DObrý den prosím o pomoc, notebook je celkově zpomalený start, oevírání oken či prohlížení internetových stránek je nadlidský úkon.
zde je log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by ADMIN at 2012-04-14 11:05:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (48%) free of 33 GB
Total RAM: 383 MB (4% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:05:41, on 14.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ7.1\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\ADMIN\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\ADMIN.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10y_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
End of file - 8574 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "toolbar@ask.com:3.14.0.100010, Cetrumcz@igeared:1.203.023.002, engine@conduit.com:3.2.5.2, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
prefs.js - "keyword.URL" - "http://search.centrum.cz/index.php?tool ... m-1.0.0&q="
"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\
toolbar@ask.com
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2010-11-29 3908192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2010-11-29 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2005-07-28 102400]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-05-31 344064]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-09-23 860160]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-05-11 708697]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2011-01-05 133432]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil10y_Plugin.exe [2011-11-27 243872]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.1\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-05-31 46080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-04-14 11:05:25 ----D---- C:\Program Files\trend micro
2012-04-14 11:05:17 ----D---- C:\rsit
2012-04-14 10:14:04 ----D---- C:\WINDOWS\Prefetch
2012-04-14 10:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2012-04-14 10:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2012-04-14 10:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2012-04-14 10:08:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2012-04-14 10:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2012-04-14 10:08:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2012-04-14 10:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2012-04-14 10:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-04-14 10:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2012-04-14 10:07:49 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2012-04-14 10:07:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2012-04-14 10:07:35 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2012-04-14 10:07:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2012-04-14 10:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2012-04-14 10:07:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2012-04-14 10:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2012-04-14 10:06:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2012-04-14 10:06:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2012-04-14 10:06:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2012-04-14 10:06:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2012-04-14 10:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2012-04-14 10:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-04-14 10:06:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2012-04-14 10:05:56 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2012-04-14 10:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2012-04-14 10:05:41 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2012-04-14 10:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2012-04-14 10:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2012-04-14 10:05:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-04-14 10:05:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2012-04-14 10:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2012-04-14 10:04:55 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2012-04-14 10:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2012-04-14 10:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2012-04-14 10:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2012-04-14 10:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2012-04-14 10:04:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-04-14 10:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-04-14 10:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2012-04-14 10:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2012-04-14 10:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2012-04-14 10:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-04-14 10:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2012-04-14 10:03:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2012-04-14 10:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2012-04-14 10:02:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2012-04-14 10:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2012-04-14 10:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2012-04-14 10:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2012-04-14 10:02:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2012-04-14 10:02:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2012-04-14 10:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2012-04-14 10:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2012-04-14 10:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2012-04-14 10:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2012-04-14 10:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2012-04-14 10:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2012-04-14 10:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2012-04-14 10:01:06 ----D---- C:\WINDOWS\LastGood.Tmp
2012-04-14 09:55:20 ----D---- C:\WINDOWS\l2schemas
2012-04-14 09:55:19 ----D---- C:\WINDOWS\system32\cs
2012-04-14 09:55:18 ----D---- C:\WINDOWS\system32\bits
2012-04-14 09:48:22 ----D---- C:\WINDOWS\network diagnostic
2012-04-14 09:41:45 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2012-04-14 09:41:37 ----D---- C:\WINDOWS\EHome
2012-03-24 16:14:46 ----D---- C:\Program Files\Common Files\Skype
2012-03-24 16:13:35 ----D---- C:\Program Files\Skype
======List of files/folders modified in the last 1 month======
2012-04-14 11:05:25 ----RD---- C:\Program Files
2012-04-14 10:53:52 ----D---- C:\Documents and Settings\ADMIN\Data aplikací\Skype
2012-04-14 10:29:00 ----D---- C:\WINDOWS\Temp
2012-04-14 10:25:59 ----HD---- C:\WINDOWS\inf
2012-04-14 10:24:15 ----D---- C:\WINDOWS\system32
2012-04-14 10:21:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-14 10:16:04 ----A---- C:\WINDOWS\OEWABLog.txt
2012-04-14 10:15:37 ----D---- C:\WINDOWS
2012-04-14 10:15:20 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-14 10:13:15 ----A---- C:\WINDOWS\setuplog.txt
2012-04-14 10:12:28 ----D---- C:\WINDOWS\system32\Setup
2012-04-14 10:12:28 ----D---- C:\WINDOWS\AppPatch
2012-04-14 10:12:27 ----D---- C:\WINDOWS\system32\wbem
2012-04-14 10:12:25 ----RSD---- C:\WINDOWS\Fonts
2012-04-14 10:12:15 ----D---- C:\WINDOWS\system32\drivers
2012-04-14 10:11:40 ----D---- C:\WINDOWS\security
2012-04-14 10:11:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-14 10:09:32 ----D---- C:\WINDOWS\system32\CatRoot
2012-04-14 10:09:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-14 10:07:59 ----D---- C:\Program Files\Outlook Express
2012-04-14 10:07:12 ----D---- C:\Program Files\Movie Maker
2012-04-14 10:01:33 ----D---- C:\Program Files\Messenger
2012-04-14 09:56:13 ----D---- C:\WINDOWS\WinSxS
2012-04-14 09:56:03 ----D---- C:\Program Files\Windows Media Player
2012-04-14 09:56:02 ----D---- C:\WINDOWS\Help
2012-04-14 09:55:47 ----D---- C:\WINDOWS\ime
2012-04-14 09:55:23 ----D---- C:\WINDOWS\system32\cs-CZ
2012-04-14 09:55:22 ----D---- C:\WINDOWS\system32\usmt
2012-04-14 09:55:20 ----D---- C:\Program Files\Internet Explorer
2012-04-14 09:55:19 ----SHD---- C:\WINDOWS\Installer
2012-04-14 09:55:18 ----D---- C:\WINDOWS\PeerNet
2012-04-14 09:51:26 ----D---- C:\WINDOWS\ServicePackFiles
2012-04-14 09:51:16 ----D---- C:\WINDOWS\system32\Restore
2012-04-14 09:51:16 ----D---- C:\WINDOWS\system32\npp
2012-04-14 09:51:14 ----D---- C:\WINDOWS\msagent
2012-04-14 09:51:13 ----D---- C:\WINDOWS\srchasst
2012-04-14 09:51:12 ----D---- C:\Program Files\NetMeeting
2012-04-14 09:51:10 ----D---- C:\WINDOWS\system32\Com
2012-04-14 09:51:07 ----D---- C:\Program Files\Windows NT
2012-04-14 09:51:02 ----D---- C:\Program Files\Common Files\System
2012-04-14 09:50:32 ----D---- C:\WINDOWS\system32\oobe
2012-04-14 09:50:30 ----D---- C:\WINDOWS\system
2012-04-14 09:46:21 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-04-14 09:35:30 ----D---- C:\Documents and Settings\ADMIN\Data aplikací\ICQ
2012-04-14 09:14:45 ----D---- C:\WINDOWS\Debug
2012-03-29 03:02:04 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-24 16:14:46 ----D---- C:\Program Files\Common Files
2012-03-24 16:13:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-03-20 16:47:17 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2004-12-06 51328]
R0 risdptsk;risdptsk; C:\WINDOWS\system32\DRIVERS\risdptsk.sys [2005-04-18 27136]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-14 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2010-06-13 15781]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-04 127872]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-05-31 1198080]
R3 BCM43XX;ASUS 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-02-11 371712]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-05-23 1034752]
R3 HSFHWATI;HSFHWATI; C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2005-05-23 216832]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-08-09 70144]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-01 392704]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-08-03 221376]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-05-11 189664]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-23 716288]
S3 arxip011;arxip011; C:\WINDOWS\system32\drivers\arxip011.sys []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-14 88960]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-05-31 368640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Celkově zpomalené PC
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Re: Celkově zpomalené PC
Zdravim 
S tou RAMkou to nebude nikdy zadny blesk. Ale nejaky ten binec tam vidim. Kontrola bude nejakou dobu trvat
S tou RAMkou to nebude nikdy zadny blesk. Ale nejaky ten binec tam vidim. Kontrola bude nejakou dobu trvat
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Celkově zpomalené PC
jj to chapu ale dřive to jelo celkem dostatečně
Re: Celkově zpomalené PC
Tak uvidime
Najdete tento soubor C:\Program Files\trend micro\ADMIN.exe a spustte ho.
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko
Kliknete na nápis Fix checked a potvrdte
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem files)
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Najdete tento soubor C:\Program Files\trend micro\ADMIN.exe a spustte ho.Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem files)
Kód: Vybrat vše
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Program Files\Ask.com
C:\Program Files\ConduitEngine
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\searchplugins\conduit.xml
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D5D47440-0750-463D-BAEF-A47D02414806}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"HP Software Update"=-
""=-
"ApnUpdater"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=-
"Skype"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
:services
SkypeUpdate
McComponentHostService
:commands
[RESETHOSTS]
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Celkově zpomalené PC
provedeno log zde:
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002597_.tmp moved successfully.
C:\WINDOWS\LastGood.Tmp\INF folder moved successfully.
C:\WINDOWS\LastGood.Tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ConduitEngine folder moved successfully.
File/Folder C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk not found.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-27-Apr-2011-14-26-23-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-25-May-2011-17-02-03-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Mar-2011-17-27-08-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-06-Sep-2011-13-31-22-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-06-Oct-2011-12-55-10-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-31-Jul-2011-11-55-35-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-17-Oct-2010-13-11-01-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-31-Dec-2011-09-27-01-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-26-Jun-2010-09-15-43-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Sep-2005-23-25-13-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-07-Nov-2011-14-30-04-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-07-Nov-2011-14-07-00-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-25-Mar-2011-15-12-46-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\searchplugins\conduit.xml moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: ADMIN
->Temp folder emptied: 905854622 bytes
->Temporary Internet Files folder emptied: 194690917 bytes
->FireFox cache emptied: 78075054 bytes
->Flash cache emptied: 37284 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 313479 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35761108 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 153524730 bytes
Total Files Cleaned = 1 305,00 mb
[EMPTYFLASH]
User: ADMIN
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.19.0 log created on 04142012_121749
Files moved on Reboot...
File C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002597_.tmp moved successfully.
C:\WINDOWS\LastGood.Tmp\INF folder moved successfully.
C:\WINDOWS\LastGood.Tmp folder moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ConduitEngine folder moved successfully.
File/Folder C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk not found.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\logs folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\datastore folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-27-Apr-2011-14-26-23-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-25-May-2011-17-02-03-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-15-Mar-2011-17-27-08-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Tue-06-Sep-2011-13-31-22-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-06-Oct-2011-12-55-10-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-31-Jul-2011-11-55-35-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-17-Oct-2010-13-11-01-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-31-Dec-2011-09-27-01-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-26-Jun-2010-09-15-43-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-19-Sep-2005-23-25-13-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-07-Nov-2011-14-30-04-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-07-Nov-2011-14-07-00-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-25-Mar-2011-15-12-46-GMT folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\temp folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\toolbar@ask.com folder moved successfully.
C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\searchplugins\conduit.xml moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: ADMIN
->Temp folder emptied: 905854622 bytes
->Temporary Internet Files folder emptied: 194690917 bytes
->FireFox cache emptied: 78075054 bytes
->Flash cache emptied: 37284 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 313479 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 35761108 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 153524730 bytes
Total Files Cleaned = 1 305,00 mb
[EMPTYFLASH]
User: ADMIN
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.19.0 log created on 04142012_121749
Files moved on Reboot...
File C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!
Registry entries deleted on Reboot...
Re: Celkově zpomalené PC
Pc nabehlo o poznani rychleji jen mam takový pocit jako by ten internet brzdil prave avast kdyz jsem ted vypnul stit tak to nabiha normalne.
Re: Celkově zpomalené PC
OTM odvedlo dobrou praci. Avast samozrejme internet brzdi, jako kazdy antivir. Protoze to kontroluje. Zalezi jak moc pomale to je.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Celkově zpomalené PC
Preventivne, jestli tam nahodou neco nelezi, co v logu neni videt
Udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a pokud neco najde, dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Udelejte uplnou kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a pokud neco najde, dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Celkově zpomalené PC
kdyz dam refresh stranek s avastem tak to trva temer dvacet vterin,nova stranka se otevira necelou miutu
Re: Celkově zpomalené PC
Tak to nebude normalni. A bez nej? Udelejte ten sken s MBAM a pak jeste mrkneme podrobneji na ty prohlizece pomoci OTL
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Celkově zpomalené PC
beznej to jde prave normalne scan mbam uz jede
Re: Celkově zpomalené PC
mbam je cistej
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.04.14.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
ADMIN :: LEXX-974C32800E [administrátor]
Ochrana: Povolena
14.4.2012 12:41:54
mbam-log-2012-04-14 (12-41-54).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216671
Uplynulý čas: 1 hodin, 30 minut, 36 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.04.14.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
ADMIN :: LEXX-974C32800E [administrátor]
Ochrana: Povolena
14.4.2012 12:41:54
mbam-log-2012-04-14 (12-41-54).txt
Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 216671
Uplynulý čas: 1 hodin, 30 minut, 36 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Celkově zpomalené PC
OK, MBAM zase odinstalujte, at zbytecne nezere pamet.
Vycistete pc CCleanerem
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Potom pouzijte OTL
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Vycistete pc CCleanerem
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Potom pouzijte OTL
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /sPo skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Celkově zpomalené PC
otl:
OTL logfile created on: 14.4.2012 19:38:55 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\ADMIN\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
383,36 Mb Total Physical Memory | 73,71 Mb Available Physical Memory | 19,23% Memory free
919,90 Mb Paging File | 591,44 Mb Available in Paging File | 64,29% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,23 Gb Total Space | 16,69 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
Drive E: | 21,79 Gb Total Space | 21,70 Gb Free Space | 99,58% Space Free | Partition Type: NTFS
Computer Name: LEXX-974C32800E | User Name: ADMIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.14 19:37:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTL.exe
PRC - [2012.03.20 16:43:14 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.07.28 15:29:32 | 000,102,400 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2005.07.05 16:45:00 | 001,986,560 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2004.10.14 10:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.14 10:20:18 | 001,756,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12041400\algo.dll
MOD - [2012.03.20 16:43:00 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.16 11:08:00 | 000,085,288 | ---- | M] () -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCoreGecko11.dll
MOD - [2011.11.27 15:36:53 | 006,276,768 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.02.18 00:49:10 | 000,323,584 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.02.10 18:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005.07.28 15:29:32 | 000,102,400 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
MOD - [2005.07.28 12:05:42 | 000,159,744 | R--- | M] () -- C:\WINDOWS\ATK0100\ASUSNet.dll
MOD - [2005.07.05 16:45:00 | 001,986,560 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2004.05.28 04:13:10 | 000,057,344 | R--- | M] () -- C:\WINDOWS\ATK0100\CMSSC.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap2po9g8)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.14 00:02:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.06.13 22:03:30 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005.05.31 16:08:02 | 001,198,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.23 04:31:46 | 001,034,752 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.05.23 04:30:48 | 000,216,832 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005.05.23 04:30:42 | 000,716,288 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.04.18 22:21:08 | 000,027,136 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005.03.01 07:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005.02.17 17:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.02.11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.12.06 15:51:10 | 000,051,328 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2004.09.14 07:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2004.08.09 08:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKCU\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.0.100010
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.203.023.002
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2475029&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2010.10.17 14:54:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.04.14 14:21:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.20 16:43:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.21 05:40:08 | 000,000,000 | ---D | M]
[2010.06.13 23:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Extensions
[2012.04.14 12:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions
[2012.02.22 15:58:12 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.10.17 14:54:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\M2HOR0UQ.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
[2012.03.20 16:43:20 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2012.02.21 05:39:56 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.21 05:39:56 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.31 19:16:34 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.02.21 05:39:56 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.21 05:39:56 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.21 05:39:56 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2012.04.14 12:18:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 81.92.146.5 212.24.128.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18DA099D-C1DE-4026-9A22-004D833D55C0}: DhcpNameServer = 192.168.1.100 81.92.146.5 212.24.128.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A18B191-D040-46A3-B55A-FF5F89BEFB59}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.13 20:44:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.04.14 19:37:25 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTL.exe
[2012.04.14 19:35:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ADMIN\Recent
[2012.04.14 19:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2012.04.14 19:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.14 14:22:00 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.04.14 14:21:52 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.04.14 12:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Data aplikací\Malwarebytes
[2012.04.14 12:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2012.04.14 12:16:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.04.14 12:15:10 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTM.exe
[2012.04.14 11:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.14 11:05:17 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.14 10:14:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.04.14 09:55:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.04.14 09:55:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2012.04.14 09:55:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.04.14 09:48:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.04.14 09:41:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.04.14 09:41:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.04.01 08:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Plocha\malování,sousedi pes
[2012.03.24 16:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.03.24 16:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.03.24 16:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
========== Files - Modified Within 30 Days ==========
[2012.04.14 19:41:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.14 19:37:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTL.exe
[2012.04.14 19:23:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.14 14:23:53 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.04.14 12:18:36 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.04.14 12:15:21 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTM.exe
[2012.04.14 10:23:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.04.14 10:21:01 | 000,383,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.14 10:21:01 | 000,383,060 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.04.14 10:21:01 | 000,053,942 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.14 10:21:00 | 000,063,526 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.04.14 10:13:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.14 10:12:32 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.14 09:47:51 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2012.04.08 11:45:12 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.04.02 16:05:48 | 000,353,004 | ---- | M] () -- C:\Documents and Settings\ADMIN\Plocha\Glow001.ad.sys0002_csobGlow_UsersJA22222DokumentyMy Picturesmamama.jpg
[2012.04.01 16:20:17 | 001,927,046 | ---- | M] () -- C:\Documents and Settings\ADMIN\Plocha\Nový obrázek.JPG
[2012.03.31 18:05:15 | 001,785,881 | ---- | M] () -- C:\Documents and Settings\ADMIN\Plocha\olomouc 008.jpg
========== Files Created - No Company Name ==========
[2012.04.14 19:41:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.02 16:05:44 | 000,353,004 | ---- | C] () -- C:\Documents and Settings\ADMIN\Plocha\Glow001.ad.sys0002_csobGlow_UsersJA22222DokumentyMy Picturesmamama.jpg
[2012.04.01 16:20:15 | 001,927,046 | ---- | C] () -- C:\Documents and Settings\ADMIN\Plocha\Nový obrázek.JPG
[2012.03.31 18:03:59 | 001,785,881 | ---- | C] () -- C:\Documents and Settings\ADMIN\Plocha\olomouc 008.jpg
[2012.03.24 16:14:54 | 000,002,283 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.08.05 16:51:45 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.18 18:02:43 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\fusioncache.dat
[2010.06.17 18:49:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.16 18:41:05 | 000,175,589 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2010.06.16 18:41:05 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2010.06.13 23:23:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.13 22:30:55 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.13 22:29:13 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.13 22:03:16 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2010.06.13 22:03:16 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2010.06.13 22:03:16 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2010.06.13 21:12:21 | 000,093,878 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.06.13 21:12:07 | 000,001,161 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010.06.13 21:07:20 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2010.06.13 21:07:05 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2010.06.13 20:47:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.13 20:40:40 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== LOP Check ==========
[2012.02.05 15:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Ashampoo
[2012.04.14 19:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\DAEMON Tools Lite
[2010.06.13 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\GHISLER
[2012.04.14 09:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\ICQ
[2012.01.02 20:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\LibreOffice
[2010.06.15 00:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2012.02.05 15:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.10.24 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
[2010.06.14 00:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.06.14 23:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Adobe
[2012.02.05 15:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Ashampoo
[2012.04.14 19:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\DAEMON Tools Lite
[2010.06.13 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\GHISLER
[2010.06.14 23:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Help
[2010.06.16 18:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\HP
[2010.10.24 18:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\HPAppData
[2012.04.14 09:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\ICQ
[2010.06.13 21:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Identities
[2012.01.02 20:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\LibreOffice
[2010.06.13 23:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Macromedia
[2012.04.14 12:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Malwarebytes
[2011.03.21 11:55:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Microsoft
[2010.06.13 23:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla
[2012.04.14 19:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Skype
[2010.06.29 17:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.14 00:02:34 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.06.13 22:28:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.06.13 22:28:38 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.06.13 22:28:38 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.14 14:23:53 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.04.14 10:12:32 | 000,299,640 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.04.14 10:21:00 | 000,063,526 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.04.14 10:21:01 | 000,053,942 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.04.14 10:21:01 | 000,383,060 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.04.14 10:21:01 | 000,383,588 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.04.14 10:21:00 | 000,893,242 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.04.14 10:15:31 | 000,000,090 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2012.04.14 10:13:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.14 19:41:21 | 000,000,512 | ---- | M] () MD5=CBAD2810E49DED42326CFA7746BD30F4 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.05 15:25:20 | 000,000,000 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\CT2475029\feed\http___crackle_com_rss_media_sxsw_featured_rss_history.xml
[2012.02.05 15:25:20 | 000,000,000 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\CT2475029\feed\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml
< *keygen* /s >
< *loader* /s >
[2012.02.16 11:08:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\conduitCommon\modules\3.10.0.1\ExternalLibraryLoader.jsm
[2012.02.16 11:08:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules\ExternalLibraryLoader.jsm
[2012.02.29 09:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 09:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2010.06.13 21:15:43 | 000,001,459 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\SoundMAX\DLS Loader.lnk
[2002.08.30 14:09:00 | 000,000,595 | ---- | M] () -- \Program Files\Analog Devices\SoundMAX\DLSLoader.exe.manifest
[2010.03.26 07:33:30 | 000,003,754 | ---- | M] () -- \Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\loader.js
[2007.11.06 01:50:44 | 000,042,304 | ---- | M] () -- \Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
[2010.06.13 23:43:19 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.06.13 23:43:19 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.06.13 23:43:20 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.06.13 23:43:19 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\MUICoreLib\xtraLoader.swf
[2010.11.02 19:40:04 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2010.06.15 20:55:51 | 000,003,479 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\coreg\preloader04.swf
[2011.03.15 19:23:21 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.19 18:33:24 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.19 18:33:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.06.16 18:29:11 | 000,552,798 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\theme\game_center\loaderBkg.png
[2011.11.02 02:57:24 | 000,006,263 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.py
[2012.01.02 20:31:39 | 000,005,425 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.pyc
[2012.01.02 20:19:37 | 000,021,504 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.uno.dll
[2011.11.02 03:00:24 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.uno.ini
[2011.11.01 18:12:40 | 000,124,220 | ---- | M] () -- \Program Files\LibreOffice 3.4\share\extensions\report-builder\libloader-1.1.6.jar
[2012.01.02 20:20:43 | 000,029,696 | ---- | M] () -- \Program Files\LibreOffice 3.4\URE\bin\javaloader.uno.dll
[2011.11.02 00:56:04 | 000,003,872 | ---- | M] () -- \Program Files\LibreOffice 3.4\URE\java\unoloader.jar
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.02.10 18:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2012.02.01 18:50:55 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
< End of report >
OTL logfile created on: 14.4.2012 19:38:55 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\ADMIN\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
383,36 Mb Total Physical Memory | 73,71 Mb Available Physical Memory | 19,23% Memory free
919,90 Mb Paging File | 591,44 Mb Available in Paging File | 64,29% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,23 Gb Total Space | 16,69 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
Drive E: | 21,79 Gb Total Space | 21,70 Gb Free Space | 99,58% Space Free | Partition Type: NTFS
Computer Name: LEXX-974C32800E | User Name: ADMIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.04.14 19:37:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTL.exe
PRC - [2012.03.20 16:43:14 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.07.28 15:29:32 | 000,102,400 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2005.07.05 16:45:00 | 001,986,560 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2004.10.14 10:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.14 10:20:18 | 001,756,160 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12041400\algo.dll
MOD - [2012.03.20 16:43:00 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.16 11:08:00 | 000,085,288 | ---- | M] () -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCoreGecko11.dll
MOD - [2011.11.27 15:36:53 | 006,276,768 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2010.02.18 00:49:10 | 000,323,584 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.02.10 18:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005.07.28 15:29:32 | 000,102,400 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
MOD - [2005.07.28 12:05:42 | 000,159,744 | R--- | M] () -- C:\WINDOWS\ATK0100\ASUSNet.dll
MOD - [2005.07.05 16:45:00 | 001,986,560 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2004.05.28 04:13:10 | 000,057,344 | R--- | M] () -- C:\WINDOWS\ATK0100\CMSSC.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap2po9g8)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.03.07 01:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.03.07 00:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.06.14 00:02:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.06.13 22:03:30 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2005.05.31 16:08:02 | 001,198,080 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.23 04:31:46 | 001,034,752 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.05.23 04:30:48 | 000,216,832 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWATI.sys -- (HSFHWATI)
DRV - [2005.05.23 04:30:42 | 000,716,288 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.04.18 22:21:08 | 000,027,136 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005.03.01 07:01:40 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005.02.17 17:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.02.11 21:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004.12.06 15:51:10 | 000,051,328 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2004.09.14 07:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2004.08.09 08:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.08.04 00:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2475029
IE - HKCU\..\SearchScopes\{D5D47440-0750-463D-BAEF-A47D02414806}: "URL" = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Centrum.cz Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Centrum.cz Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.0.100010
FF - prefs.js..extensions.enabledItems: Cetrumcz@igeared:1.203.023.002
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... 2475029&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\Cetrumcz@igeared: C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared [2010.10.17 14:54:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.04.14 14:21:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.20 16:43:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.21 05:40:08 | 000,000,000 | ---D | M]
[2010.06.13 23:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Extensions
[2012.04.14 12:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions
[2012.02.22 15:58:12 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.10.17 14:54:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\M2HOR0UQ.DEFAULT\EXTENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
[2012.03.20 16:43:20 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.03.26 07:34:16 | 000,001,425 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Cetrumcz_igeared.xml
[2012.02.21 05:39:56 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.21 05:39:56 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.10.31 19:16:34 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.02.21 05:39:56 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.21 05:39:56 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.21 05:39:56 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2012.04.14 12:18:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.100 81.92.146.5 212.24.128.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18DA099D-C1DE-4026-9A22-004D833D55C0}: DhcpNameServer = 192.168.1.100 81.92.146.5 212.24.128.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A18B191-D040-46A3-B55A-FF5F89BEFB59}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\centrumcztoolbar {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll ()
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.06.13 20:44:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2012.04.14 19:37:25 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTL.exe
[2012.04.14 19:35:52 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ADMIN\Recent
[2012.04.14 19:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2012.04.14 19:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.14 14:22:00 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.04.14 14:21:52 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.04.14 12:39:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Data aplikací\Malwarebytes
[2012.04.14 12:38:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2012.04.14 12:16:37 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.04.14 12:15:10 | 000,523,264 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTM.exe
[2012.04.14 11:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.04.14 11:05:17 | 000,000,000 | ---D | C] -- C:\rsit
[2012.04.14 10:14:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.04.14 09:55:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.04.14 09:55:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2012.04.14 09:55:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.04.14 09:48:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.04.14 09:41:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.04.14 09:41:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.04.01 08:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ADMIN\Plocha\malování,sousedi pes
[2012.03.24 16:14:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2012.03.24 16:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.03.24 16:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
========== Files - Modified Within 30 Days ==========
[2012.04.14 19:41:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.04.14 19:37:27 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTL.exe
[2012.04.14 19:23:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.04.14 14:23:53 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.04.14 12:18:36 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.04.14 12:15:21 | 000,523,264 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ADMIN\Plocha\OTM.exe
[2012.04.14 10:23:25 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.04.14 10:21:01 | 000,383,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.04.14 10:21:01 | 000,383,060 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.04.14 10:21:01 | 000,053,942 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.04.14 10:21:00 | 000,063,526 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.04.14 10:13:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.04.14 10:12:32 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.14 09:47:51 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2012.04.08 11:45:12 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.04.02 16:05:48 | 000,353,004 | ---- | M] () -- C:\Documents and Settings\ADMIN\Plocha\Glow001.ad.sys0002_csobGlow_UsersJA22222DokumentyMy Picturesmamama.jpg
[2012.04.01 16:20:17 | 001,927,046 | ---- | M] () -- C:\Documents and Settings\ADMIN\Plocha\Nový obrázek.JPG
[2012.03.31 18:05:15 | 001,785,881 | ---- | M] () -- C:\Documents and Settings\ADMIN\Plocha\olomouc 008.jpg
========== Files Created - No Company Name ==========
[2012.04.14 19:41:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.04.02 16:05:44 | 000,353,004 | ---- | C] () -- C:\Documents and Settings\ADMIN\Plocha\Glow001.ad.sys0002_csobGlow_UsersJA22222DokumentyMy Picturesmamama.jpg
[2012.04.01 16:20:15 | 001,927,046 | ---- | C] () -- C:\Documents and Settings\ADMIN\Plocha\Nový obrázek.JPG
[2012.03.31 18:03:59 | 001,785,881 | ---- | C] () -- C:\Documents and Settings\ADMIN\Plocha\olomouc 008.jpg
[2012.03.24 16:14:54 | 000,002,283 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.08.05 16:51:45 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.18 18:02:43 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\ADMIN\Local Settings\Data aplikací\fusioncache.dat
[2010.06.17 18:49:44 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.06.16 18:41:05 | 000,175,589 | ---- | C] () -- C:\WINDOWS\hphins26.dat
[2010.06.16 18:41:05 | 000,000,787 | ---- | C] () -- C:\WINDOWS\hphmdl26.dat
[2010.06.13 23:23:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.13 22:30:55 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.06.13 22:29:13 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.13 22:03:16 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2010.06.13 22:03:16 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2010.06.13 22:03:16 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2010.06.13 21:12:21 | 000,093,878 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.06.13 21:12:07 | 000,001,161 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010.06.13 21:07:20 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2010.06.13 21:07:05 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2010.06.13 20:47:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.06.13 20:40:40 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== LOP Check ==========
[2012.02.05 15:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Ashampoo
[2012.04.14 19:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\DAEMON Tools Lite
[2010.06.13 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\GHISLER
[2012.04.14 09:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\ICQ
[2012.01.02 20:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\LibreOffice
[2010.06.15 00:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2012.02.05 15:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.10.24 18:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
[2010.06.14 00:01:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[2004.08.18 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\changer.sys
< MD5 for: ISAPNP.SYS >
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2012.04.14 09:41:36 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sp3.cab:isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.06.14 23:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Adobe
[2012.02.05 15:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Ashampoo
[2012.04.14 19:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\DAEMON Tools Lite
[2010.06.13 23:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\GHISLER
[2010.06.14 23:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Help
[2010.06.16 18:53:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\HP
[2010.10.24 18:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\HPAppData
[2012.04.14 09:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\ICQ
[2010.06.13 21:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Identities
[2012.01.02 20:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\LibreOffice
[2010.06.13 23:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Macromedia
[2012.04.14 12:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Malwarebytes
[2011.03.21 11:55:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Microsoft
[2010.06.13 23:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Mozilla
[2012.04.14 19:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\Skype
[2010.06.29 17:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\ADMIN\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.14 00:02:34 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2010.06.13 22:28:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.06.13 22:28:38 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.06.13 22:28:38 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.04.14 14:23:53 | 000,002,553 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2012.04.14 10:12:32 | 000,299,640 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2012.04.14 10:21:00 | 000,063,526 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.04.14 10:21:01 | 000,053,942 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.04.14 10:21:01 | 000,383,060 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.04.14 10:21:01 | 000,383,588 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.04.14 10:21:00 | 000,893,242 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2012.04.14 10:15:31 | 000,000,090 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2012.04.14 10:13:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.04.14 19:41:21 | 000,000,512 | ---- | M] () MD5=CBAD2810E49DED42326CFA7746BD30F4 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.05 15:25:20 | 000,000,000 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\CT2475029\feed\http___crackle_com_rss_media_sxsw_featured_rss_history.xml
[2012.02.05 15:25:20 | 000,000,000 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\CT2475029\feed\http___crackle_com_rss_media_sxsw_featured_rss_structured.xml
< *keygen* /s >
< *loader* /s >
[2012.02.16 11:08:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\conduitCommon\modules\3.10.0.1\ExternalLibraryLoader.jsm
[2012.02.16 11:08:00 | 000,010,145 | ---- | M] () -- \Documents and Settings\ADMIN\Data aplikací\Mozilla\Firefox\Profiles\m2hor0uq.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules\ExternalLibraryLoader.jsm
[2012.02.29 09:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 09:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2010.06.13 21:15:43 | 000,001,459 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\SoundMAX\DLS Loader.lnk
[2002.08.30 14:09:00 | 000,000,595 | ---- | M] () -- \Program Files\Analog Devices\SoundMAX\DLSLoader.exe.manifest
[2010.03.26 07:33:30 | 000,003,754 | ---- | M] () -- \Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared\chrome\content\libs\loader.js
[2007.11.06 01:50:44 | 000,042,304 | ---- | M] () -- \Program Files\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
[2010.06.13 23:43:19 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2010.06.13 23:43:19 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2010.06.13 23:43:20 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2010.06.13 23:43:19 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.1\imApp\theme\MUICoreLib\xtraLoader.swf
[2010.11.02 19:40:04 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2010.06.15 20:55:51 | 000,003,479 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\coreg\preloader04.swf
[2011.03.15 19:23:21 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\icq_profile\preloader.html
[2011.01.19 18:33:24 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_forms\preloader.html
[2011.01.19 18:33:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\content\profile_lightboxs\preloader.html
[2010.06.16 18:29:11 | 000,552,798 | ---- | M] () -- \Program Files\ICQ7.1\Xtraz\icq\theme\game_center\loaderBkg.png
[2011.11.02 02:57:24 | 000,006,263 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.py
[2012.01.02 20:31:39 | 000,005,425 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.pyc
[2012.01.02 20:19:37 | 000,021,504 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.uno.dll
[2011.11.02 03:00:24 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 3.4\Basis\program\pythonloader.uno.ini
[2011.11.01 18:12:40 | 000,124,220 | ---- | M] () -- \Program Files\LibreOffice 3.4\share\extensions\report-builder\libloader-1.1.6.jar
[2012.01.02 20:20:43 | 000,029,696 | ---- | M] () -- \Program Files\LibreOffice 3.4\URE\bin\javaloader.uno.dll
[2011.11.02 00:56:04 | 000,003,872 | ---- | M] () -- \Program Files\LibreOffice 3.4\URE\java\unoloader.jar
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.02.10 18:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2012.02.01 18:50:55 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
< End of report >
Re: Celkově zpomalené PC
extras:
OTL Extras logfile created on: 14.4.2012 19:38:55 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\ADMIN\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
383,36 Mb Total Physical Memory | 73,71 Mb Available Physical Memory | 19,23% Memory free
919,90 Mb Paging File | 591,44 Mb Available in Paging File | 64,29% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,23 Gb Total Space | 16,69 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
Drive E: | 21,79 Gb Total Space | 21,70 Gb Free Space | 99,58% Space Free | Partition Type: NTFS
Computer Name: LEXX-974C32800E | User Name: ADMIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client3] -- "C:\Program Files\Fotostar\Fotostar Offline client3\Fotostar Offline client3.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = PandoraTV Toolbar
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D64833F8-860D-4216-8EDC-DD08AD68C0B5}" = LibreOffice 3.4
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_11861043" = Soft Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"Fotostar Offline client3" = Fotostar Offline client3
"HControl" = ATK0100 ACPI UTILITY
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ie8" = Windows Internet Explorer 8
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = PandoraTV Toolbar Updater
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.6.2011 13:01:27 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 15.6.2011 9:22:59 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 16.6.2011 10:52:03 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 17.6.2011 1:24:31 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 17.6.2011 14:20:38 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 18.6.2011 2:05:44 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 18.6.2011 14:03:20 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.6.2011 1:15:14 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.6.2011 10:34:02 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 20.6.2011 10:15:28 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 14.4.2012 4:17:02 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 6:18:06 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 14.4.2012 6:18:06 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7034
Description = Služba LightScribeService Direct Disc Labeling Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.
Error - 14.4.2012 6:18:06 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7034
Description = Služba SoundMAX Agent Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 14.4.2012 6:27:09 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 8:30:51 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 13:16:02 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 13:16:32 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba modelu COM pro zápis na disk CD (IMAPI).
Error - 14.4.2012 13:16:32 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7000
Description = Služba Služba modelu COM pro zápis na disk CD (IMAPI) neuspěla při
spuštění v důsledku následující chyby: %%1053
Error - 14.4.2012 13:25:43 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
< End of report >
OTL Extras logfile created on: 14.4.2012 19:38:55 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\ADMIN\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
383,36 Mb Total Physical Memory | 73,71 Mb Available Physical Memory | 19,23% Memory free
919,90 Mb Paging File | 591,44 Mb Available in Paging File | 64,29% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 32,23 Gb Total Space | 16,69 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
Drive E: | 21,79 Gb Total Space | 21,70 Gb Free Space | 99,58% Space Free | Partition Type: NTFS
Computer Name: LEXX-974C32800E | User Name: ADMIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client3] -- "C:\Program Files\Fotostar\Fotostar Offline client3\Fotostar Offline client3.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}" = HP Deskjet D1500 Printer Driver Software 10.0 Rel .3
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{38436888-9EAA-4cec-A56F-65B73D9D423C}" = D1500
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82C113AD-486F-4bd5-A2EA-2383AF57D084}" = D1500_Help
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = PandoraTV Toolbar
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B8240B3-891D-4965-AA51-8799622D44FF}" = DJ_SF_03_D1500_ProductContext
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3 - Czech
"{B1421599-A42D-47ef-B512-B9B0317BD599}" = DJ_SF_03_D1500_Software
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D64833F8-860D-4216-8EDC-DD08AD68C0B5}" = LibreOffice 3.4
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_11861043" = Soft Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"Fotostar Offline client3" = Fotostar Offline client3
"HControl" = ATK0100 ACPI UTILITY
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"ie8" = Windows Internet Explorer 8
"Lišta Centrum.cz Toolbar_is1" = Lišta Centrum.cz Toolbar 1.203.023.002
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = PandoraTV Toolbar Updater
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 14.6.2011 13:01:27 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 15.6.2011 9:22:59 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 16.6.2011 10:52:03 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 17.6.2011 1:24:31 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 17.6.2011 14:20:38 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 18.6.2011 2:05:44 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 18.6.2011 14:03:20 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.6.2011 1:15:14 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 19.6.2011 10:34:02 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 20.6.2011 10:15:28 | Computer Name = LEXX-974C32800E | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 14.4.2012 4:17:02 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 6:18:06 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 14.4.2012 6:18:06 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7034
Description = Služba LightScribeService Direct Disc Labeling Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.
Error - 14.4.2012 6:18:06 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7034
Description = Služba SoundMAX Agent Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 14.4.2012 6:27:09 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 8:30:51 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 13:16:02 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
Error - 14.4.2012 13:16:32 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Služba modelu COM pro zápis na disk CD (IMAPI).
Error - 14.4.2012 13:16:32 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7000
Description = Služba Služba modelu COM pro zápis na disk CD (IMAPI) neuspěla při
spuštění v důsledku následující chyby: %%1053
Error - 14.4.2012 13:25:43 | Computer Name = LEXX-974C32800E | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.
< End of report >
Přispějete na provoz fóra?