Dobrý den,
poslední dobou, když zapnu počítač, chvíli jede normálně a najednou se sekne. V nouzovém režimu se sítí jede normálně. Přestalo také fungovat USB(nevím jestli to s tím má něco společného. Už nevím co bych mohl zkusit tak posílám log(nouzový režim).
Logfile of random's system information tool 1.09 (written by random/random)
Run by Romanka at 2012-05-16 16:54:50
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 47 GB (33%) free of 142 GB
Total RAM: 1977 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:55:01, on 16.5.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
F:\RSIT.exe
C:\Program Files\trend micro\Romanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll
O1 - Hosts: ::1 localhost
O2 - BHO: ToggleEN - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\prxtbTog0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\prxtbTog0.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe
O4 - HKLM\..\Run: [NetFxUpdate_v1.1.4322] "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Romanka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Red Flush - {587F1506-C7D0-4006-91D1-E531FB983ECD} - C:\Microgaming\Casino\RedFlush\casinogame.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CardBusService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 10086 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, wtxpcom@mybrowserbar.com:4.3, youtubedownloader@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quicksearch_6826&q="
"{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.SmileyCentral_1v.com/Plugin]
"Description"=SmileyCentral Plugin
"Path"=C:\Program Files\SmileyCentral_1vEI\Installr\3.bin\NP1vEISB.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.3.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
Search_Results.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\
yasearch@yandex.ru
{800b5000-a755-47e1-992b-48a1c1357f07}
{99079a25-328f-4bd4-be04-00955acaa0a7}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
Search_Results.xml
SmileyCentral_1v.xml
ybqs-firmy.xml
ybqs-mapy.xml
ybqs-seznam.xml
ybqs-sz_vidia.xml
ybqs-zbozi.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files\ToggleEN\prxtbTog0.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\tbBitT.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
DataMngr - C:\PROGRA~1\SEARCH~1\Datamngr\BROWSE~1.DLL [2012-03-12 101272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10 59272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [2012-04-23 1124704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\tbBitT.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-01-03 1514152]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files\ToggleEN\prxtbTog0.dll [2011-05-09 176936]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll [2012-02-27 88976]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll [2012-04-23 1124704]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-11 6724128]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-11-04 57344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-01-09 1418536]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-04-10 862728]
"Acer ePower Management"=C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [2009-04-03 698912]
"NWEReboot"= []
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"Ashampoo HDD Control Guard"=C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe [2010-02-16 3994456]
"NetFxUpdate_v1.1.4322"=C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-01-03 1391272]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"DATAMNGR"=C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE [2012-03-12 1694608]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-04-23 983904]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"Google Update"=C:\Users\Romanka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-29 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2009-11-09 180224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-02-16 735608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2011-03-17 74752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE [2007-08-14 618496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Romanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"msacm.msaudio1"=msaud32.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.sl_anet"=sl_anet.acm
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-05-16 16:54:50 ----D---- C:\rsit
2012-05-16 16:54:50 ----D---- C:\Program Files\trend micro
2012-05-16 16:00:53 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-05-16 16:00:53 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-05-16 16:00:50 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-05-16 16:00:49 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-05-16 16:00:49 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-05-16 16:00:48 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-05-16 16:00:33 ----A---- C:\Windows\avastSS.scr
2012-05-16 16:00:32 ----A---- C:\Windows\system32\aswBoot.exe
2012-05-16 15:59:58 ----D---- C:\ProgramData\AVAST Software
2012-05-16 15:59:58 ----D---- C:\Program Files\AVAST Software
2012-05-16 12:51:23 ----HD---- C:\ProgramData\Common Files
2012-05-16 12:50:47 ----D---- C:\ProgramData\MFAData
2012-05-16 11:54:02 ----A---- C:\Windows\ntbtlog.txt
2012-05-15 20:19:44 ----D---- C:\ProgramData\SuperOvladac
2012-05-13 07:11:53 ----D---- C:\ProgramData\MGS
2012-05-13 07:11:53 ----D---- C:\Microgaming
2012-05-04 08:41:55 ----D---- C:\Program Files\Application Updater
2012-05-04 08:41:54 ----D---- C:\Program Files\YouTube Downloader Toolbar
2012-05-04 08:41:54 ----D---- C:\Program Files\Common Files\Spigot
2012-05-03 08:09:22 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-05-03 08:09:22 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-04-26 06:24:37 ----D---- C:\ProgramData\Mozilla
2012-04-26 06:24:36 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of files/folders modified in the last 1 month======
2012-05-16 16:54:50 ----D---- C:\Program Files
2012-05-16 16:53:36 ----D---- C:\Windows\System32
2012-05-16 16:53:36 ----D---- C:\Windows\inf
2012-05-16 16:53:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-16 16:00:53 ----D---- C:\Windows\system32\drivers
2012-05-16 16:00:33 ----D---- C:\Windows
2012-05-16 15:59:58 ----HD---- C:\ProgramData
2012-05-16 15:50:23 ----SHD---- C:\Windows\Installer
2012-05-16 15:50:23 ----D---- C:\Windows\Temp
2012-05-16 15:44:54 ----D---- C:\Windows\winsxs
2012-05-16 13:09:59 ----D---- C:\Users\Romanka\AppData\Roaming\Yandex
2012-05-16 12:54:35 ----D---- C:\Windows\Prefetch
2012-05-16 11:51:26 ----D---- C:\Windows\system32\LogFiles
2012-05-16 11:51:07 ----D---- C:\Windows\system32\wbem
2012-05-16 11:50:34 ----D---- C:\Windows\system32\config
2012-05-16 11:50:23 ----D---- C:\Windows\Tasks
2012-05-16 11:50:23 ----D---- C:\Windows\system32\Tasks
2012-05-16 11:50:23 ----D---- C:\Windows\system32\spool
2012-05-16 11:50:23 ----D---- C:\Windows\system32\Msdtc
2012-05-16 11:50:23 ----D---- C:\Windows\system32\drivers\etc
2012-05-16 11:50:23 ----D---- C:\Windows\system32\CodeIntegrity
2012-05-16 11:50:23 ----D---- C:\Windows\system32\catroot2
2012-05-16 11:50:23 ----D---- C:\Users\Romanka\AppData\Roaming\uTorrent
2012-05-16 11:50:22 ----D---- C:\Windows\registration
2012-05-16 04:09:13 ----D---- C:\Windows\pss
2012-05-15 18:27:13 ----SHD---- C:\System Volume Information
2012-05-15 04:18:40 ----A---- C:\Windows\NeroDigital.ini
2012-05-14 21:14:17 ----D---- C:\Users\Romanka\AppData\Roaming\Media Player Classic
2012-05-14 13:04:56 ----D---- C:\Users\Romanka\AppData\Roaming\Skype
2012-05-13 21:14:05 ----D---- C:\Windows\Debug
2012-05-12 07:09:53 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-12 03:13:55 ----D---- C:\ProgramData\Microsoft Help
2012-05-12 03:10:10 ----A---- C:\Windows\system32\mrt.exe
2012-05-04 08:41:54 ----D---- C:\Program Files\Common Files
2012-05-03 23:00:19 ----D---- C:\Program Files\Microsoft Security Client
2012-05-03 23:00:00 ----D---- C:\Windows\system32\catroot
2012-05-03 08:29:14 ----D---- C:\Windows\rescache
2012-05-03 08:11:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-05-01 08:32:50 ----D---- C:\Users\Romanka\AppData\Roaming\Winamp
2012-04-30 12:55:41 ----D---- C:\Users\Romanka\AppData\Roaming\Canon
2012-04-26 06:24:31 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-16 242240]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-06-23 1181184]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-04-10 21000]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-01-15 49664]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-02-23 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-01-09 204976]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys [2009-04-10 20112]
S1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys []
S1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
S2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2007-08-16 220672]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-27 1044984]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-11 2324512]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 PAC207;e-Messenger 112; C:\Windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-07-28 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-07-28 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-07-28 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-07-28 100224]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 TridVid;TM6010 TV Service; C:\Windows\system32\DRIVERS\TridVidII.sys [2009-09-15 195072]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-21 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 InCDFs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
S2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2012-04-23 785304]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
S2 CardBusService;CardBusService; C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe [2007-04-24 188416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe [2009-08-24 406016]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2009-04-03 723488]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-10-04 75136]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Notebook se sekne
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Notebook se sekne
Zdravim, pekny podvecer preji a vitam vas u nas na foru 
Vas log se studuje
a pracuje se na nem 
.
Prosim o strpeni!
Vas log se studuje
a pracuje se na nem .Prosim o strpeni!
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Notebook se sekne
Neni divu ze se seka, je tam toho dost co to muze ovlivnovat 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Dale odinstalujte Search Settings a Application Updater Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Notebook se sekne
OTL Extras logfile created on: 16.5.2012 20:14:16 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Romanka\Romec\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,93 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 63,91% Memory free
4,10 Gb Paging File | 3,60 Gb Available in Paging File | 87,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 46,94 Gb Free Space | 33,76% Space Free | Partition Type: NTFS
Drive F: | 1,87 Gb Total Space | 1,86 Gb Free Space | 99,45% Space Free | Partition Type: FAT
Computer Name: DOMA | User Name: Romanka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-623119012-232483285-2282111094-1001]
"EnableNotificationsRef" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A32AD3-3B34-4F24-8F9F-8A493D655554}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{02E2E520-57EA-4DD8-B0DA-E49F6706E68B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{04547FB7-4C24-46DF-8CBB-325DF053808E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{0BF214C8-C769-4718-A481-D8EC5652AF70}" = rport=138 | protocol=17 | dir=out | app=system |
"{1141C140-B22B-42D9-9B5C-D83C6A702AE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{114F3145-B1CC-4C1D-AE2E-9E3042DB407E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1597B2A0-D082-4F75-9574-6F5ED8372D8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1E9A2ABD-77AB-45F9-8096-B33484BB9347}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{222AD23F-9B53-4C69-8314-C6463EC64A5D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{242A0C94-2945-477F-BF0E-04B910F6D2E7}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{24596BA7-1516-447D-8324-9BCB8CC86BE9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{2A66AA7C-189C-4A57-9EE5-9028B782C54B}" = rport=445 | protocol=6 | dir=out | app=system |
"{2FDB76FB-106C-4459-A0BD-D34E5E2361B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{41C5B02D-F426-4041-AF47-C45BF8D1744C}" = rport=139 | protocol=6 | dir=out | app=system |
"{42B04F6C-C3D0-40B3-A071-0BCE9C047035}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{48423C91-CB7D-4D02-A159-15576136A134}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4DE30170-7DC5-4757-A567-C5D1F9C8D307}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{5EA7DDC5-E4A7-4ED0-88BF-072463513E96}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F1E0D63-E7F7-409F-B0BD-A48EC3D92950}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5FD52467-8FD1-4E86-87AB-B64401D072E9}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6CB0A231-BCA1-4AED-A544-01BD0D4F2CDB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E91BFC4-D2B8-4D59-A280-35C7A205FEDB}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{7F15DC2F-4DA5-4FD7-80E2-480F80F21D8E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{81D1F37A-997D-460F-8F4C-EF40EDC6176A}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{86E308C4-2FC1-454C-8B31-16E66D4840F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8721BCBD-42B9-4A23-ADF6-71D5C9ADDC4C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8F81565B-9F60-4A6F-BFE5-449332203574}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{943EE38A-EEDC-4C21-898C-4C8A096324F8}" = lport=137 | protocol=17 | dir=in | app=system |
"{9715D48C-0D86-4C72-9369-23E3A3D5BDED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9FDEA3F9-82F8-4F82-9772-80243808A01D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A151CE1E-1CE5-466C-BDDE-13AFF2DF61D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A27C2993-DE70-4EA2-9C35-66708FEDC608}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{A8343D6E-03D6-4C86-9026-69E2ACFB7B00}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA559DD8-0006-4D66-A5B1-55844E894B21}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ABADDB2A-F3F6-4D89-A225-DACACF34CD62}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE61A825-9556-460B-86B5-DBE4998F148F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B6873E99-B1EA-4ED2-9CCE-CDB35808D326}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C1FBB8FD-4E2B-4FEF-9226-042A0C02B1B7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDA8A1FE-51AF-4C84-B08F-8BC7F492016D}" = rport=137 | protocol=17 | dir=out | app=system |
"{CE246146-9CFC-40F3-9165-E230807F73F6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D2477936-3856-4430-B82D-ED859E568A37}" = lport=139 | protocol=6 | dir=in | app=system |
"{D7780628-9EA5-4F40-B493-015D6AF7DFB1}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC41CE68-E6F7-4D3C-91E2-D1D1E3640583}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DEB77E3A-6C8B-46B5-BAF6-0C909EC4E425}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECFEF05B-FC7D-4440-92BE-CD8D46990D84}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2EACA0A-2576-4EFD-BA19-DE1F3F2E1E68}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F98DCBF4-22C7-41B1-9128-809B84CF5472}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{FC0BC10A-0A19-4F28-900F-998CC6C45821}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFA3AD00-3054-4995-8086-8BDFC02B9FF0}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{201131AC-1FF8-40A6-9EEC-FE7294408123}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{22EA8D89-A0B1-487F-9370-2D4339165ED7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{3F242887-371E-47A6-9E66-2A06C848B535}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{472CDA61-365A-4CA4-B76B-16803A727DF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B863E9D-9E9A-4FFF-B7A6-6B83E455214A}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{4E8450AF-D229-461A-850D-5402F36A9731}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5338F7C1-CDA8-4B4B-87CF-699D4FBCE6E3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5D55270F-1883-43AA-A359-3520F4DC3D91}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5E89C6E9-D61D-4D2A-A971-5BFBCE9FBCF2}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{685167BD-CEFC-45C1-8045-2F2A949C392D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{6BA2F711-6B6C-4089-9A59-936626C9C94B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6C17A0F1-8E47-418C-A4AC-56E315C3896B}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{802BB36F-FAF1-4F7C-AFB9-766BCCF30CCD}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{81F1C173-D6E7-4DFF-A961-CC1519229EE4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{82D5EC68-E7FD-4B64-9C3B-35DD3D88154B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{833EF29F-E54F-43C8-95F2-D9E545C1BDA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{842540AC-3E91-4128-868A-5F2DF028D744}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{8467500B-FEB3-469D-A7B5-7BF6E3C7ADAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{888DBB3E-D996-42DD-917A-D670B1FC0735}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{8EC6D276-B52E-4245-AA3D-476C2BE0B7D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94A4BE45-17C5-4388-9C9C-7780D079FE90}" = protocol=6 | dir=out | app=system |
"{993C1910-E768-456C-A64B-973FF5BB6F91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E64E5A4-2028-4848-A38D-D0F58A47FC09}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A5FF9D36-317A-4BF1-864F-9EFA9A2E7BD4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A955F119-DBB4-48F5-B805-267C8738E31E}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{B73C6D19-9D36-4CF4-A387-BEBC3ED6B86E}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{C3791A7A-91E9-4A87-B0A9-2A7041DD3A5E}" = protocol=6 | dir=out | app=system |
"{C49FC2BD-545B-408C-8D6D-23FEC3AAAADD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C6BA6415-2AAD-4EB4-87A9-2690338BB2BC}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{C991CAF0-5983-4592-A2A3-35A7D0F4BDED}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{CB7280F7-701C-425C-9B32-5E856CD24D04}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D025AE79-78AD-4E0D-ABF4-1E9FBC1BCAFF}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{D3F749B8-4F1E-4A2A-9EB7-296DE9EEA2B7}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{D43F108D-3611-4280-86C0-C8A3084F9744}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAF4A8DF-67A9-4D5C-B2F0-BBA57284313A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DBBEBB1E-E6B1-468E-BA78-11519FAF8C25}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDDD41EC-572D-4C73-8A65-4EBB53B31084}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5D065D3-2113-4F2B-A9E6-536DB8FEC8B0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA5DABDF-98BE-4141-A68A-E53D386F2AF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB4F5A04-FA62-4281-A17D-25A71AE9B119}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EC94BC01-1E8C-4D42-B917-0E7F1EB70316}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ECE16952-1A80-493F-B9E3-FF20140E52A2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EE83F7E7-1A56-4FE5-9777-47E3F71AF611}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EF44F4EE-D8FC-4C1F-84A9-5BCBD413E077}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EFD6E2B3-23AE-4BE2-B621-0BEB6F621FF1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{F2F99FE1-2952-4461-B764-9295CCE201FD}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{F81AE0AF-322A-4B04-A9D3-173787091672}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{08B86013-4558-4499-B80E-5E1DA6DD4602}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{0E514F9F-325A-4D05-BB56-6094B06982C1}C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"TCP Query User{1EE32A70-8D8E-457D-96F2-CE37A0853940}C:\program files\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\program files\screamer radio\screamer.exe |
"TCP Query User{29FE4857-93D4-4262-AAEF-228BF891CB11}C:\users\romanka\romec\gta\gta2.exe" = protocol=6 | dir=in | app=c:\users\romanka\romec\gta\gta2.exe |
"TCP Query User{503CFA8B-53C7-433A-9EEA-A59CB37539AA}C:\users\romec\sudden strike forever english\game_exe.exe" = protocol=6 | dir=in | app=c:\users\romec\sudden strike forever english\game_exe.exe |
"TCP Query User{609BA05E-F03E-4453-985F-E1E701A0FC5F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{8AB8AFA7-E374-438F-BFF2-66CD7923734E}C:\users\romanka\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\romanka\appdata\local\akamai\netsession_win.exe |
"TCP Query User{95D6877D-9FDF-4364-B430-816E400F2A80}C:\program files\eidos interactive\pyro\commandos\mpserver.exe" = protocol=6 | dir=in | app=c:\program files\eidos interactive\pyro\commandos\mpserver.exe |
"TCP Query User{A665BAD0-7A25-40ED-A5D0-0439BFA1D794}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{B305D3D5-06B7-4656-BCC8-3A8072D25867}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{B85012F0-14DD-4B33-9371-F48A71686EE2}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C4286CDA-FE34-4364-84F3-CB45E42E4FE9}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{CC36B68A-5BB8-409E-8700-E11CECE26B1E}C:\program files\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 v42 digitalzone\hl.exe |
"TCP Query User{ECBC905C-C0B7-4D6E-9ADF-1E88C871A8E8}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F9411CF4-444F-4FA8-8163-F8EE41D66AB2}C:\users\romanka\romec\games\gta\gta2.exe" = protocol=6 | dir=in | app=c:\users\romanka\romec\games\gta\gta2.exe |
"UDP Query User{1B667DFF-C58C-44CF-8202-B58ADE5958DE}C:\program files\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\program files\screamer radio\screamer.exe |
"UDP Query User{24D82136-20EC-469E-9191-00AC0DC0782E}C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"UDP Query User{3214CA39-488F-4160-A8C5-F64A91651283}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{5564A838-888F-4E66-A18B-07FFAC354E84}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{5E01B5BF-F718-4C7B-86E8-5BED0013F61F}C:\users\romanka\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\romanka\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7C77755C-6EC0-43CA-91F3-FCBDD3103136}C:\users\romanka\romec\gta\gta2.exe" = protocol=17 | dir=in | app=c:\users\romanka\romec\gta\gta2.exe |
"UDP Query User{897B16DE-D103-4A78-AA88-FC70920E1740}C:\program files\eidos interactive\pyro\commandos\mpserver.exe" = protocol=17 | dir=in | app=c:\program files\eidos interactive\pyro\commandos\mpserver.exe |
"UDP Query User{C03333D8-14DF-43F6-BB60-DD59D2C0EA94}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{C05BB22B-89D8-4126-B904-A1340DF5344C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{C7621E35-D7B9-4C13-AD7E-3A20124EB7EE}C:\program files\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 v42 digitalzone\hl.exe |
"UDP Query User{CEE3C483-18FB-4310-9B3D-330A7B6A1E8B}C:\users\romec\sudden strike forever english\game_exe.exe" = protocol=17 | dir=in | app=c:\users\romec\sudden strike forever english\game_exe.exe |
"UDP Query User{DB3CC393-65D6-44D8-87B6-E954C2EAA4C0}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DC5950E8-0FF9-43E4-9F02-4F6D98703FAA}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{F4A139A5-5024-4EA3-A18E-D443D8AD6825}C:\users\romanka\romec\games\gta\gta2.exe" = protocol=17 | dir=in | app=c:\users\romanka\romec\games\gta\gta2.exe |
"UDP Query User{F56E1EC9-8859-4C86-A14A-BFCB095FD355}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{26E20136-E332-4BC6-903F-ADDCAEE53263}" = ArCon 9 Profesionál
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3E5F76-7DD4-4F59-9CD6-B0159622B353}" = Double Vibration steering wheel
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-emachines" = WildTangent Games App (eMachines Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730C01C5-CAE4-46FE-BA13-8B3E637F8192}" = e-Messenger 112
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Softonic Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB5F1FBF-57DB-4E22-83B0-FEC53C389762}" = YouTube Downloader Toolbar v5.6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FC87BEA8-5582-476C-A754-41F3A9D976D4}" = AVerTV
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.11
"avast" = avast! Free Antivirus
"AVerMedia A827 series driver" = AVerMedia A827 series driver 1.0.0.43
"AVerMedia MCE Encoder" = AVerMedia MCE Encoder 3.2.1.62
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{6A3E5F76-7DD4-4F59-9CD6-B0159622B353}" = Double Vibration steering wheel
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"InstallShield_{FC87BEA8-5582-476C-A754-41F3A9D976D4}" = AVerTV
"LManager" = Launch Manager
"MAGIX hip hop music maker" = MAGIX hip hop music maker
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PowerISO" = PowerISO
"RfcClient" = rFactorCentral Client 1.04
"Syncrosoft's License Control" = Syncrosoft's License Control
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Softonic Toolbar Updater
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Romanka\Romec\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,93 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 63,91% Memory free
4,10 Gb Paging File | 3,60 Gb Available in Paging File | 87,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 46,94 Gb Free Space | 33,76% Space Free | Partition Type: NTFS
Drive F: | 1,87 Gb Total Space | 1,86 Gb Free Space | 99,45% Space Free | Partition Type: FAT
Computer Name: DOMA | User Name: Romanka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-623119012-232483285-2282111094-1001]
"EnableNotificationsRef" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A32AD3-3B34-4F24-8F9F-8A493D655554}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{02E2E520-57EA-4DD8-B0DA-E49F6706E68B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{04547FB7-4C24-46DF-8CBB-325DF053808E}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{0BF214C8-C769-4718-A481-D8EC5652AF70}" = rport=138 | protocol=17 | dir=out | app=system |
"{1141C140-B22B-42D9-9B5C-D83C6A702AE6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{114F3145-B1CC-4C1D-AE2E-9E3042DB407E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1597B2A0-D082-4F75-9574-6F5ED8372D8E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1E9A2ABD-77AB-45F9-8096-B33484BB9347}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{222AD23F-9B53-4C69-8314-C6463EC64A5D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{242A0C94-2945-477F-BF0E-04B910F6D2E7}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{24596BA7-1516-447D-8324-9BCB8CC86BE9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{2A66AA7C-189C-4A57-9EE5-9028B782C54B}" = rport=445 | protocol=6 | dir=out | app=system |
"{2FDB76FB-106C-4459-A0BD-D34E5E2361B6}" = lport=445 | protocol=6 | dir=in | app=system |
"{41C5B02D-F426-4041-AF47-C45BF8D1744C}" = rport=139 | protocol=6 | dir=out | app=system |
"{42B04F6C-C3D0-40B3-A071-0BCE9C047035}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{48423C91-CB7D-4D02-A159-15576136A134}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4DE30170-7DC5-4757-A567-C5D1F9C8D307}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{5EA7DDC5-E4A7-4ED0-88BF-072463513E96}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5F1E0D63-E7F7-409F-B0BD-A48EC3D92950}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5FD52467-8FD1-4E86-87AB-B64401D072E9}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6CB0A231-BCA1-4AED-A544-01BD0D4F2CDB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E91BFC4-D2B8-4D59-A280-35C7A205FEDB}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
"{7F15DC2F-4DA5-4FD7-80E2-480F80F21D8E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{81D1F37A-997D-460F-8F4C-EF40EDC6176A}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{86E308C4-2FC1-454C-8B31-16E66D4840F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8721BCBD-42B9-4A23-ADF6-71D5C9ADDC4C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8F81565B-9F60-4A6F-BFE5-449332203574}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
"{943EE38A-EEDC-4C21-898C-4C8A096324F8}" = lport=137 | protocol=17 | dir=in | app=system |
"{9715D48C-0D86-4C72-9369-23E3A3D5BDED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9FDEA3F9-82F8-4F82-9772-80243808A01D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A151CE1E-1CE5-466C-BDDE-13AFF2DF61D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A27C2993-DE70-4EA2-9C35-66708FEDC608}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |
"{A8343D6E-03D6-4C86-9026-69E2ACFB7B00}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA559DD8-0006-4D66-A5B1-55844E894B21}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ABADDB2A-F3F6-4D89-A225-DACACF34CD62}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AE61A825-9556-460B-86B5-DBE4998F148F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B6873E99-B1EA-4ED2-9CCE-CDB35808D326}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C1FBB8FD-4E2B-4FEF-9226-042A0C02B1B7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDA8A1FE-51AF-4C84-B08F-8BC7F492016D}" = rport=137 | protocol=17 | dir=out | app=system |
"{CE246146-9CFC-40F3-9165-E230807F73F6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D2477936-3856-4430-B82D-ED859E568A37}" = lport=139 | protocol=6 | dir=in | app=system |
"{D7780628-9EA5-4F40-B493-015D6AF7DFB1}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC41CE68-E6F7-4D3C-91E2-D1D1E3640583}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DEB77E3A-6C8B-46B5-BAF6-0C909EC4E425}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECFEF05B-FC7D-4440-92BE-CD8D46990D84}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2EACA0A-2576-4EFD-BA19-DE1F3F2E1E68}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F98DCBF4-22C7-41B1-9128-809B84CF5472}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |
"{FC0BC10A-0A19-4F28-900F-998CC6C45821}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFA3AD00-3054-4995-8086-8BDFC02B9FF0}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{201131AC-1FF8-40A6-9EEC-FE7294408123}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{22EA8D89-A0B1-487F-9370-2D4339165ED7}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{3F242887-371E-47A6-9E66-2A06C848B535}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{472CDA61-365A-4CA4-B76B-16803A727DF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4B863E9D-9E9A-4FFF-B7A6-6B83E455214A}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{4E8450AF-D229-461A-850D-5402F36A9731}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5338F7C1-CDA8-4B4B-87CF-699D4FBCE6E3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5D55270F-1883-43AA-A359-3520F4DC3D91}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5E89C6E9-D61D-4D2A-A971-5BFBCE9FBCF2}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{685167BD-CEFC-45C1-8045-2F2A949C392D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{6BA2F711-6B6C-4089-9A59-936626C9C94B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6C17A0F1-8E47-418C-A4AC-56E315C3896B}" = protocol=6 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{802BB36F-FAF1-4F7C-AFB9-766BCCF30CCD}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{81F1C173-D6E7-4DFF-A961-CC1519229EE4}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{82D5EC68-E7FD-4B64-9C3B-35DD3D88154B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{833EF29F-E54F-43C8-95F2-D9E545C1BDA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{842540AC-3E91-4128-868A-5F2DF028D744}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{8467500B-FEB3-469D-A7B5-7BF6E3C7ADAA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{888DBB3E-D996-42DD-917A-D670B1FC0735}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{8EC6D276-B52E-4245-AA3D-476C2BE0B7D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94A4BE45-17C5-4388-9C9C-7780D079FE90}" = protocol=6 | dir=out | app=system |
"{993C1910-E768-456C-A64B-973FF5BB6F91}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9E64E5A4-2028-4848-A38D-D0F58A47FC09}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A5FF9D36-317A-4BF1-864F-9EFA9A2E7BD4}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{A955F119-DBB4-48F5-B805-267C8738E31E}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{B73C6D19-9D36-4CF4-A387-BEBC3ED6B86E}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{C3791A7A-91E9-4A87-B0A9-2A7041DD3A5E}" = protocol=6 | dir=out | app=system |
"{C49FC2BD-545B-408C-8D6D-23FEC3AAAADD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C6BA6415-2AAD-4EB4-87A9-2690338BB2BC}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
"{C991CAF0-5983-4592-A2A3-35A7D0F4BDED}" = protocol=17 | dir=in | app=c:\program files\gamersfirst\apb reloaded\binaries\apb.exe |
"{CB7280F7-701C-425C-9B32-5E856CD24D04}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{D025AE79-78AD-4E0D-ABF4-1E9FBC1BCAFF}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
"{D3F749B8-4F1E-4A2A-9EB7-296DE9EEA2B7}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
"{D43F108D-3611-4280-86C0-C8A3084F9744}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAF4A8DF-67A9-4D5C-B2F0-BBA57284313A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DBBEBB1E-E6B1-468E-BA78-11519FAF8C25}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DDDD41EC-572D-4C73-8A65-4EBB53B31084}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5D065D3-2113-4F2B-A9E6-536DB8FEC8B0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EA5DABDF-98BE-4141-A68A-E53D386F2AF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB4F5A04-FA62-4281-A17D-25A71AE9B119}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{EC94BC01-1E8C-4D42-B917-0E7F1EB70316}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ECE16952-1A80-493F-B9E3-FF20140E52A2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EE83F7E7-1A56-4FE5-9777-47E3F71AF611}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EF44F4EE-D8FC-4C1F-84A9-5BCBD413E077}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EFD6E2B3-23AE-4BE2-B621-0BEB6F621FF1}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{F2F99FE1-2952-4461-B764-9295CCE201FD}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{F81AE0AF-322A-4B04-A9D3-173787091672}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{08B86013-4558-4499-B80E-5E1DA6DD4602}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{0E514F9F-325A-4D05-BB56-6094B06982C1}C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"TCP Query User{1EE32A70-8D8E-457D-96F2-CE37A0853940}C:\program files\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\program files\screamer radio\screamer.exe |
"TCP Query User{29FE4857-93D4-4262-AAEF-228BF891CB11}C:\users\romanka\romec\gta\gta2.exe" = protocol=6 | dir=in | app=c:\users\romanka\romec\gta\gta2.exe |
"TCP Query User{503CFA8B-53C7-433A-9EEA-A59CB37539AA}C:\users\romec\sudden strike forever english\game_exe.exe" = protocol=6 | dir=in | app=c:\users\romec\sudden strike forever english\game_exe.exe |
"TCP Query User{609BA05E-F03E-4453-985F-E1E701A0FC5F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{8AB8AFA7-E374-438F-BFF2-66CD7923734E}C:\users\romanka\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\romanka\appdata\local\akamai\netsession_win.exe |
"TCP Query User{95D6877D-9FDF-4364-B430-816E400F2A80}C:\program files\eidos interactive\pyro\commandos\mpserver.exe" = protocol=6 | dir=in | app=c:\program files\eidos interactive\pyro\commandos\mpserver.exe |
"TCP Query User{A665BAD0-7A25-40ED-A5D0-0439BFA1D794}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{B305D3D5-06B7-4656-BCC8-3A8072D25867}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{B85012F0-14DD-4B33-9371-F48A71686EE2}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C4286CDA-FE34-4364-84F3-CB45E42E4FE9}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{CC36B68A-5BB8-409E-8700-E11CECE26B1E}C:\program files\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6 v42 digitalzone\hl.exe |
"TCP Query User{ECBC905C-C0B7-4D6E-9ADF-1E88C871A8E8}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{F9411CF4-444F-4FA8-8163-F8EE41D66AB2}C:\users\romanka\romec\games\gta\gta2.exe" = protocol=6 | dir=in | app=c:\users\romanka\romec\games\gta\gta2.exe |
"UDP Query User{1B667DFF-C58C-44CF-8202-B58ADE5958DE}C:\program files\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\program files\screamer radio\screamer.exe |
"UDP Query User{24D82136-20EC-469E-9191-00AC0DC0782E}C:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars jedi knight jedi academy\gamedata\jamp.exe |
"UDP Query User{3214CA39-488F-4160-A8C5-F64A91651283}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{5564A838-888F-4E66-A18B-07FFAC354E84}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{5E01B5BF-F718-4C7B-86E8-5BED0013F61F}C:\users\romanka\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\romanka\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7C77755C-6EC0-43CA-91F3-FCBDD3103136}C:\users\romanka\romec\gta\gta2.exe" = protocol=17 | dir=in | app=c:\users\romanka\romec\gta\gta2.exe |
"UDP Query User{897B16DE-D103-4A78-AA88-FC70920E1740}C:\program files\eidos interactive\pyro\commandos\mpserver.exe" = protocol=17 | dir=in | app=c:\program files\eidos interactive\pyro\commandos\mpserver.exe |
"UDP Query User{C03333D8-14DF-43F6-BB60-DD59D2C0EA94}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{C05BB22B-89D8-4126-B904-A1340DF5344C}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{C7621E35-D7B9-4C13-AD7E-3A20124EB7EE}C:\program files\counter-strike 1.6 v42 digitalzone\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6 v42 digitalzone\hl.exe |
"UDP Query User{CEE3C483-18FB-4310-9B3D-330A7B6A1E8B}C:\users\romec\sudden strike forever english\game_exe.exe" = protocol=17 | dir=in | app=c:\users\romec\sudden strike forever english\game_exe.exe |
"UDP Query User{DB3CC393-65D6-44D8-87B6-E954C2EAA4C0}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{DC5950E8-0FF9-43E4-9F02-4F6D98703FAA}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{F4A139A5-5024-4EA3-A18E-D443D8AD6825}C:\users\romanka\romec\games\gta\gta2.exe" = protocol=17 | dir=in | app=c:\users\romanka\romec\games\gta\gta2.exe |
"UDP Query User{F56E1EC9-8859-4C86-A14A-BFCB095FD355}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{26E20136-E332-4BC6-903F-ADDCAEE53263}" = ArCon 9 Profesionál
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3E5F76-7DD4-4F59-9CD6-B0159622B353}" = Double Vibration steering wheel
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-emachines" = WildTangent Games App (eMachines Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{730C01C5-CAE4-46FE-BA13-8B3E637F8192}" = e-Messenger 112
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Softonic Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB5F1FBF-57DB-4E22-83B0-FEC53C389762}" = YouTube Downloader Toolbar v5.6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FC87BEA8-5582-476C-A754-41F3A9D976D4}" = AVerTV
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo HDD Control_is1" = Ashampoo HDD Control 1.11
"avast" = avast! Free Antivirus
"AVerMedia A827 series driver" = AVerMedia A827 series driver 1.0.0.43
"AVerMedia MCE Encoder" = AVerMedia MCE Encoder 3.2.1.62
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = Software tiskárny EPSON
"EPSON Scanner" = EPSON Scan
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{6A3E5F76-7DD4-4F59-9CD6-B0159622B353}" = Double Vibration steering wheel
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"InstallShield_{FC87BEA8-5582-476C-A754-41F3A9D976D4}" = AVerTV
"LManager" = Launch Manager
"MAGIX hip hop music maker" = MAGIX hip hop music maker
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PowerISO" = PowerISO
"RfcClient" = rFactorCentral Client 1.04
"Syncrosoft's License Control" = Syncrosoft's License Control
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Softonic Toolbar Updater
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Re: Notebook se sekne
OTL logfile created on: 16.5.2012 20:14:15 - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Romanka\Romec\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,93 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 63,91% Memory free
4,10 Gb Paging File | 3,60 Gb Available in Paging File | 87,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 46,94 Gb Free Space | 33,76% Space Free | Partition Type: NTFS
Drive F: | 1,87 Gb Total Space | 1,86 Gb Free Space | 99,45% Space Free | Partition Type: FAT
Computer Name: DOMA | User Name: Romanka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.05.16 20:11:14 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Romanka\Romec\Desktop\OTL.exe
PRC - [2012.04.26 06:24:31 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.26 06:24:28 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.19 02:09:25 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2011.12.12 15:41:03 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.02.10 19:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.04.26 06:24:31 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [Auto | Stopped] -- C:\Program Files\Ashampoo\Ashampoo HDD Control\DfSdkS.exe -- (DfSdkS)
SRV - [2009.04.03 19:54:40 | 000,723,488 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.24 09:15:50 | 000,188,416 | R--- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe -- (CardBusService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.16 08:56:04 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.07.28 15:33:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.07.28 15:33:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010.07.28 15:33:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010.07.28 15:33:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.09.15 06:00:00 | 000,195,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TridVidII.sys -- (TridVid)
DRV - [2009.06.25 16:45:04 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2009.06.23 08:53:18 | 001,181,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.04.10 05:19:00 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2009.01.15 05:03:14 | 000,049,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2008.05.10 03:33:10 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) Ovladač protokolu RMCAST (Pgm)
DRV - [2007.08.16 11:54:38 | 000,220,672 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}: "URL" = http://www.toggle.com/en/index.php?rvs=google
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACEW
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2790392
IE - HKLM\..\SearchScopes\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}: "URL" = http://www.toggle.com/en/index.php?rvs=google
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 2622605434
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}: "URL" = http://www.google.com/search?q={searchT ... lz=1I7ACEW
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{D1DAFF92-91E5-4055-81B2-98F65A53137D}: "URL" = http://websearch.ask.com/redirect?clien ... C329862538
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=quicksearch_6826&q="
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.SmileyCentral_1v.com/Plugin: C:\Program Files\SmileyCentral_1vEI\Installr\3.bin\NP1vEISB.dll (SmileyCentral)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Romanka\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Romanka\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.05.16 16:00:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.26 06:24:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 22:21:07 | 000,000,000 | ---D | M]
[2012.05.16 19:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Extensions
[2012.05.16 19:56:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions
[2012.05.16 20:08:52 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.24 13:34:11 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.05.16 19:55:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\staged
[2012.05.16 19:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.29 09:15:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.25 13:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.25 13:13:42 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.05.16 16:00:40 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.05.04 08:41:59 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.05.04 08:41:59 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
[2012.02.05 11:22:25 | 000,021,093 | ---- | M] () (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI
File not found (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[2012.03.07 23:50:01 | 000,079,365 | ---- | M] () (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\ANTICONTAINER@DOWNTHEMALL.NET.XPI
[2012.01.14 05:37:13 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012.04.26 06:24:31 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.24 07:23:39 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.01.20 08:02:15 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.20 08:02:15 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.07 12:25:16 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.01.20 08:02:15 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.20 08:02:15 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.20 08:02:15 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - !{F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe (Ashampoo Development GmbH & Co. KG)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..Trusted Domains: everestpoker.com ([account] https in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.146.161.246 77.48.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC57526-98FC-444C-8503-4B134E970E89}: DhcpNameServer = 88.146.161.246 77.48.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Romanka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Romanka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\Shell - "" = AutoRun
O33 - MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\Shell\AutoRun\command - "" = E:\ICM_Manager.exe
O33 - MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\Shell - "" = AutoRun
O33 - MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.16 20:12:22 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Romanka\Romec\Desktop\OTL.exe
[2012.05.16 16:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.05.16 16:54:50 | 000,000,000 | ---D | C] -- C:\rsit
[2012.05.16 16:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.05.16 16:00:53 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.05.16 16:00:53 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.05.16 16:00:50 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.05.16 16:00:49 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.05.16 16:00:49 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.05.16 16:00:48 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.05.16 16:00:33 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.05.16 16:00:32 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.05.16 15:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.05.16 15:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.05.16 12:51:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.05.16 12:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.05.15 20:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperOvladac
[2012.05.13 07:11:53 | 000,000,000 | ---D | C] -- C:\Microgaming
[2012.05.13 07:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
========== Files - Modified Within 7 Days ==========
[2012.05.16 20:15:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.16 20:13:21 | 000,617,272 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.05.16 20:13:21 | 000,606,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.16 20:13:21 | 000,123,464 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.05.16 20:13:21 | 000,108,486 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.16 20:11:14 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Romanka\Romec\Desktop\OTL.exe
[2012.05.16 19:47:15 | 000,001,356 | ---- | M] () -- C:\Users\Romanka\AppData\Local\d3d9caps.dat
[2012.05.16 19:28:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.16 19:28:48 | 000,027,648 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2012.05.16 16:40:05 | 000,027,648 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2012.05.16 16:00:55 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.05.16 16:00:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.05.16 15:36:10 | 000,000,430 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
[2012.05.15 18:27:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job
[2012.05.15 16:27:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job
[2012.05.15 04:18:40 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.05.14 01:43:29 | 000,036,864 | ---- | M] () -- C:\Users\Romanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2012.05.16 20:15:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.16 16:00:55 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.02.19 02:09:25 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2012.02.05 15:46:10 | 000,000,501 | ---- | C] () -- C:\Windows\hiphopmaker.INI
[2012.02.05 15:44:13 | 000,000,112 | ---- | C] () -- C:\Windows\magix.ini
[2011.11.27 01:26:56 | 000,064,197 | ---- | C] () -- C:\Program Files\EULA.eng
[2011.10.04 17:24:47 | 000,141,200 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.04 17:24:47 | 000,138,056 | ---- | C] () -- C:\Users\Romanka\AppData\Roaming\PnkBstrK.sys
[2011.10.04 17:24:32 | 000,281,656 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.10.04 17:24:16 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.09.17 07:57:37 | 000,000,095 | ---- | C] () -- C:\Users\Romanka\AppData\Local\fusioncache.dat
[2011.09.12 19:24:39 | 628,348,928 | ---- | C] () -- C:\ProgramData\Commandos 2 CD - 3.iso
[2011.08.23 22:50:26 | 000,000,405 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2011.08.23 22:50:25 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
[2011.08.23 17:06:33 | 000,001,356 | ---- | C] () -- C:\Users\Romanka\AppData\Local\d3d9caps.dat
[2011.05.23 21:18:24 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini
[2011.03.27 09:53:50 | 000,049,152 | R--- | C] () -- C:\Windows\System32\AVerIO.dll
[2011.03.27 09:53:50 | 000,003,456 | R--- | C] () -- C:\Windows\System32\AVerIO.sys
[2011.03.27 09:53:46 | 000,262,144 | R--- | C] () -- C:\Windows\System32\sptlib01.dll
[2011.03.27 09:53:46 | 000,253,952 | R--- | C] () -- C:\Windows\System32\sptlib02.dll
[2011.03.01 16:20:10 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe
[2011.02.12 16:41:56 | 000,000,310 | ---- | C] () -- C:\Users\Romanka\AppData\Roaming\wklnhst.dat
[2011.02.11 19:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.01.11 21:37:45 | 000,021,885 | ---- | C] () -- C:\Users\Romanka\AppData\Roaming\UserTile.png
[2011.01.09 05:23:01 | 000,023,552 | ---- | C] () -- C:\Windows\System32\SYNSOACC.dll
[2011.01.09 05:17:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\bgspmnt.dll
[2011.01.09 05:17:06 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2011.01.09 05:17:06 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2011.01.07 00:06:35 | 000,000,514 | ---- | C] () -- C:\Windows\Viewer.INI
[2011.01.05 14:47:04 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2010.12.29 19:09:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.12.20 18:27:16 | 000,169,800 | ---- | C] () -- C:\Windows\MCEConfig.exe
[2010.12.20 18:27:11 | 000,520,192 | R--- | C] () -- C:\Windows\6010RMT.exe
[2010.12.20 18:25:46 | 000,195,072 | ---- | C] () -- C:\Windows\System32\drivers\TridVidII.sys
[2010.10.26 20:10:58 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.22 12:07:09 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2010.08.22 11:14:40 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.08.12 01:17:19 | 000,001,123 | ---- | C] () -- C:\Windows\WININIT.INI
[2010.08.12 00:06:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.11 23:23:35 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.08.11 23:05:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.08.11 19:05:05 | 000,036,864 | ---- | C] () -- C:\Users\Romanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2010.08.18 19:09:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Ashampoo
[2012.03.24 07:23:36 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Babylon
[2012.01.25 15:18:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\BitTorrent
[2012.04.30 12:55:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Canon
[2012.03.27 11:13:10 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\DAEMON Tools Lite
[2010.09.08 18:38:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\EPSON
[2010.10.29 00:19:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Genimo
[2011.11.16 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\HighPulse
[2011.12.16 15:17:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\ICQ
[2010.08.12 00:40:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\InterVideo
[2012.01.25 17:11:43 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\IrfanView
[2010.11.12 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\iWin
[2010.08.11 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\OpenOffice.org
[2011.01.11 21:37:45 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\PeerNetworking
[2011.03.07 13:02:34 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Template
[2011.08.30 12:12:01 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\wargaming.net
[2012.05.16 13:09:59 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Yandex
[2011.01.07 01:55:25 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Zoner
[2012.01.26 05:27:22 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\BitTorrent
[2012.01.26 05:28:52 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\DAEMON Tools Lite
[2011.07.09 02:03:45 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\ICQ
[2012.01.24 14:48:38 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\IrfanView
[2011.03.29 19:31:10 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\OpenCandy
[2011.01.09 05:17:32 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\pdfMachine
[2012.01.26 02:11:00 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\PeerNetworking
[2011.01.09 01:48:37 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\RfcClient
[2011.01.09 03:47:58 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\SmartDraw
[2011.02.16 16:35:15 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\Template
[2012.01.24 14:52:08 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\wargaming.net
[2010.12.31 11:10:18 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\WildTangent
[2012.01.24 13:55:29 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\Yandex
[2012.05.15 18:18:44 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\System32\autochk.exe
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2008.01.21 04:32:22 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[13 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[33 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[8 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.08.16 21:09:08 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Adobe
[2011.02.16 07:12:18 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\AdobeUM
[2010.10.01 15:19:02 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Ahead
[2010.08.18 19:09:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Ashampoo
[2012.03.24 07:23:36 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Babylon
[2012.01.25 15:18:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\BitTorrent
[2012.04.30 12:55:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Canon
[2012.03.27 11:13:10 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\DAEMON Tools Lite
[2010.09.08 18:38:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\EPSON
[2010.10.29 00:19:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Genimo
[2010.08.11 18:57:08 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Google
[2011.11.16 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\HighPulse
[2011.12.16 15:17:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\ICQ
[2010.08.11 18:36:13 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Identities
[2010.08.12 00:40:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\InterVideo
[2012.01.25 17:11:43 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\IrfanView
[2010.11.12 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\iWin
[2010.10.29 00:26:46 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Macromedia
[2012.05.14 21:14:17 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Media Player Classic
[2012.01.30 12:44:06 | 000,000,000 | --SD | M] -- C:\Users\Romanka\AppData\Roaming\Microsoft
[2010.08.11 23:20:02 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Microsoft Web Folders
[2010.08.11 23:05:43 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Mozilla
[2011.11.26 20:19:24 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Mozilla-Cache
[2010.08.11 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\OpenOffice.org
[2011.01.11 21:37:45 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\PeerNetworking
[2012.05.14 13:04:56 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Skype
[2011.07.25 10:46:57 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\skypePM
[2011.03.07 13:02:34 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Template
[2012.04.07 12:28:22 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\vlc
[2011.08.30 12:12:01 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\wargaming.net
[2012.05.01 08:32:50 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Winamp
[2010.10.07 12:22:37 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\WinRAR
[2012.05.16 13:09:59 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Yandex
[2011.01.07 01:55:25 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.01.07 01:56:33 | 007,383,104 | ---- | M] (ZONER software ) -- C:\Users\Romanka\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
[2011.05.07 23:50:18 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Users\Romanka\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.05.15 16:27:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job
[2012.05.15 18:27:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job
[2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 16:00:48 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.05.16 20:13:21 | 000,123,464 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.05.16 20:13:21 | 000,108,486 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.05.16 20:13:21 | 000,617,272 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.05.16 20:13:21 | 000,606,254 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.05.16 20:13:21 | 001,452,170 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012.05.16 19:28:48 | 000,027,648 | ---- | M] () -- C:\Windows\system32\umstartup.etl
[2012.05.16 16:40:05 | 000,027,648 | ---- | M] () -- C:\Windows\system32\umstartup000.etl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.01.21 04:32:56 | 001,233,920 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Romanka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.01.29 22:09:24 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.26 06:24:31 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.05.28 08:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=ED65737D70FDEAC29F738E77D2496EE5 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.16 20:15:33 | 000,000,512 | ---- | M] () MD5=D7269041B0C5059D2E400AFD195A4F92 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.12.16 15:11:20 | 000,213,474 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
[2011.12.16 15:11:52 | 000,028,809 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\bonus\win_msg\bonus_crackpink_txt.png
[2011.12.16 15:12:00 | 000,002,094 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_mouse_over.mp3
[2011.12.16 15:12:00 | 000,025,082 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_2.mp3
[2011.12.16 15:12:00 | 000,122,884 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_bomb.mp3
[2011.12.16 15:12:00 | 000,109,927 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_pending_eff.mp3
[2010.10.26 19:30:42 | 000,165,972 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sounds\cached_firecrackle.wav
[2003.06.24 22:49:00 | 000,016,978 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sounds\firecrackle.ogg
[2008.03.25 21:14:36 | 000,008,316 | ---- | M] () -- \Program Files\eMachines Games\Polar Pool\levels\ice_cave\scene\crack.jpg
[2008.03.25 21:14:36 | 000,007,666 | ---- | M] () -- \Program Files\eMachines Games\Polar Pool\levels\ice_cave\scene\crack_alpha.jpg
[2012.05.13 07:12:12 | 000,001,197 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2012.05.13 07:12:12 | 000,001,197 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2012.01.26 10:07:49 | 000,036,240 | R--- | M] () -- \Users\Romec\AppData\Local\Temp\Medal_of_Honor_2010_[Eng]_Full_Game_Keygen_Crack[OP_SN_95].6095273.TPB.torrent
[28 \Users\Romec\AppData\Local\Temp\*.tmp files -> \Users\Romec\AppData\Local\Temp\*.tmp -> ]
[2011.01.16 01:22:40 | 160,319,723 | ---- | M] () -- \Users\Romec\Downloads\GTA San Andreas full - čeština, crack, multiplayer.part6.rar
[2011.01.16 00:57:15 | 312,164,462 | ---- | M] () -- \Users\Romec\Downloads\GTA San Andreas full - čeština, crack, multiplayer\GTA San Andreas\GTA San Andreas full - čeština, crack, multiplayer.part5.rar.part
[2011.01.15 20:09:36 | 529,627,816 | ---- | M] () -- \Users\Romec\Downloads\GTA San Andreas full - čeština, crack, multiplayer\GTA San Andreas\GTA San Andreas_čeština 1.20\GTA San Andreas\GTA San Andreas full - čeština, crack, multiplayer.part4.rar.part
< *keygen* /s >
[2012.01.26 10:07:49 | 000,036,240 | R--- | M] () -- \Users\Romec\AppData\Local\Temp\Medal_of_Honor_2010_[Eng]_Full_Game_Keygen_Crack[OP_SN_95].6095273.TPB.torrent
[28 \Users\Romec\AppData\Local\Temp\*.tmp files -> \Users\Romec\AppData\Local\Temp\*.tmp -> ]
< *loader* /s >
[2011.12.16 13:57:46 | 000,602,256 | ---- | M] () -- \Poker\Poker 770\data\loader.dll
[2011.12.16 13:57:42 | 000,002,688 | ---- | M] () -- \Poker\Poker 770\data\loader.gam
[2011.12.11 15:46:37 | 000,005,265 | ---- | M] () -- \Poker\Poker 770\data\mgames\[en]\as2\movies\shared\loader.swf
[2011.12.16 13:57:42 | 000,002,608 | ---- | M] () -- \Poker\Poker 770\widgetbar\widgets\themecloud\resources\html\img\ajax-loader.gif
[2011.12.16 14:04:36 | 000,602,256 | ---- | M] () -- \Poker\Titan Poker\data\loader.dll
[2011.12.16 14:04:33 | 000,002,690 | ---- | M] () -- \Poker\Titan Poker\data\loader.gam
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2004.04.08 23:29:00 | 000,002,116 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\blue-Loader.jpg
[2004.04.08 03:08:00 | 000,007,604 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Flash-Loader.jpg
[2004.04.08 03:13:00 | 000,007,963 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Flash-Loader_.jpg
[2004.04.08 03:11:00 | 000,006,428 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Loader.jpg
[2003.12.17 21:32:00 | 000,028,201 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\loaderbar.png
[2004.04.08 03:12:00 | 000,002,693 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Loader_.jpg
[2004.03.12 03:25:00 | 000,110,633 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader.gif
[2004.03.11 01:08:00 | 000,011,370 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlay.jpg
[2004.03.12 03:36:00 | 000,003,973 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlaylit.jpg
[2004.03.12 03:36:00 | 000,001,932 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlaylit_.gif
[2004.05.07 02:35:00 | 000,003,829 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlay_.gif
[2004.04.14 19:17:00 | 000,006,343 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\purple-Loader.jpg
[2004.03.11 20:29:00 | 000,006,979 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar.jpg
[2004.03.17 23:20:00 | 000,004,691 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbarlit.jpg
[2004.03.17 23:20:00 | 000,002,208 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbarlit_.gif
[2004.03.11 20:30:00 | 000,003,075 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_.gif
[2004.04.06 01:45:00 | 000,008,190 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_clickhere.jpg
[2004.04.06 01:40:00 | 000,008,725 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_clickhere_over.jpg
[2010.10.26 19:30:38 | 000,013,218 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\blue-Loader.tga
[2010.10.26 19:30:38 | 000,263,570 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\flash-Loader.tga
[2010.10.26 19:30:38 | 000,073,938 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\Loader.tga
[2010.10.26 19:30:38 | 000,060,562 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\purple-Loader.tga
[2010.01.29 06:43:52 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.03.01 20:52:02 | 000,411,888 | ---- | M] () -- \Program Files\WildTangent Games\App\WTDownloader.exe
[2011.05.10 20:42:02 | 000,002,191 | ---- | M] () -- \Program Files\WildTangent Games\App\UI\GamePlay_Loader.html
[2011.02.16 21:02:14 | 000,009,072 | ---- | M] () -- \Program Files\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010.02.10 19:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.04.23 20:47:56 | 001,124,704 | ---- | M] () -- \Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll
[2011.10.10 10:01:22 | 001,178,504 | ---- | M] () -- \Program Files\YouTube Downloader\YouTubeDownloader.exe
[2010.04.29 16:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 16:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2012.05.13 07:13:15 | 000,021,364 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2012.05.13 07:13:14 | 000,003,916 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2012.05.13 07:13:02 | 000,000,734 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2012.05.13 07:13:02 | 000,003,512 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.dedbfe5bd17f51637cc0ac53b54d0151.inf
[2011.11.27 06:22:50 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.11.27 06:22:50 | 000,001,803 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.05.13 07:13:15 | 000,021,364 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2012.05.13 07:13:14 | 000,003,916 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2012.05.13 07:13:02 | 000,000,734 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2012.05.13 07:13:02 | 000,003,512 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.dedbfe5bd17f51637cc0ac53b54d0151.inf
[2011.11.27 06:22:50 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.11.27 06:22:50 | 000,001,803 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.01.19 17:57:38 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.01.19 17:57:39 | 000,061,770 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.01.19 17:57:40 | 000,061,770 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.01.14 06:05:20 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldClock.gadget\img\icons\black\loader.gif
[2012.01.14 06:05:20 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldClock.gadget\img\icons\white\loader.gif
[2012.01.14 06:09:14 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldWeatherEN.gadget\img\icons\black\loader.gif
[2012.01.14 06:09:14 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldWeatherEN.gadget\img\icons\white\loader.gif
[2012.05.16 17:47:29 | 000,094,818 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7LUNIV7\MovieLoader[1].swf
[2012.03.16 20:35:32 | 000,009,051 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.03.16 20:35:32 | 000,016,119 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.03.16 20:35:32 | 000,018,434 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.03.16 20:35:32 | 000,006,553 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.02.18 13:07:03 | 000,000,001 | ---- | M] () -- \Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.05.04 08:41:59 | 000,000,047 | ---- | M] () -- \Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\youtubedownloader@mybrowserbar.com
[2012.02.05 11:19:52 | 004,458,352 | ---- | M] () -- \Users\Romanka\Downloads\youtubedownloaderToolbar.exe
[2011.11.27 06:21:42 | 005,342,064 | ---- | M] () -- \Users\Romanka\Romec\ostatní\YouTubeDownloaderSetup34.exe
[2012.01.09 01:28:40 | 000,010,144 | ---- | M] () -- \Users\Romec\AppData\Roaming\Mozilla\Firefox\Profiles\itmmp70j.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\modules\ExternalLibraryLoader.jsm
[2012.01.23 16:54:58 | 000,010,144 | ---- | M] () -- \Users\Romec\AppData\Roaming\Mozilla\Firefox\Profiles\itmmp70j.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules\ExternalLibraryLoader.jsm
[2011.01.16 00:58:00 | 000,145,752 | ---- | M] () -- \Users\Romec\Downloads\shaiya_us_downloader(2).exe
[2011.01.16 00:48:59 | 000,145,752 | ---- | M] () -- \Users\Romec\Downloads\shaiya_us_downloader.exe
[2011.01.16 01:51:11 | 000,293,160 | ---- | M] () -- \Users\Romec\Downloads\SoftonicDownloader_for_gta-san-andreas.exe
[2011.05.30 20:57:22 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.01.21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.01.21 08:11:10 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.01.21 08:11:10 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.01.21 08:11:10 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2009.03.11 10:01:37 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Romanka\Romec\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,93 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 63,91% Memory free
4,10 Gb Paging File | 3,60 Gb Available in Paging File | 87,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 46,94 Gb Free Space | 33,76% Space Free | Partition Type: NTFS
Drive F: | 1,87 Gb Total Space | 1,86 Gb Free Space | 99,45% Space Free | Partition Type: FAT
Computer Name: DOMA | User Name: Romanka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.05.16 20:11:14 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Romanka\Romec\Desktop\OTL.exe
PRC - [2012.04.26 06:24:31 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.04.26 06:24:28 | 001,952,696 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.19 02:09:25 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
MOD - [2011.12.12 15:41:03 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2010.02.10 19:10:12 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.04.26 06:24:31 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.03.26 17:03:40 | 000,214,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [Auto | Stopped] -- C:\Program Files\Ashampoo\Ashampoo HDD Control\DfSdkS.exe -- (DfSdkS)
SRV - [2009.04.03 19:54:40 | 000,723,488 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2008.01.21 04:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.04.24 09:15:50 | 000,188,416 | R--- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe -- (CardBusService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - [2012.03.20 20:44:12 | 000,074,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.03.07 01:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.02.16 08:56:04 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.07.28 15:33:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.07.28 15:33:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010.07.28 15:33:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010.07.28 15:33:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.11.09 05:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.09.15 06:00:00 | 000,195,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TridVidII.sys -- (TridVid)
DRV - [2009.06.25 16:45:04 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2009.06.23 08:53:18 | 001,181,184 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.04.10 05:19:00 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Stopped] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2009.01.15 05:03:14 | 000,049,664 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2008.05.10 03:33:10 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST) Ovladač protokolu RMCAST (Pgm)
DRV - [2007.08.16 11:54:38 | 000,220,672 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}: "URL" = http://www.toggle.com/en/index.php?rvs=google
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACEW
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2790392
IE - HKLM\..\SearchScopes\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}: "URL" = http://www.toggle.com/en/index.php?rvs=google
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 2622605434
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... earchTerms}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}: "URL" = http://www.google.com/search?q={searchT ... lz=1I7ACEW
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{D1DAFF92-91E5-4055-81B2-98F65A53137D}: "URL" = http://websearch.ask.com/redirect?clien ... C329862538
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=quicksearch_6826&q="
FF - prefs.js..network.proxy.type: 4
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.SmileyCentral_1v.com/Plugin: C:\Program Files\SmileyCentral_1vEI\Installr\3.bin\NP1vEISB.dll (SmileyCentral)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Romanka\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Romanka\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.05.16 16:00:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.26 06:24:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.12 22:21:07 | 000,000,000 | ---D | M]
[2012.05.16 19:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Extensions
[2012.05.16 19:56:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions
[2012.05.16 20:08:52 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.24 13:34:11 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.05.16 19:55:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\staged
[2012.05.16 19:50:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.29 09:15:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.25 13:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.25 13:13:42 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.05.16 16:00:40 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.05.04 08:41:59 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.05.04 08:41:59 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF
[2012.02.05 11:22:25 | 000,021,093 | ---- | M] () (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}.XPI
File not found (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[2012.03.07 23:50:01 | 000,079,365 | ---- | M] () (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\ANTICONTAINER@DOWNTHEMALL.NET.XPI
[2012.01.14 05:37:13 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012.04.26 06:24:31 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.03.24 07:23:39 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.01.20 08:02:15 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.01.20 08:02:15 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.07 12:25:16 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.01.20 08:02:15 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.01.20 08:02:15 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.01.20 08:02:15 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: No name found = C:\Users\Romanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - !{F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found.
O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe (Acer Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe (Ashampoo Development GmbH & Co. KG)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\System32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NWEReboot] File not found
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar" File not found
O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..Trusted Domains: everestpoker.com ([account] https in Trusted sites)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.146.161.246 77.48.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4CC57526-98FC-444C-8503-4B134E970E89}: DhcpNameServer = 88.146.161.246 77.48.254.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Romanka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Romanka\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\Shell - "" = AutoRun
O33 - MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\Shell\AutoRun\command - "" = E:\ICM_Manager.exe
O33 - MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\Shell - "" = AutoRun
O33 - MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.05.16 20:12:22 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Romanka\Romec\Desktop\OTL.exe
[2012.05.16 16:54:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.05.16 16:54:50 | 000,000,000 | ---D | C] -- C:\rsit
[2012.05.16 16:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.05.16 16:00:53 | 000,337,880 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.05.16 16:00:53 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.05.16 16:00:50 | 000,035,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.05.16 16:00:49 | 000,612,184 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.05.16 16:00:49 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.05.16 16:00:48 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.05.16 16:00:33 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.05.16 16:00:32 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.05.16 15:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.05.16 15:59:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.05.16 12:51:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.05.16 12:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.05.15 20:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperOvladac
[2012.05.13 07:11:53 | 000,000,000 | ---D | C] -- C:\Microgaming
[2012.05.13 07:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\MGS
========== Files - Modified Within 7 Days ==========
[2012.05.16 20:15:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.05.16 20:13:21 | 000,617,272 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.05.16 20:13:21 | 000,606,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.05.16 20:13:21 | 000,123,464 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.05.16 20:13:21 | 000,108,486 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.05.16 20:11:14 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Romanka\Romec\Desktop\OTL.exe
[2012.05.16 19:47:15 | 000,001,356 | ---- | M] () -- C:\Users\Romanka\AppData\Local\d3d9caps.dat
[2012.05.16 19:28:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.16 19:28:48 | 000,027,648 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2012.05.16 16:40:05 | 000,027,648 | ---- | M] () -- C:\Windows\System32\umstartup000.etl
[2012.05.16 16:00:55 | 000,001,791 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.05.16 16:00:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.05.16 15:36:10 | 000,000,430 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
[2012.05.15 18:27:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job
[2012.05.15 16:27:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job
[2012.05.15 04:18:40 | 000,000,116 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.05.14 01:43:29 | 000,036,864 | ---- | M] () -- C:\Users\Romanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2012.05.16 20:15:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.16 16:00:55 | 000,001,791 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.02.19 02:09:25 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2012.02.05 15:46:10 | 000,000,501 | ---- | C] () -- C:\Windows\hiphopmaker.INI
[2012.02.05 15:44:13 | 000,000,112 | ---- | C] () -- C:\Windows\magix.ini
[2011.11.27 01:26:56 | 000,064,197 | ---- | C] () -- C:\Program Files\EULA.eng
[2011.10.04 17:24:47 | 000,141,200 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.10.04 17:24:47 | 000,138,056 | ---- | C] () -- C:\Users\Romanka\AppData\Roaming\PnkBstrK.sys
[2011.10.04 17:24:32 | 000,281,656 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.10.04 17:24:16 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.09.17 07:57:37 | 000,000,095 | ---- | C] () -- C:\Users\Romanka\AppData\Local\fusioncache.dat
[2011.09.12 19:24:39 | 628,348,928 | ---- | C] () -- C:\ProgramData\Commandos 2 CD - 3.iso
[2011.08.23 22:50:26 | 000,000,405 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2011.08.23 22:50:25 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
[2011.08.23 17:06:33 | 000,001,356 | ---- | C] () -- C:\Users\Romanka\AppData\Local\d3d9caps.dat
[2011.05.23 21:18:24 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini
[2011.03.27 09:53:50 | 000,049,152 | R--- | C] () -- C:\Windows\System32\AVerIO.dll
[2011.03.27 09:53:50 | 000,003,456 | R--- | C] () -- C:\Windows\System32\AVerIO.sys
[2011.03.27 09:53:46 | 000,262,144 | R--- | C] () -- C:\Windows\System32\sptlib01.dll
[2011.03.27 09:53:46 | 000,253,952 | R--- | C] () -- C:\Windows\System32\sptlib02.dll
[2011.03.01 16:20:10 | 000,284,160 | ---- | C] () -- C:\Windows\unin0407.exe
[2011.02.12 16:41:56 | 000,000,310 | ---- | C] () -- C:\Users\Romanka\AppData\Roaming\wklnhst.dat
[2011.02.11 19:40:40 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.01.11 21:37:45 | 000,021,885 | ---- | C] () -- C:\Users\Romanka\AppData\Roaming\UserTile.png
[2011.01.09 05:23:01 | 000,023,552 | ---- | C] () -- C:\Windows\System32\SYNSOACC.dll
[2011.01.09 05:17:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\bgspmnt.dll
[2011.01.09 05:17:06 | 000,000,571 | ---- | C] () -- C:\Windows\System32\FeMakro.ini
[2011.01.09 05:17:06 | 000,000,497 | ---- | C] () -- C:\Windows\System32\FeAnim.ini
[2011.01.07 00:06:35 | 000,000,514 | ---- | C] () -- C:\Windows\Viewer.INI
[2011.01.05 14:47:04 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2010.12.29 19:09:51 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2010.12.20 18:27:16 | 000,169,800 | ---- | C] () -- C:\Windows\MCEConfig.exe
[2010.12.20 18:27:11 | 000,520,192 | R--- | C] () -- C:\Windows\6010RMT.exe
[2010.12.20 18:25:46 | 000,195,072 | ---- | C] () -- C:\Windows\System32\drivers\TridVidII.sys
[2010.10.26 20:10:58 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010.08.25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010.08.25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010.08.25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010.08.25 19:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010.08.22 12:07:09 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2010.08.22 11:14:40 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.08.12 01:17:19 | 000,001,123 | ---- | C] () -- C:\Windows\WININIT.INI
[2010.08.12 00:06:10 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.11 23:23:35 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.08.11 23:05:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.08.11 19:05:05 | 000,036,864 | ---- | C] () -- C:\Users\Romanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== LOP Check ==========
[2010.08.18 19:09:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Ashampoo
[2012.03.24 07:23:36 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Babylon
[2012.01.25 15:18:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\BitTorrent
[2012.04.30 12:55:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Canon
[2012.03.27 11:13:10 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\DAEMON Tools Lite
[2010.09.08 18:38:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\EPSON
[2010.10.29 00:19:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Genimo
[2011.11.16 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\HighPulse
[2011.12.16 15:17:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\ICQ
[2010.08.12 00:40:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\InterVideo
[2012.01.25 17:11:43 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\IrfanView
[2010.11.12 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\iWin
[2010.08.11 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\OpenOffice.org
[2011.01.11 21:37:45 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\PeerNetworking
[2011.03.07 13:02:34 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Template
[2011.08.30 12:12:01 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\wargaming.net
[2012.05.16 13:09:59 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Yandex
[2011.01.07 01:55:25 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Zoner
[2012.01.26 05:27:22 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\BitTorrent
[2012.01.26 05:28:52 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\DAEMON Tools Lite
[2011.07.09 02:03:45 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\ICQ
[2012.01.24 14:48:38 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\IrfanView
[2011.03.29 19:31:10 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\OpenCandy
[2011.01.09 05:17:32 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\pdfMachine
[2012.01.26 02:11:00 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\PeerNetworking
[2011.01.09 01:48:37 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\RfcClient
[2011.01.09 03:47:58 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\SmartDraw
[2011.02.16 16:35:15 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\Template
[2012.01.24 14:52:08 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\wargaming.net
[2010.12.31 11:10:18 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\WildTangent
[2012.01.24 13:55:29 | 000,000,000 | ---D | M] -- C:\Users\Romec\AppData\Roaming\Yandex
[2012.05.15 18:18:44 | 000,032,606 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:32:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\System32\autochk.exe
[2008.01.21 04:34:33 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:32:23 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:34:05 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2008.01.21 04:32:22 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:34:39 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:33:13 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2010.04.05 19:03:01 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=A6A02EF5B5E40FBD31A1ADC577DA54BB -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys
[2010.04.05 22:00:48 | 000,910,208 | ---- | M] (Microsoft Corporation) MD5=CC9993701AC57F995554C696DDA49C12 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22377_none_b5497d157cdc9c9f\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2008.01.21 04:34:55 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:34:37 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:34:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[13 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[33 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[8 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.08.16 21:09:08 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Adobe
[2011.02.16 07:12:18 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\AdobeUM
[2010.10.01 15:19:02 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Ahead
[2010.08.18 19:09:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Ashampoo
[2012.03.24 07:23:36 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Babylon
[2012.01.25 15:18:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\BitTorrent
[2012.04.30 12:55:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Canon
[2012.03.27 11:13:10 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\DAEMON Tools Lite
[2010.09.08 18:38:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\EPSON
[2010.10.29 00:19:41 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Genimo
[2010.08.11 18:57:08 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Google
[2011.11.16 19:44:51 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\HighPulse
[2011.12.16 15:17:09 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\ICQ
[2010.08.11 18:36:13 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Identities
[2010.08.12 00:40:00 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\InterVideo
[2012.01.25 17:11:43 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\IrfanView
[2010.11.12 17:11:05 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\iWin
[2010.10.29 00:26:46 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Macromedia
[2012.05.14 21:14:17 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Media Player Classic
[2012.01.30 12:44:06 | 000,000,000 | --SD | M] -- C:\Users\Romanka\AppData\Roaming\Microsoft
[2010.08.11 23:20:02 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Microsoft Web Folders
[2010.08.11 23:05:43 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Mozilla
[2011.11.26 20:19:24 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Mozilla-Cache
[2010.08.11 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\OpenOffice.org
[2011.01.11 21:37:45 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\PeerNetworking
[2012.05.14 13:04:56 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Skype
[2011.07.25 10:46:57 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\skypePM
[2011.03.07 13:02:34 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Template
[2012.04.07 12:28:22 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\vlc
[2011.08.30 12:12:01 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\wargaming.net
[2012.05.01 08:32:50 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Winamp
[2010.10.07 12:22:37 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\WinRAR
[2012.05.16 13:09:59 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Yandex
[2011.01.07 01:55:25 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2011.01.07 01:56:33 | 007,383,104 | ---- | M] (ZONER software ) -- C:\Users\Romanka\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build10.exe
[2011.05.07 23:50:18 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Users\Romanka\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.05.15 16:27:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job
[2012.05.15 18:27:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job
[2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 15:35:55 | 000,003,216 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.16 16:00:48 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2012.05.16 20:13:21 | 000,123,464 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.05.16 20:13:21 | 000,108,486 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.05.16 20:13:21 | 000,617,272 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.05.16 20:13:21 | 000,606,254 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.05.16 20:13:21 | 001,452,170 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[2012.05.16 19:28:48 | 000,027,648 | ---- | M] () -- C:\Windows\system32\umstartup.etl
[2012.05.16 16:40:05 | 000,027,648 | ---- | M] () -- C:\Windows\system32\umstartup000.etl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.01.21 04:32:56 | 001,233,920 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Users\Romanka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.01.29 22:09:24 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.26 06:24:31 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.05.28 08:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=ED65737D70FDEAC29F738E77D2496EE5 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.05.16 20:15:33 | 000,000,512 | ---- | M] () MD5=D7269041B0C5059D2E400AFD195A4F92 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.12.16 15:11:20 | 000,213,474 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
[2011.12.16 15:11:52 | 000,028,809 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\bonus\win_msg\bonus_crackpink_txt.png
[2011.12.16 15:12:00 | 000,002,094 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_mouse_over.mp3
[2011.12.16 15:12:00 | 000,025,082 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_2.mp3
[2011.12.16 15:12:00 | 000,122,884 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_bomb.mp3
[2011.12.16 15:12:00 | 000,109,927 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_pending_eff.mp3
[2010.10.26 19:30:42 | 000,165,972 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sounds\cached_firecrackle.wav
[2003.06.24 22:49:00 | 000,016,978 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sounds\firecrackle.ogg
[2008.03.25 21:14:36 | 000,008,316 | ---- | M] () -- \Program Files\eMachines Games\Polar Pool\levels\ice_cave\scene\crack.jpg
[2008.03.25 21:14:36 | 000,007,666 | ---- | M] () -- \Program Files\eMachines Games\Polar Pool\levels\ice_cave\scene\crack_alpha.jpg
[2012.05.13 07:12:12 | 000,001,197 | ---- | M] () -- \ProgramData\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2012.05.13 07:12:12 | 000,001,197 | ---- | M] () -- \Users\All Users\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf
[2012.01.26 10:07:49 | 000,036,240 | R--- | M] () -- \Users\Romec\AppData\Local\Temp\Medal_of_Honor_2010_[Eng]_Full_Game_Keygen_Crack[OP_SN_95].6095273.TPB.torrent
[28 \Users\Romec\AppData\Local\Temp\*.tmp files -> \Users\Romec\AppData\Local\Temp\*.tmp -> ]
[2011.01.16 01:22:40 | 160,319,723 | ---- | M] () -- \Users\Romec\Downloads\GTA San Andreas full - čeština, crack, multiplayer.part6.rar
[2011.01.16 00:57:15 | 312,164,462 | ---- | M] () -- \Users\Romec\Downloads\GTA San Andreas full - čeština, crack, multiplayer\GTA San Andreas\GTA San Andreas full - čeština, crack, multiplayer.part5.rar.part
[2011.01.15 20:09:36 | 529,627,816 | ---- | M] () -- \Users\Romec\Downloads\GTA San Andreas full - čeština, crack, multiplayer\GTA San Andreas\GTA San Andreas_čeština 1.20\GTA San Andreas\GTA San Andreas full - čeština, crack, multiplayer.part4.rar.part
< *keygen* /s >
[2012.01.26 10:07:49 | 000,036,240 | R--- | M] () -- \Users\Romec\AppData\Local\Temp\Medal_of_Honor_2010_[Eng]_Full_Game_Keygen_Crack[OP_SN_95].6095273.TPB.torrent
[28 \Users\Romec\AppData\Local\Temp\*.tmp files -> \Users\Romec\AppData\Local\Temp\*.tmp -> ]
< *loader* /s >
[2011.12.16 13:57:46 | 000,602,256 | ---- | M] () -- \Poker\Poker 770\data\loader.dll
[2011.12.16 13:57:42 | 000,002,688 | ---- | M] () -- \Poker\Poker 770\data\loader.gam
[2011.12.11 15:46:37 | 000,005,265 | ---- | M] () -- \Poker\Poker 770\data\mgames\[en]\as2\movies\shared\loader.swf
[2011.12.16 13:57:42 | 000,002,608 | ---- | M] () -- \Poker\Poker 770\widgetbar\widgets\themecloud\resources\html\img\ajax-loader.gif
[2011.12.16 14:04:36 | 000,602,256 | ---- | M] () -- \Poker\Titan Poker\data\loader.dll
[2011.12.16 14:04:33 | 000,002,690 | ---- | M] () -- \Poker\Titan Poker\data\loader.gam
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2004.04.08 23:29:00 | 000,002,116 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\blue-Loader.jpg
[2004.04.08 03:08:00 | 000,007,604 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Flash-Loader.jpg
[2004.04.08 03:13:00 | 000,007,963 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Flash-Loader_.jpg
[2004.04.08 03:11:00 | 000,006,428 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Loader.jpg
[2003.12.17 21:32:00 | 000,028,201 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\loaderbar.png
[2004.04.08 03:12:00 | 000,002,693 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\Loader_.jpg
[2004.03.12 03:25:00 | 000,110,633 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader.gif
[2004.03.11 01:08:00 | 000,011,370 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlay.jpg
[2004.03.12 03:36:00 | 000,003,973 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlaylit.jpg
[2004.03.12 03:36:00 | 000,001,932 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlaylit_.gif
[2004.05.07 02:35:00 | 000,003,829 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\nr_reloader_overlay_.gif
[2004.04.14 19:17:00 | 000,006,343 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\purple-Loader.jpg
[2004.03.11 20:29:00 | 000,006,979 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar.jpg
[2004.03.17 23:20:00 | 000,004,691 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbarlit.jpg
[2004.03.17 23:20:00 | 000,002,208 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbarlit_.gif
[2004.03.11 20:30:00 | 000,003,075 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_.gif
[2004.04.06 01:45:00 | 000,008,190 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_clickhere.jpg
[2004.04.06 01:40:00 | 000,008,725 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\images\title_loaderbar_clickhere_over.jpg
[2010.10.26 19:30:38 | 000,013,218 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\blue-Loader.tga
[2010.10.26 19:30:38 | 000,263,570 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\flash-Loader.tga
[2010.10.26 19:30:38 | 000,073,938 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\Loader.tga
[2010.10.26 19:30:38 | 000,060,562 | ---- | M] () -- \Program Files\eMachines Games\Bejeweled 2 Deluxe\sm_images\purple-Loader.tga
[2010.01.29 06:43:52 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.03.01 20:52:02 | 000,411,888 | ---- | M] () -- \Program Files\WildTangent Games\App\WTDownloader.exe
[2011.05.10 20:42:02 | 000,002,191 | ---- | M] () -- \Program Files\WildTangent Games\App\UI\GamePlay_Loader.html
[2011.02.16 21:02:14 | 000,009,072 | ---- | M] () -- \Program Files\WildTangent Games\App\UI\Scripts\gameplay_loader.js
[2010.11.03 23:17:00 | 000,002,355 | ---- | M] () -- \Program Files\WildTangent Games\App\UI\Skins\default\gameplay_loader.css
[2010.02.10 19:10:14 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.04.23 20:47:56 | 001,124,704 | ---- | M] () -- \Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll
[2011.10.10 10:01:22 | 001,178,504 | ---- | M] () -- \Program Files\YouTube Downloader\YouTubeDownloader.exe
[2010.04.29 16:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 16:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 16:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 16:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2012.05.13 07:13:15 | 000,021,364 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2012.05.13 07:13:14 | 000,003,916 | ---- | M] () -- \ProgramData\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2012.05.13 07:13:02 | 000,000,734 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2012.05.13 07:13:02 | 000,003,512 | ---- | M] () -- \ProgramData\MGS\cache\l\lobby_loader.dedbfe5bd17f51637cc0ac53b54d0151.inf
[2011.11.27 06:22:50 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.11.27 06:22:50 | 000,001,803 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.05.13 07:13:15 | 000,021,364 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2012.05.13 07:13:14 | 000,003,916 | ---- | M] () -- \Users\All Users\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2012.05.13 07:13:02 | 000,000,734 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.26394429b5ccae91098201dda958cd17.inf
[2012.05.13 07:13:02 | 000,003,512 | ---- | M] () -- \Users\All Users\MGS\cache\l\lobby_loader.dedbfe5bd17f51637cc0ac53b54d0151.inf
[2011.11.27 06:22:50 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader Help.url
[2011.11.27 06:22:50 | 000,001,803 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012.02.15 14:28:30 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.15 14:28:30 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.01.19 17:57:37 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.01.19 17:57:38 | 000,057,728 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.01.19 17:57:39 | 000,061,770 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.01.19 17:57:40 | 000,061,770 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.01.14 06:05:20 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldClock.gadget\img\icons\black\loader.gif
[2012.01.14 06:05:20 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldClock.gadget\img\icons\white\loader.gif
[2012.01.14 06:09:14 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldWeatherEN.gadget\img\icons\black\loader.gif
[2012.01.14 06:09:14 | 000,003,484 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows Sidebar\Gadgets\WorldWeatherEN.gadget\img\icons\white\loader.gif
[2012.05.16 17:47:29 | 000,094,818 | ---- | M] () -- \Users\Romanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7LUNIV7\MovieLoader[1].swf
[2012.03.16 20:35:32 | 000,009,051 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.03.16 20:35:32 | 000,016,119 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.03.16 20:35:32 | 000,018,434 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.03.16 20:35:32 | 000,006,553 | ---- | M] () -- \Users\Romanka\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.02.18 13:07:03 | 000,000,001 | ---- | M] () -- \Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.05.04 08:41:59 | 000,000,047 | ---- | M] () -- \Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\youtubedownloader@mybrowserbar.com
[2012.02.05 11:19:52 | 004,458,352 | ---- | M] () -- \Users\Romanka\Downloads\youtubedownloaderToolbar.exe
[2011.11.27 06:21:42 | 005,342,064 | ---- | M] () -- \Users\Romanka\Romec\ostatní\YouTubeDownloaderSetup34.exe
[2012.01.09 01:28:40 | 000,010,144 | ---- | M] () -- \Users\Romec\AppData\Roaming\Mozilla\Firefox\Profiles\itmmp70j.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\modules\ExternalLibraryLoader.jsm
[2012.01.23 16:54:58 | 000,010,144 | ---- | M] () -- \Users\Romec\AppData\Roaming\Mozilla\Firefox\Profiles\itmmp70j.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules\ExternalLibraryLoader.jsm
[2011.01.16 00:58:00 | 000,145,752 | ---- | M] () -- \Users\Romec\Downloads\shaiya_us_downloader(2).exe
[2011.01.16 00:48:59 | 000,145,752 | ---- | M] () -- \Users\Romec\Downloads\shaiya_us_downloader.exe
[2011.01.16 01:51:11 | 000,293,160 | ---- | M] () -- \Users\Romec\Downloads\SoftonicDownloader_for_gta-san-andreas.exe
[2011.05.30 20:57:22 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.01.21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.01.21 08:11:10 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.01.21 08:11:10 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2008.01.21 08:11:10 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2009.03.11 10:01:37 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
Re: Notebook se sekne
[2009.03.11 10:01:37 | 000,988,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winload.exe_75835076
[2009.03.11 10:01:37 | 000,927,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winresume.exe_85cd1215
[2008.01.21 04:36:35 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:36:35 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 09:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 09:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 12:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 12:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 12:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 10:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 12:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 09:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 09:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 11:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 12:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 12:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 09:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 11:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.21 07:57:58 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 09:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 09:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 04:29:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 10:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 09:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 04:27:10 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:23F65965
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:678C1866
< End of report >
[2009.03.11 10:01:37 | 000,927,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winresume.exe_85cd1215
[2008.01.21 04:36:35 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:36:35 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.02.29 09:26:23 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.02.29 09:19:08 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.02.29 12:05:29 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.02.29 12:07:01 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.02.29 12:05:17 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.02.29 10:14:00 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.02.29 12:02:51 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.02.29 09:19:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.02.29 09:21:05 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.02.29 11:56:53 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.02.29 12:12:24 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.02.29 12:01:15 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.02.29 09:46:06 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.02.29 11:17:45 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.21 07:57:58 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.02.29 09:17:27 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.02.29 09:13:09 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.21 04:29:34 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.02.29 10:08:07 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.02.29 09:37:27 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.11 00:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 12:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.21 04:27:10 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2008.01.21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.21 04:33:05 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:23F65965
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:678C1866
< End of report >
Re: Notebook se sekne
Mate tam dva antiviry (MSE a Avast), jeden z nich musi pryc 
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass) DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs) IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.toggle.com/en/index.php?rvs=google IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toggle.com/en/index.php?rvs=google IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}: "URL" = http://www.toggle.com/en/index.php?rvs=google IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392 IE - HKLM\..\SearchScopes\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}: "URL" = http://www.toggle.com/en/index.php?rvs=google IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.emachines.com/rdr.aspx? ... 810&m=e525 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=108602&babsrc=SP_ss&mntrId=64aa4f2a000000000000002622605434 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=quicksearch_6826 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms} IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACEW IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{D1DAFF92-91E5-4055-81B2-98F65A53137D}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=IP&apn_dtid=YYYYYYYYCZ&apn_uid=3FF19EA1-1594-4E37-876A-7E298FFF2528&apn_sauid=4927E779-844A-4102-8DE6-4CC329862538 IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms} IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms} IE - HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421 FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.order.1: "Search Results" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..keyword.URL: "http://search.seznam.cz/?sourceid=quicksearch_6826&q=" FF - prefs.js..network.proxy.type: 4 [2012.05.16 20:08:52 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} File not found (No name found) -- C:\USERS\ROMANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ECX0PT4C.DEFAULT\EXTENSIONS\{99079A25-328F-4BD4-BE04-00955ACAA0A7} O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (no name) - !{F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll File not found O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (no name) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - No CLSID value found. O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files\BitTorrentBar\tbBitT.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\RunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar" File not found O4 - HKLM..\RunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar" File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-623119012-232483285-2282111094-1000\..Trusted Domains: everestpoker.com ([account] https in Trusted sites) O33 - MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\Shell - "" = AutoRun O33 - MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\Shell - "" = AutoRun [2012.05.16 15:36:10 | 000,000,430 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics [2012.03.24 07:23:36 | 000,000,000 | ---D | M] -- C:\Users\Romanka\AppData\Roaming\Babylon [13 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [33 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [8 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\*.tmp -> ] [1 C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\*.tmp -> ] [2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] [2012.05.15 16:27:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job [2012.05.15 18:27:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job [2012.05.16 15:34:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:23F65965 @Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:678C1866 :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "SunJavaUpdateSched"=- "DATAMNGR"=- ""=- "SearchSettings"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" :files C:\Program Files\Common Files\Spigot C:\PROGRA~1\SEARCH~1 C:\Program Files\Ask.com C:\Program Files\BitTorrentBar C:\Program Files\Application Updater %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Notebook se sekne
All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
File C:\Program Files\Application Updater\ApplicationUpdater.exe not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service InCDRm stopped successfully!
Service InCDRm deleted successfully!
File system32\drivers\InCDRm.sys not found.
Service InCDPass stopped successfully!
Service InCDPass deleted successfully!
File system32\drivers\InCDPass.sys not found.
Service InCDFs stopped successfully!
Service InCDFs deleted successfully!
File system32\drivers\InCDFs.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ deleted successfully.
C:\Program Files\BitTorrentBar\tbBitT.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}\ not found.
HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll moved successfully.
HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8172f457-818d-46db-941f-2bbe53e156af}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D1DAFF92-91E5-4055-81B2-98F65A53137D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1DAFF92-91E5-4055-81B2-98F65A53137D}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ not found.
HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Search Results" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "http://search.seznam.cz/?sourceid=quicksearch_6826&q=" removed from keyword.URL
Prefs.js: 4 removed from network.proxy.type
Folder C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files\BitTorrentBar\tbBitT.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files\BitTorrentBar\tbBitT.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{038CB5C7-48EA-4AF9-94E0-A1646542E62B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}\ not found.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
File C:\Program Files\BitTorrentBar\tbBitT.dll not found.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqudatamngr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqutoolbar deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\everestpoker.com\account\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74b26ee6-3da8-11e1-8cb1-002622605434}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c4c51061-41aa-11e1-bc2f-002622605434}\ not found.
C:\Windows\System32\drivers\etc\hosts.ics moved successfully.
C:\Users\Romanka\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19FC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EBD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40E6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP541A.tmp\System.Workflow.Runtime.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP541A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AF7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9C4E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB0D7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB318.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC11.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD001.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD11A.tmp folder deleted successfully.
C:\Windows\Installer\MSI23D1.tmp deleted successfully.
C:\Windows\Installer\MSI28F1.tmp deleted successfully.
C:\Windows\Installer\MSI2C6B.tmp deleted successfully.
C:\Windows\Installer\MSI3071.tmp deleted successfully.
C:\Windows\Installer\MSI36F8.tmp deleted successfully.
C:\Windows\Installer\MSI3A34.tmp deleted successfully.
C:\Windows\Installer\MSI3CAA.tmp deleted successfully.
C:\Windows\Installer\MSI464E.tmp deleted successfully.
C:\Windows\Installer\MSI46C2.tmp deleted successfully.
C:\Windows\Installer\MSI4E13.tmp deleted successfully.
C:\Windows\Installer\MSI566D.tmp deleted successfully.
C:\Windows\Installer\MSI5BFA.tmp deleted successfully.
C:\Windows\Installer\MSI60FA.tmp deleted successfully.
C:\Windows\Installer\MSI62FE.tmp deleted successfully.
C:\Windows\Installer\MSI6649.tmp deleted successfully.
C:\Windows\Installer\MSI681E.tmp deleted successfully.
C:\Windows\Installer\MSI6D6D.tmp deleted successfully.
C:\Windows\Installer\MSI774D.tmp deleted successfully.
C:\Windows\Installer\MSI7DE3.tmp deleted successfully.
C:\Windows\Installer\MSI7F6A.tmp deleted successfully.
C:\Windows\Installer\MSI818D.tmp deleted successfully.
C:\Windows\Installer\MSI83EE.tmp deleted successfully.
C:\Windows\Installer\MSI865F.tmp deleted successfully.
C:\Windows\Installer\MSI87F6.tmp deleted successfully.
C:\Windows\Installer\MSI89AB.tmp deleted successfully.
C:\Windows\Installer\MSI89EF.tmp deleted successfully.
C:\Windows\Installer\MSI8CA9.tmp deleted successfully.
C:\Windows\Installer\MSI8D79.tmp deleted successfully.
C:\Windows\Installer\MSI9585.tmp deleted successfully.
C:\Windows\Installer\MSIDD5E.tmp deleted successfully.
C:\Windows\Installer\MSIF2D0.tmp deleted successfully.
C:\Windows\Installer\MSIF646.tmp deleted successfully.
C:\Windows\Installer\MSIFA7D.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC39B5.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC4E21.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC5437.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC589A.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC7A6C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACB7FA.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACBE9D.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACF087.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACF9B9.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltC0F7.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\BIT3.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\BIT4C4C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\BITDFE.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job moved successfully.
File C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job not found.
ADS C:\ProgramData\TEMP:23F65965 deleted successfully.
ADS C:\ProgramData\TEMP:678C1866 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
C:\Program Files\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
File\Folder C:\PROGRA~1\SEARCH~1 not found.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\BitTorrentBar folder moved successfully.
File\Folder C:\Program Files\Application Updater not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 254460 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes
User: Public
User: Romanka
->Temp folder emptied: 750907898 bytes
->Temporary Internet Files folder emptied: 1545876 bytes
->Java cache emptied: 3372876 bytes
->FireFox cache emptied: 44063010 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 568 bytes
User: Romec
->Temp folder emptied: 11378353 bytes
->Temporary Internet Files folder emptied: 621360 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49843958 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 622 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1074094 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 824,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: Public
User: Romanka
->Flash cache emptied: 0 bytes
User: Romec
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.43.0 log created on 05162012_233032
Files\Folders moved on Reboot...
C:\Users\Romanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OSPD4RN8\viewtopic[1].htm moved successfully.
Registry entries deleted on Reboot...
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
File C:\Program Files\Application Updater\ApplicationUpdater.exe not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service InCDRm stopped successfully!
Service InCDRm deleted successfully!
File system32\drivers\InCDRm.sys not found.
Service InCDPass stopped successfully!
Service InCDPass deleted successfully!
File system32\drivers\InCDPass.sys not found.
Service InCDFs stopped successfully!
Service InCDFs deleted successfully!
File system32\drivers\InCDFs.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ deleted successfully.
C:\Program Files\BitTorrentBar\tbBitT.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B2C55C9-9E00-4BCD-830E-8FB42C35A26E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3094EF3-93C4-4C08-86D6-1AE99C9EA2EE}\ not found.
HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\SearchDefaultBranded| /E : value set successfully!
HKU\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll moved successfully.
HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8172f457-818d-46db-941f-2bbe53e156af}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE4AF47A-7DCC-42B4-823B-20833272CBD1}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D1DAFF92-91E5-4055-81B2-98F65A53137D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D1DAFF92-91E5-4055-81B2-98F65A53137D}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E78BBB4B-1C6D-49B4-AF5E-FD5279E51E7D}\ not found.
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ not found.
HKU\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Search Results" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "http://search.seznam.cz/?sourceid=quicksearch_6826&q=" removed from keyword.URL
Prefs.js: 4 removed from network.proxy.type
Folder C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files\BitTorrentBar\tbBitT.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
File C:\Program Files\YouTube Downloader Toolbar\IE\5.6\youtubedownloaderToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\ not found.
File C:\Program Files\BitTorrentBar\tbBitT.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{038CB5C7-48EA-4AF9-94E0-A1646542E62B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038CB5C7-48EA-4AF9-94E0-A1646542E62B}\ not found.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.
File C:\Program Files\BitTorrentBar\tbBitT.dll not found.
Registry value HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqudatamngr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\removeSearchqutoolbar deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-623119012-232483285-2282111094-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\everestpoker.com\account\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{74b26ee6-3da8-11e1-8cb1-002622605434}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74b26ee6-3da8-11e1-8cb1-002622605434}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c4c51061-41aa-11e1-bc2f-002622605434}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c4c51061-41aa-11e1-bc2f-002622605434}\ not found.
C:\Windows\System32\drivers\etc\hosts.ics moved successfully.
C:\Users\Romanka\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19FC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2EBD.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP40E6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP541A.tmp\System.Workflow.Runtime.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP541A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9AF7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9C4E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA5B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB0D7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB318.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC11.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD001.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD11A.tmp folder deleted successfully.
C:\Windows\Installer\MSI23D1.tmp deleted successfully.
C:\Windows\Installer\MSI28F1.tmp deleted successfully.
C:\Windows\Installer\MSI2C6B.tmp deleted successfully.
C:\Windows\Installer\MSI3071.tmp deleted successfully.
C:\Windows\Installer\MSI36F8.tmp deleted successfully.
C:\Windows\Installer\MSI3A34.tmp deleted successfully.
C:\Windows\Installer\MSI3CAA.tmp deleted successfully.
C:\Windows\Installer\MSI464E.tmp deleted successfully.
C:\Windows\Installer\MSI46C2.tmp deleted successfully.
C:\Windows\Installer\MSI4E13.tmp deleted successfully.
C:\Windows\Installer\MSI566D.tmp deleted successfully.
C:\Windows\Installer\MSI5BFA.tmp deleted successfully.
C:\Windows\Installer\MSI60FA.tmp deleted successfully.
C:\Windows\Installer\MSI62FE.tmp deleted successfully.
C:\Windows\Installer\MSI6649.tmp deleted successfully.
C:\Windows\Installer\MSI681E.tmp deleted successfully.
C:\Windows\Installer\MSI6D6D.tmp deleted successfully.
C:\Windows\Installer\MSI774D.tmp deleted successfully.
C:\Windows\Installer\MSI7DE3.tmp deleted successfully.
C:\Windows\Installer\MSI7F6A.tmp deleted successfully.
C:\Windows\Installer\MSI818D.tmp deleted successfully.
C:\Windows\Installer\MSI83EE.tmp deleted successfully.
C:\Windows\Installer\MSI865F.tmp deleted successfully.
C:\Windows\Installer\MSI87F6.tmp deleted successfully.
C:\Windows\Installer\MSI89AB.tmp deleted successfully.
C:\Windows\Installer\MSI89EF.tmp deleted successfully.
C:\Windows\Installer\MSI8CA9.tmp deleted successfully.
C:\Windows\Installer\MSI8D79.tmp deleted successfully.
C:\Windows\Installer\MSI9585.tmp deleted successfully.
C:\Windows\Installer\MSIDD5E.tmp deleted successfully.
C:\Windows\Installer\MSIF2D0.tmp deleted successfully.
C:\Windows\Installer\MSIF646.tmp deleted successfully.
C:\Windows\Installer\MSIFA7D.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC39B5.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC4E21.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC5437.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC589A.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC7A6C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACB7FA.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACBE9D.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACF087.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACF9B9.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltC0F7.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\0c534e464bbc72b6d4ce97a830ce0c5b\BIT3.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\2916ca3350766bd8082911d922b26118\BIT4C4C.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\f1eb035a88c96e55f04cb025e02ae297\BITDFE.tmp deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-623119012-232483285-2282111094-1000UA.job moved successfully.
File C:\Windows\Tasks\User_Feed_Synchronization-{1315374A-4DAB-4404-A3A4-4575C03BA7F9}.job not found.
ADS C:\ProgramData\TEMP:23F65965 deleted successfully.
ADS C:\ProgramData\TEMP:678C1866 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== FILES ==========
C:\Program Files\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
File\Folder C:\PROGRA~1\SEARCH~1 not found.
C:\Program Files\Ask.com\Updater folder moved successfully.
C:\Program Files\Ask.com\assets\oobe folder moved successfully.
C:\Program Files\Ask.com\assets folder moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\BitTorrentBar folder moved successfully.
File\Folder C:\Program Files\Application Updater not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 254460 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes
User: Public
User: Romanka
->Temp folder emptied: 750907898 bytes
->Temporary Internet Files folder emptied: 1545876 bytes
->Java cache emptied: 3372876 bytes
->FireFox cache emptied: 44063010 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 568 bytes
User: Romec
->Temp folder emptied: 11378353 bytes
->Temporary Internet Files folder emptied: 621360 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 49843958 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 622 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1074094 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 824,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Guest
->Flash cache emptied: 0 bytes
User: Public
User: Romanka
->Flash cache emptied: 0 bytes
User: Romec
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.43.0 log created on 05162012_233032
Files\Folders moved on Reboot...
C:\Users\Romanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OSPD4RN8\viewtopic[1].htm moved successfully.
Registry entries deleted on Reboot...
Re: Notebook se sekne
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Doporucuji provest defragmentaci disku
- Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
- Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
- Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace
Dejte novy log z RSIT a napiste co nas pacient"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Notebook se sekne
V normálním režimu se opět sekne po cca 3-4 minutách.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Romanka at 2012-05-18 12:23:49
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 70 GB (49%) free of 142 GB
Total RAM: 1977 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:23:52, on 18.5.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Romanka\Romec\Desktop\RSIT.exe
C:\Program Files\trend micro\Romanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe
O4 - HKLM\..\Run: [NetFxUpdate_v1.1.4322] "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: CardBusService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6614 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{11825C19-51A9-4601-B1DE-709C0FBB28E8}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, wtxpcom@mybrowserbar.com:4.3, youtubedownloader@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "chrome://browser-region/locale/region.properties"
"{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.SmileyCentral_1v.com/Plugin]
"Description"=SmileyCentral Plugin
"Path"=C:\Program Files\SmileyCentral_1vEI\Installr\3.bin\NP1vEISB.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.3.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
Search_Results.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10 59272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-11 6724128]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-11-04 57344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-01-09 1418536]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-04-10 862728]
"Acer ePower Management"=C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [2009-04-03 698912]
"NWEReboot"= []
"Ashampoo HDD Control Guard"=C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe [2010-02-16 3994456]
"NetFxUpdate_v1.1.4322"=C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE [2007-08-14 618496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Romanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"msacm.msaudio1"=msaud32.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.sl_anet"=sl_anet.acm
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-05-17 14:25:30 ----D---- C:\ProgramData\ESET
2012-05-17 14:25:30 ----D---- C:\Program Files\ESET
2012-05-17 14:25:28 ----SHD---- C:\Config.Msi
2012-05-17 14:03:42 ----A---- C:\Windows\ntbtlog.txt
2012-05-17 09:05:19 ----D---- C:\Program Files\Defraggler
2012-05-16 23:30:32 ----D---- C:\_OTL
2012-05-16 16:54:50 ----D---- C:\rsit
2012-05-16 16:54:50 ----D---- C:\Program Files\trend micro
2012-05-16 15:59:58 ----D---- C:\ProgramData\AVAST Software
2012-05-16 15:59:58 ----D---- C:\Program Files\AVAST Software
2012-05-16 12:51:23 ----HD---- C:\ProgramData\Common Files
2012-05-16 12:50:47 ----D---- C:\ProgramData\MFAData
2012-05-15 20:19:44 ----D---- C:\ProgramData\SuperOvladac
2012-05-13 07:11:53 ----D---- C:\ProgramData\MGS
2012-05-13 07:11:53 ----D---- C:\Microgaming
2012-05-04 08:41:54 ----D---- C:\Program Files\YouTube Downloader Toolbar
2012-05-03 08:09:22 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-05-03 08:09:22 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-04-26 06:24:37 ----D---- C:\ProgramData\Mozilla
2012-04-26 06:24:36 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of files/folders modified in the last 1 month======
2012-05-18 11:36:26 ----D---- C:\Windows\System32
2012-05-18 11:36:26 ----D---- C:\Windows\inf
2012-05-18 11:36:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-18 11:30:40 ----D---- C:\Windows\Temp
2012-05-18 11:29:58 ----D---- C:\Windows\Prefetch
2012-05-18 11:28:12 ----D---- C:\Windows\system32\catroot2
2012-05-17 17:21:41 ----D---- C:\Windows
2012-05-17 14:26:15 ----SHD---- C:\Windows\Installer
2012-05-17 14:26:12 ----D---- C:\Windows\system32\drivers
2012-05-17 14:25:30 ----HD---- C:\ProgramData
2012-05-17 14:25:30 ----D---- C:\Program Files
2012-05-17 14:24:57 ----SHD---- C:\System Volume Information
2012-05-17 14:23:30 ----D---- C:\Windows\system32\LogFiles
2012-05-17 14:18:48 ----D---- C:\Windows\Debug
2012-05-17 14:14:52 ----A---- C:\Windows\NeroDigital.ini
2012-05-16 23:33:53 ----D---- C:\Windows\system32\drivers\etc
2012-05-16 23:30:41 ----D---- C:\Windows\Tasks
2012-05-16 23:30:41 ----D---- C:\Program Files\Common Files
2012-05-16 23:30:40 ----D---- C:\Program Files\ConduitEngine
2012-05-16 21:18:29 ----D---- C:\Windows\system32\catroot
2012-05-16 17:49:12 ----D---- C:\Casino
2012-05-16 15:44:54 ----D---- C:\Windows\winsxs
2012-05-16 13:09:59 ----D---- C:\Users\Romanka\AppData\Roaming\Yandex
2012-05-16 11:51:07 ----D---- C:\Windows\system32\wbem
2012-05-16 11:50:34 ----D---- C:\Windows\system32\config
2012-05-16 11:50:23 ----D---- C:\Windows\system32\Tasks
2012-05-16 11:50:23 ----D---- C:\Windows\system32\spool
2012-05-16 11:50:23 ----D---- C:\Windows\system32\Msdtc
2012-05-16 11:50:23 ----D---- C:\Windows\system32\CodeIntegrity
2012-05-16 11:50:22 ----D---- C:\Windows\registration
2012-05-16 04:09:13 ----D---- C:\Windows\pss
2012-05-14 21:14:17 ----D---- C:\Users\Romanka\AppData\Roaming\Media Player Classic
2012-05-14 13:04:56 ----D---- C:\Users\Romanka\AppData\Roaming\Skype
2012-05-12 07:09:53 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-12 03:13:55 ----D---- C:\ProgramData\Microsoft Help
2012-05-12 03:10:10 ----A---- C:\Windows\system32\mrt.exe
2012-05-03 23:00:19 ----D---- C:\Program Files\Microsoft Security Client
2012-05-03 08:29:14 ----D---- C:\Windows\rescache
2012-05-03 08:11:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-05-01 08:32:50 ----D---- C:\Users\Romanka\AppData\Roaming\Winamp
2012-04-30 12:55:41 ----D---- C:\Users\Romanka\AppData\Roaming\Canon
2012-04-26 06:24:31 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-16 242240]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-06-23 1181184]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-04-10 21000]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-01-15 49664]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-01-09 204976]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys [2009-04-10 20112]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2007-08-16 220672]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-27 1044984]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-11 2324512]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 PAC207;e-Messenger 112; C:\Windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-02-23 62976]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-07-28 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-07-28 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-07-28 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-07-28 100224]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 TridVid;TM6010 TV Service; C:\Windows\system32\DRIVERS\TridVidII.sys [2009-09-15 195072]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-21 28160]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
S2 CardBusService;CardBusService; C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe [2007-04-24 188416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe [2009-08-24 406016]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2009-04-03 723488]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-10-04 75136]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Romanka at 2012-05-18 12:23:49
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 70 GB (49%) free of 142 GB
Total RAM: 1977 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:23:52, on 18.5.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Romanka\Romec\Desktop\RSIT.exe
C:\Program Files\trend micro\Romanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [Ashampoo HDD Control Guard] C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe
O4 - HKLM\..\Run: [NetFxUpdate_v1.1.4322] "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: CardBusService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6614 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{11825C19-51A9-4601-B1DE-709C0FBB28E8}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\ecx0pt4c.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, wtxpcom@mybrowserbar.com:4.3, youtubedownloader@mybrowserbar.com:4.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "chrome://browser-region/locale/region.properties"
"{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.SmileyCentral_1v.com/Plugin]
"Description"=SmileyCentral Plugin
"Path"=C:\Program Files\SmileyCentral_1vEI\Installr\3.bin\NP1vEISB.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.3.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
Search_Results.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10 59272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-11 6724128]
"WarReg_PopUp"=C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe [2008-11-04 57344]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-01-09 1418536]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-04-10 862728]
"Acer ePower Management"=C:\Program Files\eMachines\eMachines Power Management\ePowerTray.exe [2009-04-03 698912]
"NWEReboot"= []
"Ashampoo HDD Control Guard"=C:\Program Files\Ashampoo\Ashampoo HDD Control\HDDControlGuard.exe [2010-02-16 3994456]
"NetFxUpdate_v1.1.4322"=C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE [2007-08-14 618496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Romanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"msacm.msaudio1"=msaud32.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.sl_anet"=sl_anet.acm
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-05-17 14:25:30 ----D---- C:\ProgramData\ESET
2012-05-17 14:25:30 ----D---- C:\Program Files\ESET
2012-05-17 14:25:28 ----SHD---- C:\Config.Msi
2012-05-17 14:03:42 ----A---- C:\Windows\ntbtlog.txt
2012-05-17 09:05:19 ----D---- C:\Program Files\Defraggler
2012-05-16 23:30:32 ----D---- C:\_OTL
2012-05-16 16:54:50 ----D---- C:\rsit
2012-05-16 16:54:50 ----D---- C:\Program Files\trend micro
2012-05-16 15:59:58 ----D---- C:\ProgramData\AVAST Software
2012-05-16 15:59:58 ----D---- C:\Program Files\AVAST Software
2012-05-16 12:51:23 ----HD---- C:\ProgramData\Common Files
2012-05-16 12:50:47 ----D---- C:\ProgramData\MFAData
2012-05-15 20:19:44 ----D---- C:\ProgramData\SuperOvladac
2012-05-13 07:11:53 ----D---- C:\ProgramData\MGS
2012-05-13 07:11:53 ----D---- C:\Microgaming
2012-05-04 08:41:54 ----D---- C:\Program Files\YouTube Downloader Toolbar
2012-05-03 08:09:22 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2012-05-03 08:09:22 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2012-04-26 06:24:37 ----D---- C:\ProgramData\Mozilla
2012-04-26 06:24:36 ----D---- C:\Program Files\Mozilla Maintenance Service
======List of files/folders modified in the last 1 month======
2012-05-18 11:36:26 ----D---- C:\Windows\System32
2012-05-18 11:36:26 ----D---- C:\Windows\inf
2012-05-18 11:36:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-18 11:30:40 ----D---- C:\Windows\Temp
2012-05-18 11:29:58 ----D---- C:\Windows\Prefetch
2012-05-18 11:28:12 ----D---- C:\Windows\system32\catroot2
2012-05-17 17:21:41 ----D---- C:\Windows
2012-05-17 14:26:15 ----SHD---- C:\Windows\Installer
2012-05-17 14:26:12 ----D---- C:\Windows\system32\drivers
2012-05-17 14:25:30 ----HD---- C:\ProgramData
2012-05-17 14:25:30 ----D---- C:\Program Files
2012-05-17 14:24:57 ----SHD---- C:\System Volume Information
2012-05-17 14:23:30 ----D---- C:\Windows\system32\LogFiles
2012-05-17 14:18:48 ----D---- C:\Windows\Debug
2012-05-17 14:14:52 ----A---- C:\Windows\NeroDigital.ini
2012-05-16 23:33:53 ----D---- C:\Windows\system32\drivers\etc
2012-05-16 23:30:41 ----D---- C:\Windows\Tasks
2012-05-16 23:30:41 ----D---- C:\Program Files\Common Files
2012-05-16 23:30:40 ----D---- C:\Program Files\ConduitEngine
2012-05-16 21:18:29 ----D---- C:\Windows\system32\catroot
2012-05-16 17:49:12 ----D---- C:\Casino
2012-05-16 15:44:54 ----D---- C:\Windows\winsxs
2012-05-16 13:09:59 ----D---- C:\Users\Romanka\AppData\Roaming\Yandex
2012-05-16 11:51:07 ----D---- C:\Windows\system32\wbem
2012-05-16 11:50:34 ----D---- C:\Windows\system32\config
2012-05-16 11:50:23 ----D---- C:\Windows\system32\Tasks
2012-05-16 11:50:23 ----D---- C:\Windows\system32\spool
2012-05-16 11:50:23 ----D---- C:\Windows\system32\Msdtc
2012-05-16 11:50:23 ----D---- C:\Windows\system32\CodeIntegrity
2012-05-16 11:50:22 ----D---- C:\Windows\registration
2012-05-16 04:09:13 ----D---- C:\Windows\pss
2012-05-14 21:14:17 ----D---- C:\Users\Romanka\AppData\Roaming\Media Player Classic
2012-05-14 13:04:56 ----D---- C:\Users\Romanka\AppData\Roaming\Skype
2012-05-12 07:09:53 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-12 03:13:55 ----D---- C:\ProgramData\Microsoft Help
2012-05-12 03:10:10 ----A---- C:\Windows\system32\mrt.exe
2012-05-03 23:00:19 ----D---- C:\Program Files\Microsoft Security Client
2012-05-03 08:29:14 ----D---- C:\Windows\rescache
2012-05-03 08:11:35 ----D---- C:\Windows\system32\drivers\cs-CZ
2012-05-01 08:32:50 ----D---- C:\Users\Romanka\AppData\Roaming\Winamp
2012-04-30 12:55:41 ----D---- C:\Users\Romanka\AppData\Roaming\Canon
2012-04-26 06:24:31 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-16 242240]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-06-23 1181184]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-04-10 21000]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-01-15 49664]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-01-09 204976]
S0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
S1 DritekPortIO;Dritek General Port I/O; \??\C:\Program Files\Launch Manager\DPortIO.sys [2009-04-10 20112]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2008-05-10 113664]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2007-08-16 220672]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-10-27 1044984]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-11 2324512]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 74112]
S3 PAC207;e-Messenger 112; C:\Windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2009-02-23 62976]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-07-28 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-07-28 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-07-28 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-07-28 100224]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
S3 TridVid;TM6010 TV Service; C:\Windows\system32\DRIVERS\TridVidII.sys [2009-09-15 195072]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-21 28160]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
S2 CardBusService;CardBusService; C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe [2007-04-24 188416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo HDD Control\Dfsdks.exe [2009-08-24 406016]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\eMachines\eMachines Power Management\ePowerSvc.exe [2009-04-03 723488]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-10-04 75136]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 214952]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Re: Notebook se sekne
Otestujte HD pomoci HD Tune http://www.stahuj.centrum.cz/utility_a_ ... g/hd-tune/
- Udelejte testy Benchmark a Error Scan - dejte screeny
- Dejte screen ze zalozky Health
- Scree udelate kdyz klilknete na tu modrou disketku a pak jej sem dejte dle tohoto navdou http://forum.viry.cz/viewtopic.php?f=11&t=14114 - zajima Vas jen cast "zaslani na forum" samozrejme
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Notebook se sekne
Tak ja Vam napisu ze tam mate dva antiviry, ze jeden musi pryc, tak vy tam jeste nainstalujete ESET, PROC prosim??? Dva antiviry jsou v kolizi, perou se mezti sebou - zpusobuji nestabilitu a pady OS...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Notebook se sekne
ESET naistaloval někdo, když jsem nebyl doma.
http://imageshack.us/photo/my-images/690/51361761.png/
http://imageshack.us/photo/my-images/690/51361761.png/
Re: Notebook se sekne
Takze jej odinstalujte
Z HD Tune udelejte jeste Error Scan a Benchmark - screen opet sem
Z HD Tune udelejte jeste Error Scan a Benchmark - screen opet sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
