Source = System.ServiceModel.Install 3.0.0.0 | ID = 0
Description =
[ System Events ]
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Windows Installer byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba EPSON V3 Service4(01) byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 13.7.2010 17:21:52 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 13.7.2010 17:21:53 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 14.7.2010 3:06:09 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba PnkBstrB byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba EPSON V3 Service4(01) byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 14.7.2010 3:06:10 | Computer Name = POLIC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Tento program znáš:
C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA ??
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\System32\MediaIO1.dll
Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkaz na stránku s výsledky.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.cz/
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
O1 HOSTS File: ([2010.07.13 23:27:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\WINDOWS\tasks\SA.DAT
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Tento program znáš:
C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA ??
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\System32\MediaIO1.dll
Pokud už byl soubor testován-klikni na otestovat znovu.
Až skončí test všech antivirů, vlož sem pak odkaz na stránku s výsledky.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
OTL:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from sweetim.toolbar.previous.keyword.URL
127.0.0.1 localhost removed from HOSTS file successfully
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File About:Home not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\1-Click Maintenance.job moved successfully.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1801674531-682003330-1004.job moved successfully.
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1801674531-682003330-1004.job moved successfully.
c:\windows\Tasks\Úklid 1 kliknutím.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Pavel
->Temp folder emptied: 587990 bytes
->Temporary Internet Files folder emptied: 2773049 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35596975 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 18532973 bytes
->Flash cache emptied: 562 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 147791 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 55,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Pavel
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.9.0 log created on 07142010_121255
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Vubec nevim, co to je
Odkaz na VirusTotal:
MediaIO1.dll
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from sweetim.toolbar.previous.keyword.URL
127.0.0.1 localhost removed from HOSTS file successfully
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0\ deleted successfully.
File About:Home not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\1-Click Maintenance.job moved successfully.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1801674531-682003330-1004.job moved successfully.
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1801674531-682003330-1004.job moved successfully.
c:\windows\Tasks\Úklid 1 kliknutím.job moved successfully.
File\Folder C:\*.tmp not found.
C:\WINDOWS\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Pavel
->Temp folder emptied: 587990 bytes
->Temporary Internet Files folder emptied: 2773049 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35596975 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 18532973 bytes
->Flash cache emptied: 562 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 147791 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 55,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: Pavel
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.9.0 log created on 07142010_121255
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Tento program znáš:
C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA ??
Vubec nevim, co to je
Odkaz na VirusTotal:
MediaIO1.dll
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
@Alternate Data Stream - 144 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:073341D1
:Files
C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA
C:\WINDOWS\System32\perfh009.dat
C:\WINDOWS\System32\perfh005.dat
C:\WINDOWS\System32\perfc005.dat
C:\WINDOWS\System32\perfc009.dat
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
OTL:
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:073341D1 deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA folder moved successfully.
C:\WINDOWS\System32\perfh009.dat moved successfully.
C:\WINDOWS\System32\perfh005.dat moved successfully.
C:\WINDOWS\System32\perfc005.dat moved successfully.
C:\WINDOWS\System32\perfc009.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Pavel
->Temp folder emptied: 587990 bytes
->Temporary Internet Files folder emptied: 43657 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 28285997 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 5461631 bytes
->Flash cache emptied: 562 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 33,00 mb
OTL by OldTimer - Version 3.2.9.0 log created on 07142010_134857
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:073341D1 deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Data aplikací\CUPYDGERVA folder moved successfully.
C:\WINDOWS\System32\perfh009.dat moved successfully.
C:\WINDOWS\System32\perfh005.dat moved successfully.
C:\WINDOWS\System32\perfc005.dat moved successfully.
C:\WINDOWS\System32\perfc009.dat moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Pavel
->Temp folder emptied: 587990 bytes
->Temporary Internet Files folder emptied: 43657 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 28285997 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 5461631 bytes
->Flash cache emptied: 562 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32768 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 33,00 mb
OTL by OldTimer - Version 3.2.9.0 log created on 07142010_134857
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43295
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu Vyřešeno
Poklepej na ikonu OTL na ploše a pak klikni na tl. Vyčisti.
Smaž OTL
C:\_OTL
Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou )
na plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění)a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Smaž OTL
C:\_OTL
Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou )
na plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění)a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti