Prosím o kontrolu logu, seká se pc
- Damned
- Tvůrce článků
-
Master Level 9
- Příspěvky: 8353
- Registrován: prosinec 06
- Bydliště: Rokycany
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu logu, seká se pc
A vyber si, kterej antivir budeš používat. Buď MbAM, ESET nebo AVG. I to, že máš 3 antiviry to může způsobovat
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner
Re: Prosím o kontrolu logu, seká se pc
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
Re: Prosím o kontrolu logu, seká se pc
OTL Extras logfile created on: 31.12.2012 13:58:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\saša\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,50 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 65,96% Memory free
2,10 Gb Paging File | 1,77 Gb Available in Paging File | 83,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,54 Gb Total Space | 17,92 Gb Free Space | 50,41% Space Free | Partition Type: NTFS
Drive K: | 113,50 Gb Total Space | 81,80 Gb Free Space | 72,06% Space Free | Partition Type: NTFS
Computer Name: N-41686FEFA1164 | User Name: saša | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{99DFA96E-68C8-48CC-B7A8-72FEF27F6CC1}" = ESET Smart Security
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BSPlayer1" = BSPlayer
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.5
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"rajče.net_is1" = rajče průvodce verze 1.59.45.260
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.11 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5.12.2012 20:08:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 6.12.2012 4:33:57 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 4:29:05 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 5:29:50 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.3520, adresa chyby 0x00011daa.
Error - 7.12.2012 6:06:14 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul swkotor2.exe,
verze 2.0.0.0, adresa chyby 0x000b4b8d.
Error - 10.12.2012 4:08:51 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 11.12.2012 4:10:30 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:41:45 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:52:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 19.12.2012 9:23:52 | Computer Name = N-41686FEFA1164 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to unregister. HRESULT -2147220472. Contact your support personnel.
[ Application Events ]
Error - 5.12.2012 20:08:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 6.12.2012 4:33:57 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 4:29:05 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 5:29:50 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.3520, adresa chyby 0x00011daa.
Error - 7.12.2012 6:06:14 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul swkotor2.exe,
verze 2.0.0.0, adresa chyby 0x000b4b8d.
Error - 10.12.2012 4:08:51 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 11.12.2012 4:10:30 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:41:45 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:52:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 19.12.2012 9:23:52 | Computer Name = N-41686FEFA1164 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to unregister. HRESULT -2147220472. Contact your support personnel.
[ System Events ]
Error - 30.12.2012 8:46:18 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 30.12.2012 8:50:50 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 30.12.2012 8:50:50 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 30.12.2012 8:50:50 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 6:37:29 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 31.12.2012 6:37:29 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 6:37:29 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 8:53:34 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 31.12.2012 8:53:34 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 8:53:34 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\saša\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,50 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 65,96% Memory free
2,10 Gb Paging File | 1,77 Gb Available in Paging File | 83,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,54 Gb Total Space | 17,92 Gb Free Space | 50,41% Space Free | Partition Type: NTFS
Drive K: | 113,50 Gb Total Space | 81,80 Gb Free Space | 72,06% Space Free | Partition Type: NTFS
Computer Name: N-41686FEFA1164 | User Name: saša | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TL-WN721N/TL-WN722N Driver
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{99DFA96E-68C8-48CC-B7A8-72FEF27F6CC1}" = ESET Smart Security
"{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BSPlayer1" = BSPlayer
"Call of Duty" = Call of Duty
"CCleaner" = CCleaner
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.5
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}" = Call of Duty - United Offensive
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"rajče.net_is1" = rajče průvodce verze 1.59.45.260
"Return to Castle Wolfenstein" = Return to Castle Wolfenstein
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.11 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5.12.2012 20:08:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 6.12.2012 4:33:57 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 4:29:05 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 5:29:50 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.3520, adresa chyby 0x00011daa.
Error - 7.12.2012 6:06:14 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul swkotor2.exe,
verze 2.0.0.0, adresa chyby 0x000b4b8d.
Error - 10.12.2012 4:08:51 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 11.12.2012 4:10:30 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:41:45 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:52:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 19.12.2012 9:23:52 | Computer Name = N-41686FEFA1164 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to unregister. HRESULT -2147220472. Contact your support personnel.
[ Application Events ]
Error - 5.12.2012 20:08:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 6.12.2012 4:33:57 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 4:29:05 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 7.12.2012 5:29:50 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.3520, adresa chyby 0x00011daa.
Error - 7.12.2012 6:06:14 | Computer Name = N-41686FEFA1164 | Source = Application Error | ID = 1000
Description = Chybující aplikace swkotor2.exe, verze 2.0.0.0, chybující modul swkotor2.exe,
verze 2.0.0.0, adresa chyby 0x000b4b8d.
Error - 10.12.2012 4:08:51 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 11.12.2012 4:10:30 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:41:45 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 12.12.2012 6:52:17 | Computer Name = N-41686FEFA1164 | Source = PandoraService.exe | ID = 0
Description =
Error - 19.12.2012 9:23:52 | Computer Name = N-41686FEFA1164 | Source = MsiInstaller | ID = 11905
Description = Product: SolutionCenter -- Error 1905. Module C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx
failed to unregister. HRESULT -2147220472. Contact your support personnel.
[ System Events ]
Error - 30.12.2012 8:46:18 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 30.12.2012 8:50:50 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 30.12.2012 8:50:50 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 30.12.2012 8:50:50 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 6:37:29 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 31.12.2012 6:37:29 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 6:37:29 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 8:53:34 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Video Capture neuspěla při spuštění v
důsledku následující chyby: %%1058
Error - 31.12.2012 8:53:34 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM TVTuner neuspěla při spuštění v důsledku
následující chyby: %%1058
Error - 31.12.2012 8:53:34 | Computer Name = N-41686FEFA1164 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast TV2000 XP WDM Crossbar neuspěla při spuštění v důsledku
následující chyby: %%1058
< End of report >
Re: Prosím o kontrolu logu, seká se pc
OTL logfile created on: 31.12.2012 13:58:02 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\saša\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,50 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 65,96% Memory free
2,10 Gb Paging File | 1,77 Gb Available in Paging File | 83,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,54 Gb Total Space | 17,92 Gb Free Space | 50,41% Space Free | Partition Type: NTFS
Drive K: | 113,50 Gb Total Space | 81,80 Gb Free Space | 72,06% Space Free | Partition Type: NTFS
Computer Name: N-41686FEFA1164 | User Name: saša | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.31 13:57:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
PRC - [2012.12.13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.11.28 14:05:15 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.11.26 13:34:12 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.11.26 13:34:02 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.19 15:30:33 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.12.12 13:42:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.28 14:05:15 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.11.26 13:34:12 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.12.27 16:48:33 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2012.12.27 16:45:44 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.10.08 08:21:08 | 000,149,568 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2012.10.08 08:21:08 | 000,121,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.10.08 08:21:08 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2012.10.08 08:21:08 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2012.10.08 08:21:06 | 000,159,832 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011.07.28 19:06:06 | 001,763,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2011.02.10 04:34:22 | 000,051,968 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2006.04.21 10:16:44 | 003,964,352 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2005.04.06 02:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.06 02:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.10.04 11:34:56 | 000,075,925 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848)
DRV - [2004.10.04 11:34:56 | 000,036,423 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr)
DRV - [2004.10.04 11:34:56 | 000,010,005 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.19 15:30:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.27 17:45:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.12.27 12:02:24 | 000,000,000 | ---D | M]
[2010.05.25 10:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Extensions
[2012.12.19 15:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Firefox\Profiles\wlrcba79.default\extensions
[2012.12.27 13:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.12.27 13:29:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.19 15:30:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.12.19 15:30:28 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.12.19 15:30:28 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.02 22:51:07 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.12.19 15:30:28 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.12.19 15:30:28 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.12.19 15:30:28 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2012.12.28 16:19:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 6607212562 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.228.45.254 91.228.46.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37C6DC6A-1D9E-4BBE-AB38-E2D71BDADE90}: DhcpNameServer = 91.228.45.254 91.228.46.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{584B5F11-7545-4F94-B5C3-AD522FA94466}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1ECEDC9-E90E-4886-9466-676E77C76FEA}: DhcpNameServer = 192.168.218.51 192.168.218.15
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.03 11:36:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.31 13:57:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
[2012.12.30 10:12:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.29 18:04:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Dokumenty\Stažené soubory
[2012.12.28 13:11:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.28 13:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.28 08:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\Malwarebytes
[2012.12.28 08:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2012.12.27 19:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2012.12.27 19:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.12.27 17:53:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\saša\Recent
[2012.12.27 17:46:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012.12.27 17:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2012.12.27 17:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.12.27 17:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.12.27 17:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012.12.27 17:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.12.27 17:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\DVD Decrypter
[2012.12.27 17:08:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2012.12.27 17:08:28 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2012.12.27 17:08:28 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012.12.27 17:08:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2012.12.27 17:08:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012.12.27 17:08:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012.12.27 17:08:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2012.12.27 17:08:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2012.12.27 17:08:27 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2012.12.27 17:08:27 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012.12.27 17:08:26 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2012.12.27 17:08:24 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2012.12.27 17:08:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2012.12.27 17:08:24 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2012.12.27 17:08:23 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2012.12.27 17:08:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2012.12.27 17:08:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2012.12.27 17:08:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2012.12.27 17:08:23 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2012.12.27 17:08:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2012.12.27 17:08:22 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2012.12.27 17:08:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2012.12.27 17:08:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2012.12.27 17:08:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2012.12.27 17:08:21 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2012.12.27 17:08:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2012.12.27 17:08:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2012.12.27 17:08:19 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2012.12.27 17:08:19 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2012.12.27 17:08:19 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2012.12.27 17:08:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2012.12.27 17:08:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2012.12.27 17:08:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2012.12.27 17:08:18 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2012.12.27 17:08:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2012.12.27 17:08:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2012.12.27 17:08:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2012.12.27 17:08:17 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2012.12.27 17:08:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2012.12.27 17:08:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2012.12.27 17:08:17 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2012.12.27 17:08:16 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2012.12.27 17:08:16 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2012.12.27 17:08:15 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2012.12.27 17:08:15 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2012.12.27 17:08:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2012.12.27 17:08:15 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2012.12.27 17:08:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2012.12.27 17:08:14 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2012.12.27 17:08:14 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2012.12.27 17:08:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2012.12.27 17:08:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2012.12.27 17:08:13 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2012.12.27 17:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Call of Duty - United Offensive
[2012.12.27 16:48:32 | 000,223,128 | ---- | C] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.12.27 16:45:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\saša\PrivacIE
[2012.12.27 16:39:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\saša\IETldCache
[2012.12.27 16:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Call of Duty
[2012.12.27 16:20:58 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.12.27 16:05:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.12.27 15:59:14 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.12.27 15:59:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.12.27 15:59:12 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.12.27 15:59:03 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012.12.27 15:59:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.12.27 15:55:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.12.27 15:54:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.12.27 15:22:35 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.12.27 15:22:03 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.12.27 15:21:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.12.27 15:20:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.12.27 15:19:37 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012.12.27 15:19:08 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.12.27 15:18:49 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012.12.27 15:18:30 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.12.27 15:18:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.12.27 14:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Warcraft III
[2012.12.27 14:50:32 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2012.12.27 14:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Return to Castle Wolfenstein
[2012.12.27 14:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Local Settings\Data aplikací\GHISLER
[2012.12.27 14:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Total Commander
[2012.12.27 14:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\GHISLER
[2012.12.27 13:54:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\saša\Dokumenty\Obrázky
[2012.12.27 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.12.27 13:40:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.12.27 13:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.12.27 13:30:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.12.27 13:30:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.12.27 13:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\rajce
[2012.12.27 13:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.12.27 13:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.12.27 13:23:48 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.12.27 12:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\WinRAR
[2012.12.27 12:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2012.12.27 12:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\WinRAR
[2012.12.27 12:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2012.12.27 12:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\TuneUp Software
[2012.12.27 12:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2012.12.27 12:18:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.12.27 12:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2012.12.27 11:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2012.12.25 14:02:43 | 000,000,000 | ---D | C] -- C:\25a3c092e2c903cfee698cfb1829
[2012.12.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.12.19 15:19:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Nástroje pro správu
[2012.12.07 14:39:45 | 001,763,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2012.12.07 14:39:45 | 001,763,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athuw.sys
[2012.12.07 14:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
========== Files - Modified Within 30 Days ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\saša\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,50 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 65,96% Memory free
2,10 Gb Paging File | 1,77 Gb Available in Paging File | 83,94% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 35,54 Gb Total Space | 17,92 Gb Free Space | 50,41% Space Free | Partition Type: NTFS
Drive K: | 113,50 Gb Total Space | 81,80 Gb Free Space | 72,06% Space Free | Partition Type: NTFS
Computer Name: N-41686FEFA1164 | User Name: saša | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.31 13:57:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
PRC - [2012.12.13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.11.28 14:05:15 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.11.26 13:34:12 | 001,329,304 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2012.11.26 13:34:02 | 005,074,384 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.19 15:30:33 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.12.12 13:42:30 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.28 14:05:15 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.11.26 13:34:12 | 001,329,304 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.12.27 16:48:33 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2012.12.27 16:45:44 | 000,642,560 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.10.08 08:21:08 | 000,149,568 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2012.10.08 08:21:08 | 000,121,216 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2012.10.08 08:21:08 | 000,062,512 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2012.10.08 08:21:08 | 000,040,376 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2012.10.08 08:21:06 | 000,159,832 | ---- | M] (ESET) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2011.07.28 19:06:06 | 001,763,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2011.02.10 04:34:22 | 000,051,968 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2006.04.21 10:16:44 | 003,964,352 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2005.04.06 02:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.06 02:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.10.04 11:34:56 | 000,075,925 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wf2kvcap.sys -- (BT848)
DRV - [2004.10.04 11:34:56 | 000,036,423 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wf2ktunr.sys -- (tv2ktunr)
DRV - [2004.10.04 11:34:56 | 000,010,005 | R--- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\wf2kXbar.sys -- (Tv2kXbar)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.19 15:30:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.27 17:45:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.12.27 12:02:24 | 000,000,000 | ---D | M]
[2010.05.25 10:48:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Extensions
[2012.12.19 15:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\saša\Data aplikací\Mozilla\Firefox\Profiles\wlrcba79.default\extensions
[2012.12.27 13:24:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.12.27 13:29:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.19 15:30:38 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.12.19 15:30:28 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.12.19 15:30:28 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.09.02 22:51:07 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.12.19 15:30:28 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.12.19 15:30:28 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.12.19 15:30:28 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2012.12.28 16:19:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 6607212562 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.228.45.254 91.228.46.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37C6DC6A-1D9E-4BBE-AB38-E2D71BDADE90}: DhcpNameServer = 91.228.45.254 91.228.46.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{584B5F11-7545-4F94-B5C3-AD522FA94466}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1ECEDC9-E90E-4886-9466-676E77C76FEA}: DhcpNameServer = 192.168.218.51 192.168.218.15
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.07.03 11:36:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.31 13:57:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
[2012.12.30 10:12:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.29 18:04:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Dokumenty\Stažené soubory
[2012.12.28 13:11:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.12.28 13:05:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.12.28 08:41:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\Malwarebytes
[2012.12.28 08:39:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2012.12.27 19:02:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2012.12.27 19:02:17 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2012.12.27 17:53:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\saša\Recent
[2012.12.27 17:46:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2012.12.27 17:45:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2012.12.27 17:45:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.12.27 17:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.12.27 17:44:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2012.12.27 17:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.12.27 17:38:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\DVD Decrypter
[2012.12.27 17:08:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2012.12.27 17:08:28 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2012.12.27 17:08:28 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2012.12.27 17:08:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2012.12.27 17:08:28 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012.12.27 17:08:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012.12.27 17:08:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2012.12.27 17:08:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2012.12.27 17:08:27 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2012.12.27 17:08:27 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012.12.27 17:08:26 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qedit.dll
[2012.12.27 17:08:24 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2012.12.27 17:08:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2012.12.27 17:08:24 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2012.12.27 17:08:23 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2012.12.27 17:08:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2012.12.27 17:08:23 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2012.12.27 17:08:23 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2012.12.27 17:08:23 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2012.12.27 17:08:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2012.12.27 17:08:22 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2012.12.27 17:08:22 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2012.12.27 17:08:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2012.12.27 17:08:22 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2012.12.27 17:08:21 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2012.12.27 17:08:20 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2012.12.27 17:08:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2012.12.27 17:08:19 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2012.12.27 17:08:19 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2012.12.27 17:08:19 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2012.12.27 17:08:19 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2012.12.27 17:08:19 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2012.12.27 17:08:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2012.12.27 17:08:18 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2012.12.27 17:08:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2012.12.27 17:08:18 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2012.12.27 17:08:18 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2012.12.27 17:08:17 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2012.12.27 17:08:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2012.12.27 17:08:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2012.12.27 17:08:17 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2012.12.27 17:08:16 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2012.12.27 17:08:16 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2012.12.27 17:08:15 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2012.12.27 17:08:15 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2012.12.27 17:08:15 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2012.12.27 17:08:15 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2012.12.27 17:08:15 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2012.12.27 17:08:14 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2012.12.27 17:08:14 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2012.12.27 17:08:14 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2012.12.27 17:08:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2012.12.27 17:08:13 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2012.12.27 17:06:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Call of Duty - United Offensive
[2012.12.27 16:48:32 | 000,223,128 | ---- | C] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.12.27 16:45:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\saša\PrivacIE
[2012.12.27 16:39:04 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\saša\IETldCache
[2012.12.27 16:30:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Call of Duty
[2012.12.27 16:20:58 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012.12.27 16:05:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012.12.27 15:59:14 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012.12.27 15:59:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012.12.27 15:59:12 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012.12.27 15:59:03 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012.12.27 15:59:03 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012.12.27 15:55:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.12.27 15:54:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.12.27 15:22:35 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2012.12.27 15:22:03 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2012.12.27 15:21:04 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2012.12.27 15:20:04 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2012.12.27 15:19:37 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2012.12.27 15:19:08 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2012.12.27 15:18:49 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2012.12.27 15:18:30 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2012.12.27 15:18:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2012.12.27 14:50:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Warcraft III
[2012.12.27 14:50:32 | 000,139,264 | ---- | C] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2012.12.27 14:28:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Return to Castle Wolfenstein
[2012.12.27 14:11:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Local Settings\Data aplikací\GHISLER
[2012.12.27 14:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Total Commander
[2012.12.27 14:00:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\GHISLER
[2012.12.27 13:54:50 | 000,000,000 | R--D | C] -- C:\Documents and Settings\saša\Dokumenty\Obrázky
[2012.12.27 13:54:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.12.27 13:40:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2012.12.27 13:40:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.12.27 13:34:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.12.27 13:30:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.12.27 13:30:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.12.27 13:24:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\rajce
[2012.12.27 13:24:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.12.27 13:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.12.27 13:23:48 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.12.27 12:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\WinRAR
[2012.12.27 12:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
[2012.12.27 12:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\WinRAR
[2012.12.27 12:24:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
[2012.12.27 12:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\TuneUp Software
[2012.12.27 12:18:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2012.12.27 12:18:52 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.12.27 12:15:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:03:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\saša\Data aplikací\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ESET
[2012.12.27 12:02:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2012.12.27 11:13:43 | 000,000,000 | ---D | C] -- C:\Program Files\EaseUS
[2012.12.25 14:02:43 | 000,000,000 | ---D | C] -- C:\25a3c092e2c903cfee698cfb1829
[2012.12.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2012.12.19 15:19:00 | 000,000,000 | R--D | C] -- C:\Documents and Settings\saša\Nabídka Start\Programy\Nástroje pro správu
[2012.12.07 14:39:45 | 001,763,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\drivers\athuw.sys
[2012.12.07 14:39:45 | 001,763,584 | ---- | C] (Atheros Communications, Inc.) -- C:\WINDOWS\System32\athuw.sys
[2012.12.07 14:39:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
========== Files - Modified Within 30 Days ==========
Re: Prosím o kontrolu logu, seká se pc
[2012.12.31 13:57:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\saša\Plocha\OTL.exe
[2012.12.31 13:53:20 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.12.31 13:53:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.31 13:53:10 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 11:40:15 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Excel 2003.lnk
[2012.12.30 13:50:25 | 000,225,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.28 16:19:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.28 13:11:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.28 10:03:10 | 000,550,017 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\adwcleaner.exe
[2012.12.28 08:43:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.12.27 19:03:20 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\CrystalDiskInfo.lnk
[2012.12.27 18:38:44 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Dokumenty.lnk
[2012.12.27 18:27:42 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Zástupce - Internet Explorer.lnk
[2012.12.27 17:58:53 | 000,002,100 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Word 2003 (2).lnk
[2012.12.27 17:47:25 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.12.27 17:38:49 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\DVD Decrypter.lnk
[2012.12.27 17:06:58 | 000,000,367 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty - United Offensive Single Player.lnk
[2012.12.27 17:06:56 | 000,000,309 | ---- | M] () -- C:\WINDOWS\CoDUO.INI
[2012.12.27 17:02:08 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.12.27 17:02:07 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\saša\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.27 16:57:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.27 16:48:33 | 000,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.12.27 16:45:44 | 000,096,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd6861.sys
[2012.12.27 16:30:11 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Call of Duty Single Player.lnk
[2012.12.27 16:30:09 | 000,000,705 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2012.12.27 16:18:14 | 000,000,635 | ---- | M] () -- C:\WINDOWS\Rtcw.INI
[2012.12.27 15:48:37 | 000,048,052 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2012.12.27 15:48:36 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Frozen Throne.lnk
[2012.12.27 15:48:21 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2012.12.27 15:48:20 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2012.12.27 15:08:44 | 000,000,627 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Warcraft III.lnk
[2012.12.27 14:28:54 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Wolfenstein (Single Player).lnk
[2012.12.27 14:00:55 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Total Commander.lnk
[2012.12.27 13:58:40 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.27 13:58:40 | 000,309,716 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.12.27 13:58:40 | 000,046,016 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.12.27 13:58:40 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.27 13:54:54 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.12.27 13:34:16 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2012.12.27 13:24:21 | 000,000,508 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\rajče průvodce.lnk
[2012.12.27 13:24:08 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.27 11:21:49 | 000,001,207 | -H-- | M] () -- C:\WINDOWS\EPMBatch.ept
[2012.12.19 15:23:09 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012.12.19 14:33:07 | 000,001,329 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Nero.lnk
[2012.12.19 14:24:18 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012.12.12 13:42:29 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.12.12 13:42:29 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2012.12.28 13:11:13 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.28 13:11:11 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.12.28 10:03:06 | 000,550,017 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\adwcleaner.exe
[2012.12.28 08:43:52 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.12.27 19:03:20 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\CrystalDiskInfo.lnk
[2012.12.27 18:38:44 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Dokumenty.lnk
[2012.12.27 18:35:25 | 000,002,517 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Excel 2003.lnk
[2012.12.27 18:27:42 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Zástupce - Internet Explorer.lnk
[2012.12.27 17:58:53 | 000,002,100 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Word 2003 (2).lnk
[2012.12.27 17:47:24 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.12.27 17:38:49 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\DVD Decrypter.lnk
[2012.12.27 17:08:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012.12.27 17:08:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012.12.27 17:08:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012.12.27 17:08:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012.12.27 17:08:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012.12.27 17:08:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012.12.27 17:08:26 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2012.12.27 17:08:25 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2012.12.27 17:08:24 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2012.12.27 17:08:24 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2012.12.27 17:08:24 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2012.12.27 17:06:58 | 000,000,367 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty - United Offensive Single Player.lnk
[2012.12.27 16:57:55 | 000,000,309 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2012.12.27 16:45:44 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd6861.sys
[2012.12.27 16:30:11 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Call of Duty Single Player.lnk
[2012.12.27 16:21:57 | 000,000,705 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2012.12.27 15:48:36 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Frozen Throne.lnk
[2012.12.27 15:18:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.12.27 15:18:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.12.27 15:08:44 | 000,000,627 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Warcraft III.lnk
[2012.12.27 14:50:34 | 000,048,052 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2012.12.27 14:50:33 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2012.12.27 14:28:54 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Wolfenstein (Single Player).lnk
[2012.12.27 14:22:35 | 000,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2012.12.27 14:00:55 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Total Commander.lnk
[2012.12.27 13:24:21 | 000,000,508 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\rajče průvodce.lnk
[2012.12.27 13:24:08 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.27 12:13:07 | 1610,141,696 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.27 11:19:55 | 000,001,207 | -H-- | C] () -- C:\WINDOWS\EPMBatch.ept
[2012.12.19 15:30:41 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2012.12.19 14:33:07 | 000,001,329 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Nero.lnk
[2012.12.19 14:24:18 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2012.12.07 14:39:45 | 000,045,171 | ---- | C] () -- C:\WINDOWS\System32\netathuw.inf
[2012.12.07 14:39:45 | 000,008,818 | ---- | C] () -- C:\WINDOWS\System32\netathuw.cat
[2008.03.12 22:31:43 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\saša\default.pls
[2008.03.02 16:36:11 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\saša\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.29 22:08:28 | 000,001,240 | ---- | C] () -- C:\Documents and Settings\saša\Data aplikací\wklnhst.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.10.31 12:32:37 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\sata_ide\nvata.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\sata_ide\nvata.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: NVATABUS.SYS >
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\legacy\nvatabus.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\sataraid\nvatabus.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\legacy\nvatabus.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\legacy\nvraid.sys
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\sataraid\nvraid.sys
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\legacy\nvraid.sys
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\sataraid\nvraid.sys
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\Macromed\Flash\*.tmp files -> C:\WINDOWS\system32\Macromed\Flash\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.12.09 19:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Adobe
[2008.12.23 16:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Ahead
[2012.12.27 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\ESET
[2012.12.27 14:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\GHISLER
[2008.04.14 15:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\HP
[2006.07.03 11:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Identities
[2008.05.02 23:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Macromedia
[2012.12.28 08:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Malwarebytes
[2012.12.27 18:18:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\saša\Data aplikací\Microsoft
[2010.05.25 10:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Mozilla
[2008.03.12 20:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Nero
[2010.01.20 17:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\OpenOffice.org
[2012.11.29 22:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Opera
[2012.12.27 13:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Skype
[2012.11.17 12:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\skypePM
[2010.05.25 10:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Sun
[2008.03.04 19:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Template
[2012.12.27 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\TuneUp Software
[2012.12.27 12:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.12.27 16:45:44 | 000,642,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2012.12.27 16:45:44 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd6861.sys
< %systemroot%\System32\config\*.sav >
[2006.07.03 13:26:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.07.03 13:26:11 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.07.03 13:26:11 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.12.30 13:50:25 | 000,225,616 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.12.31 13:53:20 | 000,063,804 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.11.09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
========== Files - Unicode (All) ==========
[2008.03.12 20:40:13 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacᅢᆳ
[2008.03.12 20:40:13 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacᅢᆳ
(C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacᅢᆳ
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
[2012.12.31 13:53:20 | 000,063,804 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012.12.31 13:53:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.31 13:53:10 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 11:40:15 | 000,002,517 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Excel 2003.lnk
[2012.12.30 13:50:25 | 000,225,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.28 16:19:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.28 13:11:13 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.12.28 10:03:10 | 000,550,017 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\adwcleaner.exe
[2012.12.28 08:43:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.12.27 19:03:20 | 000,001,643 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\CrystalDiskInfo.lnk
[2012.12.27 18:38:44 | 000,000,568 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Dokumenty.lnk
[2012.12.27 18:27:42 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Zástupce - Internet Explorer.lnk
[2012.12.27 17:58:53 | 000,002,100 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Word 2003 (2).lnk
[2012.12.27 17:47:25 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012.12.27 17:38:49 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\DVD Decrypter.lnk
[2012.12.27 17:06:58 | 000,000,367 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty - United Offensive Single Player.lnk
[2012.12.27 17:06:56 | 000,000,309 | ---- | M] () -- C:\WINDOWS\CoDUO.INI
[2012.12.27 17:02:08 | 000,000,202 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.12.27 17:02:07 | 000,033,792 | ---- | M] () -- C:\Documents and Settings\saša\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.27 16:57:02 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.27 16:48:33 | 000,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2012.12.27 16:45:44 | 000,096,384 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd6861.sys
[2012.12.27 16:30:11 | 000,000,477 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Call of Duty Single Player.lnk
[2012.12.27 16:30:09 | 000,000,705 | ---- | M] () -- C:\WINDOWS\CoD.INI
[2012.12.27 16:18:14 | 000,000,635 | ---- | M] () -- C:\WINDOWS\Rtcw.INI
[2012.12.27 15:48:37 | 000,048,052 | ---- | M] () -- C:\WINDOWS\War3Unin.dat
[2012.12.27 15:48:36 | 000,000,632 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Frozen Throne.lnk
[2012.12.27 15:48:21 | 000,002,829 | ---- | M] () -- C:\WINDOWS\War3Unin.pif
[2012.12.27 15:48:20 | 000,139,264 | ---- | M] (Blizzard Entertainment) -- C:\WINDOWS\War3Unin.exe
[2012.12.27 15:08:44 | 000,000,627 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Warcraft III.lnk
[2012.12.27 14:28:54 | 000,000,573 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Wolfenstein (Single Player).lnk
[2012.12.27 14:00:55 | 000,000,566 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Total Commander.lnk
[2012.12.27 13:58:40 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.12.27 13:58:40 | 000,309,716 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.12.27 13:58:40 | 000,046,016 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.12.27 13:58:40 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.12.27 13:54:54 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.12.27 13:34:16 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2012.12.27 13:24:21 | 000,000,508 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\rajče průvodce.lnk
[2012.12.27 13:24:08 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.27 11:21:49 | 000,001,207 | -H-- | M] () -- C:\WINDOWS\EPMBatch.ept
[2012.12.19 15:23:09 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2012.12.19 14:33:07 | 000,001,329 | ---- | M] () -- C:\Documents and Settings\saša\Plocha\Nero.lnk
[2012.12.19 14:24:18 | 000,000,040 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012.12.12 13:42:29 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.12.12 13:42:29 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2012.12.28 13:11:13 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.12.28 13:11:11 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2012.12.28 10:03:06 | 000,550,017 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\adwcleaner.exe
[2012.12.28 08:43:52 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.12.27 19:03:20 | 000,001,643 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\CrystalDiskInfo.lnk
[2012.12.27 18:38:44 | 000,000,568 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Dokumenty.lnk
[2012.12.27 18:35:25 | 000,002,517 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Excel 2003.lnk
[2012.12.27 18:27:42 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Zástupce - Internet Explorer.lnk
[2012.12.27 17:58:53 | 000,002,100 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Microsoft Office Word 2003 (2).lnk
[2012.12.27 17:47:24 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.12.27 17:38:49 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\DVD Decrypter.lnk
[2012.12.27 17:08:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2012.12.27 17:08:29 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012.12.27 17:08:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2012.12.27 17:08:29 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012.12.27 17:08:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2012.12.27 17:08:28 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012.12.27 17:08:26 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2012.12.27 17:08:25 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2012.12.27 17:08:24 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2012.12.27 17:08:24 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2012.12.27 17:08:24 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2012.12.27 17:06:58 | 000,000,367 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Call of Duty - United Offensive Single Player.lnk
[2012.12.27 16:57:55 | 000,000,309 | ---- | C] () -- C:\WINDOWS\CoDUO.INI
[2012.12.27 16:45:44 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd6861.sys
[2012.12.27 16:30:11 | 000,000,477 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Call of Duty Single Player.lnk
[2012.12.27 16:21:57 | 000,000,705 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2012.12.27 15:48:36 | 000,000,632 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Frozen Throne.lnk
[2012.12.27 15:18:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.12.27 15:18:29 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.12.27 15:08:44 | 000,000,627 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Warcraft III.lnk
[2012.12.27 14:50:34 | 000,048,052 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2012.12.27 14:50:33 | 000,002,829 | ---- | C] () -- C:\WINDOWS\War3Unin.pif
[2012.12.27 14:28:54 | 000,000,573 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Wolfenstein (Single Player).lnk
[2012.12.27 14:22:35 | 000,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2012.12.27 14:00:55 | 000,000,566 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Total Commander.lnk
[2012.12.27 13:24:21 | 000,000,508 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\rajče průvodce.lnk
[2012.12.27 13:24:08 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.12.27 12:13:07 | 1610,141,696 | -HS- | C] () -- C:\hiberfil.sys
[2012.12.27 11:19:55 | 000,001,207 | -H-- | C] () -- C:\WINDOWS\EPMBatch.ept
[2012.12.19 15:30:41 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2012.12.19 14:33:07 | 000,001,329 | ---- | C] () -- C:\Documents and Settings\saša\Plocha\Nero.lnk
[2012.12.19 14:24:18 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\_rgpl
[2012.12.07 14:39:45 | 000,045,171 | ---- | C] () -- C:\WINDOWS\System32\netathuw.inf
[2012.12.07 14:39:45 | 000,008,818 | ---- | C] () -- C:\WINDOWS\System32\netathuw.cat
[2008.03.12 22:31:43 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\saša\default.pls
[2008.03.02 16:36:11 | 000,033,792 | ---- | C] () -- C:\Documents and Settings\saša\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.29 22:08:28 | 000,001,240 | ---- | C] () -- C:\Documents and Settings\saša\Data aplikací\wklnhst.dat
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.10.31 12:32:37 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2012.12.27 13:30:00 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: NVATA.SYS >
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\sata_ide\nvata.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\sata_ide\nvata.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvata.sys
< MD5 for: NVATABUS.SYS >
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\legacy\nvatabus.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\sataraid\nvatabus.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\legacy\nvatabus.sys
[2005.08.18 16:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\sataraid\nvatabus.sys
< MD5 for: NVRAID.SYS >
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\legacy\nvraid.sys
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\Win2K\sataraid\nvraid.sys
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\legacy\nvraid.sys
[2005.08.18 16:52:08 | 000,077,056 | ---- | M] (NVIDIA Corporation) MD5=A4F2A29B9D40F9FFBBB54E56CE483797 -- C:\NVIDIA\nForceWin2KXP\8.22\IDE\WinXP\sataraid\nvraid.sys
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\Macromed\Flash\*.tmp files -> C:\WINDOWS\system32\Macromed\Flash\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.12.09 19:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Adobe
[2008.12.23 16:00:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Ahead
[2012.12.27 12:17:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\DAEMON Tools Lite
[2012.12.27 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\ESET
[2012.12.27 14:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\GHISLER
[2008.04.14 15:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\HP
[2006.07.03 11:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Identities
[2008.05.02 23:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Macromedia
[2012.12.28 08:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Malwarebytes
[2012.12.27 18:18:43 | 000,000,000 | --SD | M] -- C:\Documents and Settings\saša\Data aplikací\Microsoft
[2010.05.25 10:48:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Mozilla
[2008.03.12 20:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Nero
[2010.01.20 17:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\OpenOffice.org
[2012.11.29 22:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Opera
[2012.12.27 13:26:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Skype
[2012.11.17 12:31:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\skypePM
[2010.05.25 10:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Sun
[2008.03.04 19:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\Template
[2012.12.27 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\TuneUp Software
[2012.12.27 12:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\saša\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.12.27 16:45:44 | 000,642,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2012.12.27 16:45:44 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd6861.sys
< %systemroot%\System32\config\*.sav >
[2006.07.03 13:26:11 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006.07.03 13:26:11 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.07.03 13:26:11 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.12.30 13:50:25 | 000,225,616 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.12.31 13:53:20 | 000,063,804 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.11.09 11:27:12 | 017,877,168 | R--- | M] (Skype Technologies S.A.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...
< >
< type c:\boot.ini >> test.txt /c >
No captured output from command...
< %SystemDrive%\PhysicalMBR.bin /md5 >
========== Files - Unicode (All) ==========
[2008.03.12 20:40:13 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacᅢᆳ
[2008.03.12 20:40:13 | 000,000,000 | ---D | M](C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacᅢᆳ
(C:\Documents and Settings\All Users\data aplikac??) -- C:\Documents and Settings\All Users\data aplikacᅢᆳ
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
Re: Prosím o kontrolu logu, seká se pc
MbAM jsem odinstaloval, ESET taky a ten AVG jsem odinstaloval jeste pred zasláním dotazu na forum, asi tam nekde zustal neodinstalovany ale v ovladacich panelech/přidat odebrat jej nemám :( jak s nim pryč?
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, seká se pc
Verze pro 32 bit OS: http://download.avg.com/filedir/util/av ... 3_2706.exe
Verze pro 64 bit OS: http://download.avg.com/filedir/util/av ... 3_2706.exe
Verze pro 64 bit OS: http://download.avg.com/filedir/util/av ... 3_2706.exe
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu, seká se pc
V pc stale nejde zobrazit spravce zařízení.... bylo by řešením obnovit nastavení k nějakému datu?
- Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, seká se pc
To je sice možný, ale ta záloha by mohla být taky nakažená a budem čistit znovu. :/
Láska hřeje, ale uhlí je uhlí.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.

Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu logu, seká se pc
Tak nejaký jiný návrh???
Re: Prosím o kontrolu logu, seká se pc
Nový problém... při instalaci antiviru nelza spustit firewall antiviru zkoušel jsem již dva....
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu, seká se pc
Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe
ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 114 hostů