prosím o kontrolu logu

Zpráva

selkir · #1 Příspěvek od **selkir** » 17 črc 2012 18:34

Logfile of random's system information tool 1.09 (written by random/random)
Run by Liška at 2012-07-17 19:32:16
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 38 GB (46%) free of 82 GB
Total RAM: 1015 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:37, on 17.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
d:\Downloads\RSIT.exe
C:\Program Files\trend micro\Liška.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\Office14\GROOVEEX.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programy\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\Office14\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programy\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programy\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .cdx: C:\Program Files\Internet Explorer\PLUGINS\Npcdp32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6010371-5590-445A-B76E-ECB4C6F505AD}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

--
End of file - 8800 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
prefs.js - "extensions.enabledItems" - "{a0faa0a4-f1a7-4098-9a74-21efc3a92372}:3.6.1, {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0, {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {87f54a61-c9b3-4138-a38a-33c31770bb9e}:0.7, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0, cs@dictionaries.addons.mozilla.org:1.0.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:7.0.1426, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\Programy\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Programy\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Programy\FireFox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Programy\FireFox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
chemdraw80.xpt
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Programy\FireFox\plugins\
npcdp32.dll
npnul32.dll
NPOFFICE.DLL
nppdf32.dll

C:\Programy\FireFox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\
cs@dictionaries.addons.mozilla.org
elemhidehelper@adblockplus.org
staged-xpis
xpose@viamatic.com
{0069127F-F91E-4A3A-829A-9CAB9D259E94}
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{0d3b5f80-1735-4c93-b817-dc4e50660591}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{1de0de3c-0b5c-4f67-90c6-689623894991}
{20a82645-c095-46ed-80e3-08825760534b}
{31513E58-F253-47ad-86DB-D5F21E905429}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{3cd27e92-1a30-11da-94c6-00e08161165f}
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{6e84150a-d526-41f1-a480-a67d3fed910d}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{87f54a61-c9b3-4138-a38a-33c31770bb9e}
{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
{8e117890-a33f-424b-a2ea-deb272731365}
{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
{a1f99b9c-30d3-4848-a646-afd282011a72}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{daf44bf7-a45e-4450-979c-91cf07434c3d}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
{EF522540-89F5-46b9-B6FE-1829E2B572C6}

C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\
conduit.xml
wikipedia-eng.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-12 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programy\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Programy\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-24 104984]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-24 121368]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-24 100888]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-06-03 98304]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-06-03 479232]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-13 16871936]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-05-04 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-05-17 933888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\INSTAL~1\{AC76B~2\_SC_AC~1.EXE [2011-07-19 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]
C:\Programy\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE [2007-05-11 738968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Liška^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.2.lnk]
C:\PROGRA~1\OPENOF~1.2\program\QUICKS~1.EXE [2007-03-22 393216]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\Liška\Nabídka Start\Programy\Po spuštění
StarOffice 8.lnk - C:\Program Files\Sun\StarOffice 8\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-10-10 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programy\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0xFFFFFF03

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Programy\CambridgeSoft\ChemOffice2004\Chem3D\Chem3D.exe"="C:\Programy\CambridgeSoft\ChemOffice2004\Chem3D\Chem3D.exe:*:Disabled:Chem3D Ultra"
"C:\Programy\CambridgeSoft\ChemOffice2004\ChemDraw\ChemDraw.exe"="C:\Programy\CambridgeSoft\ChemOffice2004\ChemDraw\ChemDraw.exe:*:Disabled:ChemDraw Ultra 8.0"
"C:\Programy\WinCmd\TotalCmd.exe"="C:\Programy\WinCmd\TotalCmd.exe:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Programy\uTorrent.exe"="C:\Programy\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Programy\Office14\GROOVE.EXE"="C:\Programy\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Programy\Office14\ONENOTE.EXE"="C:\Programy\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Programy\Office14\OUTLOOK.EXE"="C:\Programy\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-17 19:32:17 ----D---- C:\Program Files\trend micro
2012-07-17 19:32:16 ----D---- C:\rsit
2012-07-17 18:42:51 ----D---- C:\Program Files\CCleaner
2012-07-17 18:21:57 ----D---- C:\Program Files\Defraggler
2012-07-11 13:57:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 13:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-11 13:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 13:56:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 13:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-07 18:44:00 ----D---- C:\Documents and Settings\Liška\Data aplikací\vlc
2012-07-06 17:34:40 ----D---- C:\Program Files\Oracle
2012-07-06 17:33:48 ----D---- C:\Documents and Settings\Liška\Data aplikací\Oracle
2012-07-06 17:32:56 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-07-06 17:32:56 ----A---- C:\WINDOWS\system32\javaws.exe
2012-07-06 17:32:23 ----A---- C:\WINDOWS\system32\javaw.exe
2012-07-06 17:32:22 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-07-17 19:32:24 ----D---- C:\WINDOWS\Prefetch
2012-07-17 19:32:17 ----RD---- C:\Program Files
2012-07-17 19:27:54 ----D---- C:\WINDOWS\Temp
2012-07-17 19:27:32 ----SD---- C:\WINDOWS\Tasks
2012-07-17 19:27:00 ----D---- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
2012-07-17 19:23:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-17 19:23:47 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-17 19:23:39 ----D---- C:\Documents and Settings\Liška\Data aplikací\OpenOffice.org2
2012-07-17 19:21:59 ----D---- C:\WINDOWS\pss
2012-07-17 19:17:15 ----SHD---- C:\WINDOWS\Installer
2012-07-17 19:17:12 ----SHD---- C:\Config.Msi
2012-07-17 19:17:05 ----D---- C:\WINDOWS\system32
2012-07-17 19:17:05 ----D---- C:\WINDOWS\system
2012-07-17 19:17:05 ----D---- C:\Programy
2012-07-17 19:16:09 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-17 19:14:45 ----D---- C:\WINDOWS\WinSxS
2012-07-17 19:14:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2012-07-17 19:07:39 ----D---- C:\WINDOWS
2012-07-17 19:04:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-07-17 19:02:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-07-17 19:02:35 ----D---- C:\WINDOWS\system32\drivers
2012-07-17 19:01:12 ----D---- C:\Documents and Settings\Liška\Data aplikací\Media Player Classic
2012-07-17 19:01:08 ----D---- C:\Documents and Settings\Liška\Data aplikací\uTorrent
2012-07-17 19:00:45 ----D---- C:\WINDOWS\Debug
2012-07-17 19:00:44 ----D---- C:\WINDOWS\Minidump
2012-07-17 18:25:08 ----A---- C:\WINDOWS\WinCmd.ini
2012-07-17 17:41:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-07-15 18:37:45 ----HD---- C:\WINDOWS\inf
2012-07-12 10:31:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2012-07-11 13:57:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 13:57:01 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 13:45:05 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-06 17:38:49 ----D---- C:\Program Files\Common Files\Java
2012-07-06 17:28:43 ----D---- C:\Program Files\Java
2012-07-03 18:21:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-06-20 18:26:49 ----A---- C:\WINDOWS\win.ini
2012-06-19 14:52:26 ----D---- C:\WINDOWS\Help
2012-06-18 18:15:47 ----RSD---- C:\WINDOWS\assembly
2012-06-18 18:08:26 ----D---- C:\WINDOWS\Microsoft.NET

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2007-07-26 11264]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-04-15 534440]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-04-15 990632]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-03-27 47272]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-10-10 1181824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-17 4756992]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-05-19 25088]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2009-07-03 6912]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2009-07-24 42752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-14 342624]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-04 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Programy\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

PC je poněkud pomalé, tak mě zajímá, jestli tam náhodou není nějaká havěť.

#2 Příspěvek od **Márty84** » 18 črc 2012 09:00

Zdravim

Vzorny navstevnik a v logu crack na office, no fuj

Odinstalovat office, pak novy log z RSIT

selkir · #3 Příspěvek od **selkir** » 18 črc 2012 10:34

To není mé PC, ale kamaráda, moje jsou ty logy, kde je user Vítek

Doporučím mu Libre Office

#4 Příspěvek od **Márty84** » 18 črc 2012 10:44

Fajn. Tak az bude office pryc, dejte sem novy log z RSIT a zkusime s tim neco udelat.

Kolem jedne odchazim do prace a prijdu az v noci, takze sem dalsi postup hodim asi az zitra dopoledne

selkir · #5 Příspěvek od **selkir** » 18 črc 2012 12:35

Dobře, není problém, díky moc!

#6 Příspěvek od **Márty84** » 18 črc 2012 23:57

OK, budu ho tedy vyhlizet

selkir · #7 Příspěvek od **selkir** » 19 črc 2012 21:16

Logfile of random's system information tool 1.09 (written by random/random)
Run by Liška at 2012-07-19 17:52:56
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 41 GB (50%) free of 82 GB
Total RAM: 1015 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:53:14, on 19.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\igfxext.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\Liška.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .cdx: C:\Program Files\Internet Explorer\PLUGINS\Npcdp32.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6010371-5590-445A-B76E-ECB4C6F505AD}: NameServer = 8.8.8.8
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O18 - Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

--
End of file - 7430 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
prefs.js - "extensions.enabledItems" - "{a0faa0a4-f1a7-4098-9a74-21efc3a92372}:3.6.1, {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0, {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {87f54a61-c9b3-4138-a38a-33c31770bb9e}:0.7, {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0, cs@dictionaries.addons.mozilla.org:1.0.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:7.0.1426, {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Programy\FireFox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Programy\FireFox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
chemdraw80.xpt
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Programy\FireFox\plugins\
npcdp32.dll
npnul32.dll
NPOFFICE.DLL
nppdf32.dll

C:\Programy\FireFox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\
cs@dictionaries.addons.mozilla.org
elemhidehelper@adblockplus.org
staged-xpis
xpose@viamatic.com
{0069127F-F91E-4A3A-829A-9CAB9D259E94}
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{0d3b5f80-1735-4c93-b817-dc4e50660591}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
{1de0de3c-0b5c-4f67-90c6-689623894991}
{20a82645-c095-46ed-80e3-08825760534b}
{31513E58-F253-47ad-86DB-D5F21E905429}
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{3cd27e92-1a30-11da-94c6-00e08161165f}
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{6e84150a-d526-41f1-a480-a67d3fed910d}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{87f54a61-c9b3-4138-a38a-33c31770bb9e}
{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
{8e117890-a33f-424b-a2ea-deb272731365}
{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
{a1f99b9c-30d3-4848-a646-afd282011a72}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{daf44bf7-a45e-4450-979c-91cf07434c3d}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
{EF522540-89F5-46b9-B6FE-1829E2B572C6}

C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\
conduit.xml
wikipedia-eng.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-12 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-24 104984]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-24 121368]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-24 100888]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-06-03 98304]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-06-03 479232]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-13 16871936]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-07-21 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-05-04 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2005-05-17 933888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\INSTAL~1\{AC76B~2\_SC_AC~1.EXE [2011-07-19 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]
C:\Programy\Adobe\ACROBA~1.0\Acrobat\ADOBEC~1.EXE [2007-05-11 738968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Liška^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.2.lnk]
C:\PROGRA~1\OPENOF~1.2\program\QUICKS~1.EXE [2007-03-22 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Liška^Nabídka Start^Programy^Po spuštění^StarOffice 8.lnk]
C:\PROGRA~1\Sun\STAROF~1\program\QUICKS~1.EXE [2007-08-17 122880]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-10-10 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0xFFFFFF03

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Programy\CambridgeSoft\ChemOffice2004\Chem3D\Chem3D.exe"="C:\Programy\CambridgeSoft\ChemOffice2004\Chem3D\Chem3D.exe:*:Disabled:Chem3D Ultra"
"C:\Programy\CambridgeSoft\ChemOffice2004\ChemDraw\ChemDraw.exe"="C:\Programy\CambridgeSoft\ChemOffice2004\ChemDraw\ChemDraw.exe:*:Disabled:ChemDraw Ultra 8.0"
"C:\Programy\WinCmd\TotalCmd.exe"="C:\Programy\WinCmd\TotalCmd.exe:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Programy\uTorrent.exe"="C:\Programy\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-17 19:32:17 ----D---- C:\Program Files\trend micro
2012-07-17 19:32:16 ----D---- C:\rsit
2012-07-17 18:42:51 ----D---- C:\Program Files\CCleaner
2012-07-17 18:21:57 ----D---- C:\Program Files\Defraggler
2012-07-11 13:57:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 13:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-11 13:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 13:56:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 13:41:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-07 18:44:00 ----D---- C:\Documents and Settings\Liška\Data aplikací\vlc
2012-07-06 17:34:40 ----D---- C:\Program Files\Oracle
2012-07-06 17:33:48 ----D---- C:\Documents and Settings\Liška\Data aplikací\Oracle
2012-07-06 17:32:56 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-07-06 17:32:56 ----A---- C:\WINDOWS\system32\javaws.exe
2012-07-06 17:32:23 ----A---- C:\WINDOWS\system32\javaw.exe
2012-07-06 17:32:22 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 month======

2012-07-19 17:53:00 ----D---- C:\WINDOWS\Prefetch
2012-07-19 17:52:19 ----SD---- C:\WINDOWS\Tasks
2012-07-19 17:51:59 ----D---- C:\WINDOWS
2012-07-19 17:51:52 ----D---- C:\WINDOWS\Temp
2012-07-19 17:49:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-19 17:49:49 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-19 17:47:16 ----D---- C:\WINDOWS\Microsoft.NET
2012-07-19 17:45:00 ----SHD---- C:\WINDOWS\Installer
2012-07-19 17:44:57 ----D---- C:\WINDOWS\WinSxS
2012-07-19 17:44:57 ----D---- C:\WINDOWS\SxsCaPendDel
2012-07-19 17:43:17 ----SHD---- C:\Config.Msi
2012-07-19 17:40:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-07-19 17:40:43 ----RSD---- C:\WINDOWS\assembly
2012-07-19 17:38:44 ----RD---- C:\Program Files
2012-07-19 17:38:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-07-19 17:38:40 ----D---- C:\Programy
2012-07-19 17:34:49 ----D---- C:\WINDOWS\SHELLNEW
2012-07-19 17:34:29 ----D---- C:\Program Files\MSBuild
2012-07-19 17:34:14 ----RSD---- C:\WINDOWS\Fonts
2012-07-19 17:25:15 ----D---- C:\Program Files\Common Files\System
2012-07-19 17:25:11 ----A---- C:\WINDOWS\win.ini
2012-07-17 19:35:56 ----D---- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
2012-07-17 19:33:00 ----D---- C:\WINDOWS\pss
2012-07-17 19:23:39 ----D---- C:\Documents and Settings\Liška\Data aplikací\OpenOffice.org2
2012-07-17 19:17:05 ----D---- C:\WINDOWS\system32
2012-07-17 19:17:05 ----D---- C:\WINDOWS\system
2012-07-17 19:16:09 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-17 19:14:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2012-07-17 19:04:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-07-17 19:02:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-07-17 19:02:35 ----D---- C:\WINDOWS\system32\drivers
2012-07-17 19:01:12 ----D---- C:\Documents and Settings\Liška\Data aplikací\Media Player Classic
2012-07-17 19:01:08 ----D---- C:\Documents and Settings\Liška\Data aplikací\uTorrent
2012-07-17 19:00:45 ----D---- C:\WINDOWS\Debug
2012-07-17 19:00:44 ----D---- C:\WINDOWS\Minidump
2012-07-17 18:25:08 ----A---- C:\WINDOWS\WinCmd.ini
2012-07-15 18:37:45 ----HD---- C:\WINDOWS\inf
2012-07-12 10:31:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2012-07-11 13:57:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 13:57:01 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 13:45:05 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-06 17:38:49 ----D---- C:\Program Files\Common Files\Java
2012-07-06 17:28:43 ----D---- C:\Program Files\Java
2012-07-03 18:21:28 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-07-03 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-07-03 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-07-03 721000]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-07-03 353688]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-07-03 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-07-03 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-07-03 97608]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2007-07-26 11264]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-04-15 534440]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-04-15 990632]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-03-27 47272]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2006-10-10 1181824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-17 4756992]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2004-10-15 15295]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-05-19 25088]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2009-07-03 6912]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2009-07-24 42752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-07-03 44808]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-14 342624]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-04 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-16 136176]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Tady je, nevidím se s kamarádem každý den, omlouvám se.

#8 Příspěvek od **Márty84** » 20 črc 2012 12:14

V poradku, ja nikam nespecham

Taky tu nejsem porad.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
Lavasoft Kernexplorer
JavaQuickStarterService
gupdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\AutoKMS
C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\conduit.xml

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"SSBkgdUpdate"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

selkir · #9 Příspěvek od **selkir** » 20 črc 2012 16:15

Zde je log z OTM:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Liška
->Temp folder emptied: 264050041 bytes
->Temporary Internet Files folder emptied: 15337905 bytes
->Java cache emptied: 46069433 bytes
->FireFox cache emptied: 55560079 bytes
->Google Chrome cache emptied: 32915062 bytes
->Flash cache emptied: 121460 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 12740226 bytes
%systemroot%\System32\dllcache .tmp files removed: 12145152 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 959488 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 409950341 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 86474 bytes

Total Files Cleaned = 811,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Liška
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service Lavasoft Kernexplorer stopped successfully!
Service Lavasoft Kernexplorer deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\cs-cz\SET70.tmp moved successfully.
C:\WINDOWS\system32\cs-cz\SET71.tmp moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\tasks\AutoKMS.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\AutoKMS folder moved successfully.
C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\conduit.xml moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\IgfxTray deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SSBkgdUpdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 07202012_153550

Files moved on Reboot...
File C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

Registry entries deleted on Reboot...

#10 Příspěvek od **Márty84** » 20 črc 2012 16:25

Jeste mi sem dejte log z OTL

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

selkir · #11 Příspěvek od **selkir** » 23 črc 2012 17:37

OTL logfile created on: 23.7.2012 17:03:56 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Liška\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,05 Mb Total Physical Memory | 600,64 Mb Available Physical Memory | 59,17% Memory free
2,38 Gb Paging File | 2,13 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,02 Gb Total Space | 40,36 Gb Free Space | 50,43% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 17,18 Gb Free Space | 24,90% Space Free | Partition Type: NTFS
Drive E: | 489,25 Mb Total Space | 78,41 Mb Free Space | 16,03% Space Free | Partition Type: FAT
Drive F: | 3,61 Gb Total Space | 3,40 Gb Free Space | 94,02% Space Free | Partition Type: FAT32

Computer Name: LISKOVI | User Name: Liška | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 16:29:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.06.03 14:24:50 | 000,294,912 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008.06.03 13:43:56 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008.06.03 12:34:38 | 000,479,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008.04.14 15:03:54 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.14 15:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.07.21 10:14:36 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.23 12:44:42 | 001,785,856 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12072301\algo.dll
MOD - [2012.01.12 22:19:18 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_39c531ed\mscorlib.dll
MOD - [2012.01.12 22:18:50 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_133c278a\system.xml.dll
MOD - [2008.07.02 13:38:37 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008.07.02 13:38:33 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2008.04.14 14:58:40 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008.04.14 14:55:58 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.03.04 16:34:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.24 16:56:20 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2008.06.17 10:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.15 11:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.15 11:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.03.27 17:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.11 19:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.07.26 20:00:38 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2007.05.03 04:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:3.6.1
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {87f54a61-c9b3-4138-a38a-33c31770bb9e}:0.7
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programy\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Programy\FireFox\components [2011.06.20 11:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Programy\FireFox\plugins [2012.07.06 17:32:56 | 000,000,000 | ---D | M]

[2009.02.26 17:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Extensions
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions
[2009.12.18 11:57:32 | 000,000,000 | ---D | M] (MR Tech About:About) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0069127F-F91E-4A3A-829A-9CAB9D259E94}
[2009.12.18 11:57:34 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009.02.26 17:06:57 | 000,000,000 | ---D | M] ("Winestripe") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0d3b5f80-1735-4c93-b817-dc4e50660591}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] ("Tab Preview") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991}
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] ("MinimizeToTray") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}
[2009.12.18 11:57:31 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009.02.26 17:07:00 | 000,000,000 | ---D | M] ("SpiderZilla") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}
[2009.12.18 11:57:39 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009.12.18 11:57:34 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2009.12.18 11:57:29 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009.12.18 11:57:35 | 000,000,000 | ---D | M] (OperaView) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{87f54a61-c9b3-4138-a38a-33c31770bb9e}
[2009.12.18 11:57:40 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2009.02.26 17:07:08 | 000,000,000 | ---D | M] (Mozilla Calendar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{8e117890-a33f-424b-a2ea-deb272731365}
[2009.12.18 11:57:36 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
[2009.02.26 17:07:08 | 000,000,000 | ---D | M] (Print Preview) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a1f99b9c-30d3-4848-a646-afd282011a72}
[2009.02.26 17:07:10 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009.02.26 17:07:11 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2009.02.26 17:07:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.12.18 11:57:36 | 000,000,000 | ---D | M] (Extended Statusbar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2010.04.06 08:47:21 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2009.12.18 11:57:49 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009.02.26 17:06:55 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\cs@dictionaries.addons.mozilla.org
[2009.12.18 11:57:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\elemhidehelper@adblockplus.org
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\staged-xpis
[2009.02.26 17:06:56 | 000,000,000 | ---D | M] (Viamatic foXpose) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\xpose@viamatic.com
[2008.07.14 09:46:05 | 000,001,032 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\wikipedia-eng.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{87F54A61-C9B3-4138-A38A-33C31770BB9E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{A0FAA0A4-F1A7-4098-9A74-21EFC3A92372}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{DAF44BF7-A45E-4450-979C-91CF07434C3D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\CS@DICTIONARIES.ADDONS.MOZILLA.ORG
[2012.07.09 12:54:47 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012.04.19 18:45:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.09.30 11:32:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.18 11:15:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.09.29 09:41:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.07 11:25:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.04.19 18:45:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Li\u0161ka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: ChemDraw Pro Plugin (Enabled) = C:\Programy\FireFox\plugins\npcdp32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programy\FireFox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programy\FireFox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Programy\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Programy\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.20 15:36:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF 03 [binary data]
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Programy\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .cdx - C:\Program Files\Internet Explorer\plugins\NPCDP32.DLL (CambridgeSoft.Com)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6010371-5590-445A-B76E-ECB4C6F505AD}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6010371-5590-445A-B76E-ECB4C6F505AD}: NameServer = 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Liška\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Liška\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.02 11:24:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29f59415-c488-11de-b172-00224309b47a}\Shell - "" = AutoRun
O33 - MountPoints2\{29f59415-c488-11de-b172-00224309b47a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\autoplay\cOmMAnd - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\AutoRun\command - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\eXPlOre\COMmAND - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\oPEN\coMmaNd - "" = F:\qcxytf.pif
O34 - HKLM BootExecute: (dfboottime \??\C:\WINDOWS\System32\dfboottime.cfg)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.07.23 16:52:17 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
[2012.07.20 15:35:50 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.07.20 15:29:48 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTM (1).exe
[2012.07.19 18:34:38 | 000,000,000 | ---D | C] -- C:\6e431c8fd5f5ca4ee64b83f78957a0
[2012.07.19 14:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Plocha\Kinetika
[2012.07.17 19:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.17 19:32:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.17 18:59:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Liška\Recent
[2012.07.17 18:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.17 18:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2012.07.17 18:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.07.14 15:48:23 | 000,000,000 | ---D | C] -- d:\K vypálení
[2012.07.13 10:51:56 | 000,000,000 | ---D | C] -- d:\Pohlednice
[2012.07.09 15:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\Sun
[2012.07.07 18:44:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Data aplikací\vlc
[2012.07.07 18:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2012.07.06 17:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.07.06 17:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2012.07.06 17:32:56 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.07.06 17:32:56 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.07.06 17:32:23 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.07.06 17:32:22 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2008.07.03 11:25:01 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.23 17:10:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.23 17:00:45 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.23 17:00:14 | 000,189,508 | ---- | M] () -- C:\WINDOWS\System32\FontInfo.bin
[2012.07.23 17:00:14 | 000,060,716 | ---- | M] () -- C:\WINDOWS\System32\GlyphInfo.bin
[2012.07.23 16:58:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.23 16:50:51 | 000,342,537 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2010 Geeta.pdf
[2012.07.23 16:47:34 | 000,057,659 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2001 Seki.pdf
[2012.07.23 16:43:43 | 000,451,294 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden_ElKaissy.pdf
[2012.07.23 16:38:28 | 000,847,183 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden.pdf
[2012.07.23 16:33:22 | 000,223,304 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1980 McDonald.pdf
[2012.07.23 16:29:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
[2012.07.21 18:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.20 15:36:53 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.07.20 14:02:10 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTM (1).exe
[2012.07.19 18:36:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012.07.19 17:50:36 | 000,391,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.18 14:15:47 | 000,908,890 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2008 Wenger.pdf
[2012.07.18 14:14:19 | 000,448,426 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2009 Wenger.pdf
[2012.07.17 19:12:06 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012.07.17 19:12:06 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012.07.17 18:42:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.17 18:25:08 | 000,008,343 | ---- | M] () -- C:\WINDOWS\WinCmd.ini
[2012.07.17 18:22:00 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2012.07.13 12:31:55 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Calculator Plus.lnk
[2012.07.13 11:35:08 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2012.07.12 18:57:52 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Office PowerPoint 2003.lnk
[2012.07.12 18:57:42 | 000,003,208 | ---- | M] () -- C:\WINDOWS\im32st.dat
[2012.07.12 18:57:40 | 000,025,574 | ---- | M] () -- C:\WINDOWS\IM17.CFG
[2012.07.12 17:27:18 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\InfoMapa 17.lnk
[2012.07.09 18:09:09 | 000,002,541 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Office Word 2003.lnk
[2012.07.09 12:54:59 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.07 18:39:35 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.07.06 17:29:16 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.07.06 17:29:15 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.07.06 14:47:48 | 000,488,148 | ---- | M] () -- d:\posty-svatek.pdf
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.03 17:15:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.29 14:59:20 | 000,215,058 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Obraz145.jpg
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.23 17:10:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.23 16:50:59 | 000,342,537 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2010 Geeta.pdf
[2012.07.23 16:47:41 | 000,057,659 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2001 Seki.pdf
[2012.07.23 16:44:06 | 000,451,294 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden_ElKaissy.pdf
[2012.07.23 16:38:49 | 000,847,183 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden.pdf
[2012.07.23 16:33:40 | 000,223,304 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1980 McDonald.pdf
[2012.07.19 19:10:52 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office Word Viewer 2003.lnk
[2012.07.18 14:15:58 | 000,908,890 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2008 Wenger.pdf
[2012.07.18 14:14:37 | 000,448,426 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2009 Wenger.pdf
[2012.07.17 18:42:59 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.17 18:22:00 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2012.07.13 14:51:16 | 000,215,058 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\Obraz145.jpg
[2012.07.09 12:55:01 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.07 18:39:35 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.07.06 14:47:47 | 000,488,148 | ---- | C] () -- d:\posty-svatek.pdf
[2012.02.16 14:50:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.10.04 08:22:06 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2011.07.19 15:55:35 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.07.16 11:23:41 | 000,003,208 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2011.07.08 10:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.07.08 10:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.07.01 13:23:52 | 000,000,397 | ---- | C] () -- C:\WINDOWS\barcode.ini
[2011.06.29 16:11:24 | 000,000,093 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.06.15 14:01:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\longfile.INI
[2011.06.15 14:01:28 | 001,371,436 | ---- | C] () -- C:\WINDOWS\System32\VBAR2132.DLL
[2011.06.15 13:56:48 | 000,000,094 | ---- | C] () -- C:\WINDOWS\texture.ini
[2011.06.15 13:48:45 | 000,039,125 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2011.06.15 13:48:34 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\scpext.dll
[2010.11.07 13:22:50 | 000,189,508 | ---- | C] () -- C:\WINDOWS\System32\FontInfo.bin
[2010.11.07 13:22:50 | 000,060,716 | ---- | C] () -- C:\WINDOWS\System32\GlyphInfo.bin
[2010.10.21 14:46:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ltserial.dll
[2010.10.06 17:09:12 | 000,000,528 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.09.01 16:12:49 | 000,001,891 | ---- | C] () -- C:\WINDOWS\MapaCR.INI
[2010.05.27 16:39:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Liška\test.m3u
[2010.05.12 15:29:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Liška\st
[2009.06.26 18:41:53 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.20 18:19:06 | 000,001,858 | ---- | C] () -- C:\Documents and Settings\Liška\Data aplikací\mercuryrc
[2009.02.26 16:26:34 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\Liška\Data aplikací\wklnhst.dat
[2009.02.26 16:26:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\fusioncache.dat

========== LOP Check ==========

[2009.03.04 13:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Advanced Chemistry Development
[2010.12.16 11:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.01 12:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OriginLab
[2009.02.27 19:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plocha
[2009.06.25 15:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2008.07.03 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\StarOffice8
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Template
[2009.03.23 17:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\CCDC
[2010.01.31 18:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\IDOS
[2009.04.02 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InterVideo
[2009.06.25 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MobileAction
[2012.07.06 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2009.10.05 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\ScanSoft
[2012.07.19 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Template
[2012.07.17 19:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\uTorrent
[2011.07.20 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Zoner
[2012.07.23 17:00:45 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[31 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.19 19:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Adobe
[2010.03.07 13:38:58 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Liška\Data aplikací\Brother
[2009.03.23 17:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\CCDC
[2011.01.06 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Google
[2011.06.15 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Help
[2008.07.02 11:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Identities
[2010.01.31 18:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\IDOS
[2008.07.02 12:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InstallShield
[2009.04.02 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InterVideo
[2009.03.02 16:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Macromedia
[2012.07.17 19:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Media Player Classic
[2011.11.26 20:10:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Liška\Data aplikací\Microsoft
[2012.03.19 22:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MiKTeX
[2009.06.25 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MobileAction
[2009.02.26 17:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Mozilla
[2012.07.20 15:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\OpenOffice.org2
[2012.07.06 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2009.10.05 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\ScanSoft
[2011.10.04 22:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Skype
[2011.10.04 20:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\skypePM
[2012.07.19 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
[2008.07.03 11:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Sun
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Template
[2012.07.17 19:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\uTorrent
[2012.07.22 18:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\vlc
[2009.09.22 09:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\WinRAR
[2011.07.20 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.01.31 18:34:09 | 000,709,215 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\IDOS\unins000.exe
[2009.03.05 18:34:11 | 000,007,902 | R--- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Microsoft\Installer\{577DAE16-0C4D-45E9-A30C-C885A144F71D}\ARPPRODUCTICON.exe
[2006.11.01 17:30:18 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}\httrack\httrack.exe
[2007.10.08 01:57:52 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.28 11:15:38 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.07.02 13:14:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.07.02 13:14:43 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.07.02 13:14:43 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.23 17:00:14 | 000,189,508 | ---- | M] () -- C:\WINDOWS\system32\FontInfo.bin
[2012.07.23 17:00:14 | 000,060,716 | ---- | M] () -- C:\WINDOWS\system32\GlyphInfo.bin
[2012.07.21 18:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.23 17:10:31 | 000,000,512 | ---- | M] () MD5=BB7EF2E945F512A4B7604D8D00C03FBF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.05.15 21:19:56 | 000,000,656 | ---- | M] () -- \Documents and Settings\Liška\Data aplikací\Microsoft\Office\Naposledy otevřené\Crack.LNK
[2006.10.13 19:35:44 | 000,274,017 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\Nevytříděné\My eBooks\Massive Chemistry and explosives book collection\Impact Firecrackers - Uploaded by X-Wulf.pdf
[2006.10.13 19:35:44 | 000,246,021 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\Nevytříděné\My eBooks\Massive Chemistry and explosives book collection\impactfirecrackers.pdf
[1997.04.25 09:02:00 | 000,016,068 | ---- | M] () -- \Programy\photopnt\CANVAS\cracks2c.pcx

< *keygen* /s >

< *loader* /s >
[2010.02.25 16:44:36 | 000,625,152 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2007.03.21 22:51:50 | 000,023,552 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\javaloader.uno.dll
[2007.03.22 15:15:18 | 000,005,226 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.py
[2007.03.22 03:42:18 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.dll
[2007.03.22 15:41:34 | 000,000,145 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.ini
[2007.03.21 22:51:50 | 000,018,432 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\shlibloader.uno.dll
[2007.03.22 03:28:52 | 000,003,199 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\unoloader.jar
[2007.08.17 21:27:02 | 000,021,504 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\javaloader.uno.dll
[2007.08.17 21:28:18 | 000,016,384 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\shlibloader.uno.dll
[2007.08.30 18:28:48 | 000,004,065 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\classes\unoloader.jar
[2011.05.21 12:41:00 | 000,379,444 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\luatexbase-loader.pdf
[2011.05.21 12:41:00 | 000,000,555 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader-latex.tex
[2011.05.21 12:41:00 | 000,000,548 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader-plain.tex
[2011.05.21 12:41:00 | 000,000,411 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader.lua
[2011.05.21 12:41:00 | 000,000,419 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader.sub.lua
[2011.04.23 16:08:22 | 000,003,848 | ---- | M] () -- \Programy\MiKTeX\tex\generic\oberdiek\luatex-loader.sty
[2011.05.21 12:41:00 | 000,002,580 | ---- | M] () -- \Programy\MiKTeX\tex\luatex\luatexbase\luatexbase-loader.sty
[2011.05.21 12:41:00 | 000,002,075 | ---- | M] () -- \Programy\MiKTeX\tex\luatex\luatexbase\luatexbase.loader.lua
[2011.03.08 18:10:08 | 000,670,208 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 10:46:24 | 000,685,568 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2011.06.08 15:20:02 | 000,102,792 | ---- | M] () -- \Programy\Photo Studio 13\Program32\8bfLoader.exe
[2011.06.08 15:20:16 | 000,019,336 | ---- | M] () -- \Programy\Photo Studio 13\Program32\WICLoader.exe
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.03.25 13:33:10 | 000,093,794 | ---- | M] () -- \Program Files\Sun\StarOffice 8\share\samples\nl\texts\Uitnodiging.odt

< *AutoKMS* /s >
[2012.03.22 00:17:58 | 001,923,584 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.exe
[2012.03.22 00:17:59 | 000,000,715 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.ini
[2012.07.20 15:34:32 | 000,073,594 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.log
[2012.07.20 15:34:56 | 000,000,266 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\tasks\AutoKMS.job
[2012.07.19 18:38:39 | 000,046,488 | ---- | M] () -- \WINDOWS\Prefetch\AUTOKMS.EXE-01C3577A.pf

< *activator* /s >

< *serial* /s >
[2002.03.15 13:13:06 | 000,056,660 | ---- | M] () -- \Brother\BrDriver\MfcXP\2000\brserial.sys
[2010.06.16 10:02:00 | 000,000,091 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\CORSAIR (J)\CORSAIR (F)\Verze + serial.txt
[2007.03.22 01:56:44 | 000,188,993 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\serializer.jar
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.08.14 16:33:28 | 000,188,993 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\classes\serializer.jar
[2006.06.19 22:48:40 | 000,001,677 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\BadSerialNumberAlert.exv
[2006.05.09 23:26:40 | 000,001,545 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\CantChangeSerialNumberAlert.exv
[2006.05.09 23:26:40 | 000,001,550 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\InValidUpGradeSerialNumberAlert.exv
[2006.07.17 07:48:14 | 000,000,833 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\ReserializeAlert.exv
[2008.08.26 23:33:52 | 000,052,736 | ---- | M] () -- \Programy\Scope\data\SerialIO.dll
[2008.07.02 13:38:34 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.12 16:20:05 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.17 19:20:56 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.12 16:20:31 | 000,086,016 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.04.18 14:04:06 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.10 15:40:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2012.05.10 15:49:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 18:05:27 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6a37764b2df9b3f9c7775701027ef779\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 18:07:48 | 002,637,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
[2008.04.14 14:00:00 | 000,024,957 | ---- | M] () -- \WINDOWS\I386\DPSERIAL.DL_
[2008.04.14 14:00:00 | 000,030,259 | ---- | M] () -- \WINDOWS\I386\SERIAL.SY_
[2008.04.14 14:00:00 | 000,006,549 | ---- | M] () -- \WINDOWS\I386\SERIALUI.DL_
[2012.03.23 20:35:11 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.17 19:07:31 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.03.23 20:35:09 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.06.17 19:07:17 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2007.10.26 03:16:32 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2007.10.15 13:23:34 | 000,065,536 | ---- | M] () -- \WINDOWS\system32\ltserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> d:\cacert.crt:SummaryInformation

< End of report >

selkir · #12 Příspěvek od **selkir** » 23 črc 2012 17:38

OTL logfile created on: 23.7.2012 17:03:56 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Liška\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,05 Mb Total Physical Memory | 600,64 Mb Available Physical Memory | 59,17% Memory free
2,38 Gb Paging File | 2,13 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,02 Gb Total Space | 40,36 Gb Free Space | 50,43% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 17,18 Gb Free Space | 24,90% Space Free | Partition Type: NTFS
Drive E: | 489,25 Mb Total Space | 78,41 Mb Free Space | 16,03% Space Free | Partition Type: FAT
Drive F: | 3,61 Gb Total Space | 3,40 Gb Free Space | 94,02% Space Free | Partition Type: FAT32

Computer Name: LISKOVI | User Name: Liška | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 16:29:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.06.03 14:24:50 | 000,294,912 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008.06.03 13:43:56 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008.06.03 12:34:38 | 000,479,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008.04.14 15:03:54 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.14 15:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.07.21 10:14:36 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.23 12:44:42 | 001,785,856 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12072301\algo.dll
MOD - [2012.01.12 22:19:18 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_39c531ed\mscorlib.dll
MOD - [2012.01.12 22:18:50 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_133c278a\system.xml.dll
MOD - [2008.07.02 13:38:37 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008.07.02 13:38:33 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2008.04.14 14:58:40 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008.04.14 14:55:58 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.03.04 16:34:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.24 16:56:20 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2008.06.17 10:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.15 11:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.15 11:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.03.27 17:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.11 19:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.07.26 20:00:38 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2007.05.03 04:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:3.6.1
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {87f54a61-c9b3-4138-a38a-33c31770bb9e}:0.7
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programy\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Programy\FireFox\components [2011.06.20 11:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Programy\FireFox\plugins [2012.07.06 17:32:56 | 000,000,000 | ---D | M]

[2009.02.26 17:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Extensions
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions
[2009.12.18 11:57:32 | 000,000,000 | ---D | M] (MR Tech About:About) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0069127F-F91E-4A3A-829A-9CAB9D259E94}
[2009.12.18 11:57:34 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009.02.26 17:06:57 | 000,000,000 | ---D | M] ("Winestripe") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0d3b5f80-1735-4c93-b817-dc4e50660591}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] ("Tab Preview") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991}
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] ("MinimizeToTray") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}
[2009.12.18 11:57:31 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009.02.26 17:07:00 | 000,000,000 | ---D | M] ("SpiderZilla") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}
[2009.12.18 11:57:39 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009.12.18 11:57:34 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2009.12.18 11:57:29 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009.12.18 11:57:35 | 000,000,000 | ---D | M] (OperaView) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{87f54a61-c9b3-4138-a38a-33c31770bb9e}
[2009.12.18 11:57:40 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2009.02.26 17:07:08 | 000,000,000 | ---D | M] (Mozilla Calendar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{8e117890-a33f-424b-a2ea-deb272731365}
[2009.12.18 11:57:36 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
[2009.02.26 17:07:08 | 000,000,000 | ---D | M] (Print Preview) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a1f99b9c-30d3-4848-a646-afd282011a72}
[2009.02.26 17:07:10 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009.02.26 17:07:11 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2009.02.26 17:07:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.12.18 11:57:36 | 000,000,000 | ---D | M] (Extended Statusbar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2010.04.06 08:47:21 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2009.12.18 11:57:49 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009.02.26 17:06:55 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\cs@dictionaries.addons.mozilla.org
[2009.12.18 11:57:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\elemhidehelper@adblockplus.org
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\staged-xpis
[2009.02.26 17:06:56 | 000,000,000 | ---D | M] (Viamatic foXpose) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\xpose@viamatic.com
[2008.07.14 09:46:05 | 000,001,032 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\wikipedia-eng.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{87F54A61-C9B3-4138-A38A-33C31770BB9E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{A0FAA0A4-F1A7-4098-9A74-21EFC3A92372}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{DAF44BF7-A45E-4450-979C-91CF07434C3D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\CS@DICTIONARIES.ADDONS.MOZILLA.ORG
[2012.07.09 12:54:47 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012.04.19 18:45:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.09.30 11:32:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.18 11:15:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.09.29 09:41:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.07 11:25:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.04.19 18:45:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Li\u0161ka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: ChemDraw Pro Plugin (Enabled) = C:\Programy\FireFox\plugins\npcdp32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programy\FireFox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programy\FireFox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Programy\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Programy\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.20 15:36:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF 03 [binary data]
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Programy\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .cdx - C:\Program Files\Internet Explorer\plugins\NPCDP32.DLL (CambridgeSoft.Com)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6010371-5590-445A-B76E-ECB4C6F505AD}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6010371-5590-445A-B76E-ECB4C6F505AD}: NameServer = 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Liška\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Liška\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.02 11:24:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29f59415-c488-11de-b172-00224309b47a}\Shell - "" = AutoRun
O33 - MountPoints2\{29f59415-c488-11de-b172-00224309b47a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\autoplay\cOmMAnd - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\AutoRun\command - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\eXPlOre\COMmAND - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\oPEN\coMmaNd - "" = F:\qcxytf.pif
O34 - HKLM BootExecute: (dfboottime \??\C:\WINDOWS\System32\dfboottime.cfg)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.07.23 16:52:17 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
[2012.07.20 15:35:50 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.07.20 15:29:48 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTM (1).exe
[2012.07.19 18:34:38 | 000,000,000 | ---D | C] -- C:\6e431c8fd5f5ca4ee64b83f78957a0
[2012.07.19 14:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Plocha\Kinetika
[2012.07.17 19:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.17 19:32:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.17 18:59:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Liška\Recent
[2012.07.17 18:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.17 18:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2012.07.17 18:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.07.14 15:48:23 | 000,000,000 | ---D | C] -- d:\K vypálení
[2012.07.13 10:51:56 | 000,000,000 | ---D | C] -- d:\Pohlednice
[2012.07.09 15:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\Sun
[2012.07.07 18:44:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Data aplikací\vlc
[2012.07.07 18:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2012.07.06 17:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.07.06 17:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2012.07.06 17:32:56 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.07.06 17:32:56 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.07.06 17:32:23 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.07.06 17:32:22 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2008.07.03 11:25:01 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.23 17:10:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.23 17:00:45 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.23 17:00:14 | 000,189,508 | ---- | M] () -- C:\WINDOWS\System32\FontInfo.bin
[2012.07.23 17:00:14 | 000,060,716 | ---- | M] () -- C:\WINDOWS\System32\GlyphInfo.bin
[2012.07.23 16:58:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.23 16:50:51 | 000,342,537 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2010 Geeta.pdf
[2012.07.23 16:47:34 | 000,057,659 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2001 Seki.pdf
[2012.07.23 16:43:43 | 000,451,294 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden_ElKaissy.pdf
[2012.07.23 16:38:28 | 000,847,183 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden.pdf
[2012.07.23 16:33:22 | 000,223,304 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1980 McDonald.pdf
[2012.07.23 16:29:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
[2012.07.21 18:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.20 15:36:53 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.07.20 14:02:10 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTM (1).exe
[2012.07.19 18:36:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012.07.19 17:50:36 | 000,391,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.18 14:15:47 | 000,908,890 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2008 Wenger.pdf
[2012.07.18 14:14:19 | 000,448,426 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2009 Wenger.pdf
[2012.07.17 19:12:06 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012.07.17 19:12:06 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012.07.17 18:42:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.17 18:25:08 | 000,008,343 | ---- | M] () -- C:\WINDOWS\WinCmd.ini
[2012.07.17 18:22:00 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2012.07.13 12:31:55 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Calculator Plus.lnk
[2012.07.13 11:35:08 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2012.07.12 18:57:52 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Office PowerPoint 2003.lnk
[2012.07.12 18:57:42 | 000,003,208 | ---- | M] () -- C:\WINDOWS\im32st.dat
[2012.07.12 18:57:40 | 000,025,574 | ---- | M] () -- C:\WINDOWS\IM17.CFG
[2012.07.12 17:27:18 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\InfoMapa 17.lnk
[2012.07.09 18:09:09 | 000,002,541 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Office Word 2003.lnk
[2012.07.09 12:54:59 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.07 18:39:35 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.07.06 17:29:16 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.07.06 17:29:15 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.07.06 14:47:48 | 000,488,148 | ---- | M] () -- d:\posty-svatek.pdf
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.03 17:15:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.29 14:59:20 | 000,215,058 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Obraz145.jpg
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.23 17:10:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.23 16:50:59 | 000,342,537 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2010 Geeta.pdf
[2012.07.23 16:47:41 | 000,057,659 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2001 Seki.pdf
[2012.07.23 16:44:06 | 000,451,294 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden_ElKaissy.pdf
[2012.07.23 16:38:49 | 000,847,183 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden.pdf
[2012.07.23 16:33:40 | 000,223,304 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1980 McDonald.pdf
[2012.07.19 19:10:52 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office Word Viewer 2003.lnk
[2012.07.18 14:15:58 | 000,908,890 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2008 Wenger.pdf
[2012.07.18 14:14:37 | 000,448,426 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2009 Wenger.pdf
[2012.07.17 18:42:59 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.17 18:22:00 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2012.07.13 14:51:16 | 000,215,058 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\Obraz145.jpg
[2012.07.09 12:55:01 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.07 18:39:35 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.07.06 14:47:47 | 000,488,148 | ---- | C] () -- d:\posty-svatek.pdf
[2012.02.16 14:50:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.10.04 08:22:06 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2011.07.19 15:55:35 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.07.16 11:23:41 | 000,003,208 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2011.07.08 10:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.07.08 10:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.07.01 13:23:52 | 000,000,397 | ---- | C] () -- C:\WINDOWS\barcode.ini
[2011.06.29 16:11:24 | 000,000,093 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.06.15 14:01:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\longfile.INI
[2011.06.15 14:01:28 | 001,371,436 | ---- | C] () -- C:\WINDOWS\System32\VBAR2132.DLL
[2011.06.15 13:56:48 | 000,000,094 | ---- | C] () -- C:\WINDOWS\texture.ini
[2011.06.15 13:48:45 | 000,039,125 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2011.06.15 13:48:34 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\scpext.dll
[2010.11.07 13:22:50 | 000,189,508 | ---- | C] () -- C:\WINDOWS\System32\FontInfo.bin
[2010.11.07 13:22:50 | 000,060,716 | ---- | C] () -- C:\WINDOWS\System32\GlyphInfo.bin
[2010.10.21 14:46:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ltserial.dll
[2010.10.06 17:09:12 | 000,000,528 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.09.01 16:12:49 | 000,001,891 | ---- | C] () -- C:\WINDOWS\MapaCR.INI
[2010.05.27 16:39:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Liška\test.m3u
[2010.05.12 15:29:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Liška\st
[2009.06.26 18:41:53 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.20 18:19:06 | 000,001,858 | ---- | C] () -- C:\Documents and Settings\Liška\Data aplikací\mercuryrc
[2009.02.26 16:26:34 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\Liška\Data aplikací\wklnhst.dat
[2009.02.26 16:26:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\fusioncache.dat

========== LOP Check ==========

[2009.03.04 13:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Advanced Chemistry Development
[2010.12.16 11:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.01 12:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OriginLab
[2009.02.27 19:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plocha
[2009.06.25 15:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2008.07.03 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\StarOffice8
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Template
[2009.03.23 17:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\CCDC
[2010.01.31 18:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\IDOS
[2009.04.02 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InterVideo
[2009.06.25 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MobileAction
[2012.07.06 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2009.10.05 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\ScanSoft
[2012.07.19 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Template
[2012.07.17 19:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\uTorrent
[2011.07.20 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Zoner
[2012.07.23 17:00:45 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[31 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.19 19:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Adobe
[2010.03.07 13:38:58 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Liška\Data aplikací\Brother
[2009.03.23 17:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\CCDC
[2011.01.06 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Google
[2011.06.15 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Help
[2008.07.02 11:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Identities
[2010.01.31 18:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\IDOS
[2008.07.02 12:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InstallShield
[2009.04.02 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InterVideo
[2009.03.02 16:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Macromedia
[2012.07.17 19:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Media Player Classic
[2011.11.26 20:10:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Liška\Data aplikací\Microsoft
[2012.03.19 22:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MiKTeX
[2009.06.25 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MobileAction
[2009.02.26 17:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Mozilla
[2012.07.20 15:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\OpenOffice.org2
[2012.07.06 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2009.10.05 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\ScanSoft
[2011.10.04 22:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Skype
[2011.10.04 20:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\skypePM
[2012.07.19 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
[2008.07.03 11:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Sun
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Template
[2012.07.17 19:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\uTorrent
[2012.07.22 18:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\vlc
[2009.09.22 09:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\WinRAR
[2011.07.20 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.01.31 18:34:09 | 000,709,215 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\IDOS\unins000.exe
[2009.03.05 18:34:11 | 000,007,902 | R--- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Microsoft\Installer\{577DAE16-0C4D-45E9-A30C-C885A144F71D}\ARPPRODUCTICON.exe
[2006.11.01 17:30:18 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}\httrack\httrack.exe
[2007.10.08 01:57:52 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.28 11:15:38 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.07.02 13:14:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.07.02 13:14:43 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.07.02 13:14:43 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.23 17:00:14 | 000,189,508 | ---- | M] () -- C:\WINDOWS\system32\FontInfo.bin
[2012.07.23 17:00:14 | 000,060,716 | ---- | M] () -- C:\WINDOWS\system32\GlyphInfo.bin
[2012.07.21 18:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.23 17:10:31 | 000,000,512 | ---- | M] () MD5=BB7EF2E945F512A4B7604D8D00C03FBF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.05.15 21:19:56 | 000,000,656 | ---- | M] () -- \Documents and Settings\Liška\Data aplikací\Microsoft\Office\Naposledy otevřené\Crack.LNK
[2006.10.13 19:35:44 | 000,274,017 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\Nevytříděné\My eBooks\Massive Chemistry and explosives book collection\Impact Firecrackers - Uploaded by X-Wulf.pdf
[2006.10.13 19:35:44 | 000,246,021 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\Nevytříděné\My eBooks\Massive Chemistry and explosives book collection\impactfirecrackers.pdf
[1997.04.25 09:02:00 | 000,016,068 | ---- | M] () -- \Programy\photopnt\CANVAS\cracks2c.pcx

< *keygen* /s >

< *loader* /s >
[2010.02.25 16:44:36 | 000,625,152 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2007.03.21 22:51:50 | 000,023,552 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\javaloader.uno.dll
[2007.03.22 15:15:18 | 000,005,226 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.py
[2007.03.22 03:42:18 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.dll
[2007.03.22 15:41:34 | 000,000,145 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.ini
[2007.03.21 22:51:50 | 000,018,432 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\shlibloader.uno.dll
[2007.03.22 03:28:52 | 000,003,199 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\unoloader.jar
[2007.08.17 21:27:02 | 000,021,504 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\javaloader.uno.dll
[2007.08.17 21:28:18 | 000,016,384 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\shlibloader.uno.dll
[2007.08.30 18:28:48 | 000,004,065 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\classes\unoloader.jar
[2011.05.21 12:41:00 | 000,379,444 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\luatexbase-loader.pdf
[2011.05.21 12:41:00 | 000,000,555 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader-latex.tex
[2011.05.21 12:41:00 | 000,000,548 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader-plain.tex
[2011.05.21 12:41:00 | 000,000,411 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader.lua
[2011.05.21 12:41:00 | 000,000,419 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader.sub.lua
[2011.04.23 16:08:22 | 000,003,848 | ---- | M] () -- \Programy\MiKTeX\tex\generic\oberdiek\luatex-loader.sty
[2011.05.21 12:41:00 | 000,002,580 | ---- | M] () -- \Programy\MiKTeX\tex\luatex\luatexbase\luatexbase-loader.sty
[2011.05.21 12:41:00 | 000,002,075 | ---- | M] () -- \Programy\MiKTeX\tex\luatex\luatexbase\luatexbase.loader.lua
[2011.03.08 18:10:08 | 000,670,208 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 10:46:24 | 000,685,568 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2011.06.08 15:20:02 | 000,102,792 | ---- | M] () -- \Programy\Photo Studio 13\Program32\8bfLoader.exe
[2011.06.08 15:20:16 | 000,019,336 | ---- | M] () -- \Programy\Photo Studio 13\Program32\WICLoader.exe
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.03.25 13:33:10 | 000,093,794 | ---- | M] () -- \Program Files\Sun\StarOffice 8\share\samples\nl\texts\Uitnodiging.odt

< *AutoKMS* /s >
[2012.03.22 00:17:58 | 001,923,584 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.exe
[2012.03.22 00:17:59 | 000,000,715 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.ini
[2012.07.20 15:34:32 | 000,073,594 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.log
[2012.07.20 15:34:56 | 000,000,266 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\tasks\AutoKMS.job
[2012.07.19 18:38:39 | 000,046,488 | ---- | M] () -- \WINDOWS\Prefetch\AUTOKMS.EXE-01C3577A.pf

< *activator* /s >

< *serial* /s >
[2002.03.15 13:13:06 | 000,056,660 | ---- | M] () -- \Brother\BrDriver\MfcXP\2000\brserial.sys
[2010.06.16 10:02:00 | 000,000,091 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\CORSAIR (J)\CORSAIR (F)\Verze + serial.txt
[2007.03.22 01:56:44 | 000,188,993 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\serializer.jar
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.08.14 16:33:28 | 000,188,993 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\classes\serializer.jar
[2006.06.19 22:48:40 | 000,001,677 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\BadSerialNumberAlert.exv
[2006.05.09 23:26:40 | 000,001,545 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\CantChangeSerialNumberAlert.exv
[2006.05.09 23:26:40 | 000,001,550 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\InValidUpGradeSerialNumberAlert.exv
[2006.07.17 07:48:14 | 000,000,833 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\ReserializeAlert.exv
[2008.08.26 23:33:52 | 000,052,736 | ---- | M] () -- \Programy\Scope\data\SerialIO.dll
[2008.07.02 13:38:34 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.12 16:20:05 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.17 19:20:56 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.12 16:20:31 | 000,086,016 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.04.18 14:04:06 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.10 15:40:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2012.05.10 15:49:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 18:05:27 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6a37764b2df9b3f9c7775701027ef779\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 18:07:48 | 002,637,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
[2008.04.14 14:00:00 | 000,024,957 | ---- | M] () -- \WINDOWS\I386\DPSERIAL.DL_
[2008.04.14 14:00:00 | 000,030,259 | ---- | M] () -- \WINDOWS\I386\SERIAL.SY_
[2008.04.14 14:00:00 | 000,006,549 | ---- | M] () -- \WINDOWS\I386\SERIALUI.DL_
[2012.03.23 20:35:11 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.17 19:07:31 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.03.23 20:35:09 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.06.17 19:07:17 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2007.10.26 03:16:32 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2007.10.15 13:23:34 | 000,065,536 | ---- | M] () -- \WINDOWS\system32\ltserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> d:\cacert.crt:SummaryInformation

< End of report >

selkir · #13 Příspěvek od **selkir** » 23 črc 2012 17:40

OTL logfile created on: 23.7.2012 17:03:56 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Documents and Settings\Liška\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,05 Mb Total Physical Memory | 600,64 Mb Available Physical Memory | 59,17% Memory free
2,38 Gb Paging File | 2,13 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 1522 1522 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 80,02 Gb Total Space | 40,36 Gb Free Space | 50,43% Space Free | Partition Type: NTFS
Drive D: | 69,00 Gb Total Space | 17,18 Gb Free Space | 24,90% Space Free | Partition Type: NTFS
Drive E: | 489,25 Mb Total Space | 78,41 Mb Free Space | 16,03% Space Free | Partition Type: FAT
Drive F: | 3,61 Gb Total Space | 3,40 Gb Free Space | 94,02% Space Free | Partition Type: FAT32

Computer Name: LISKOVI | User Name: Liška | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.07.23 16:29:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.06.03 14:24:50 | 000,294,912 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008.06.03 13:43:56 | 000,098,304 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008.06.03 12:34:38 | 000,479,232 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008.04.14 15:03:54 | 001,448,576 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2008.04.14 15:03:54 | 000,596,584 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006.07.21 10:14:36 | 000,086,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SoundMan.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.23 12:44:42 | 001,785,856 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\12072301\algo.dll
MOD - [2012.01.12 22:19:18 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_39c531ed\mscorlib.dll
MOD - [2012.01.12 22:18:50 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_133c278a\system.xml.dll
MOD - [2008.07.02 13:38:37 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008.07.02 13:38:33 | 000,299,008 | ---- | M] () -- c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
MOD - [2008.04.14 14:58:40 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2008.04.14 14:55:58 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2001.10.28 17:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009.03.04 16:34:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007.01.04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.07.24 16:56:20 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2008.06.17 10:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.04.15 11:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008.04.15 11:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.03.27 17:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.11 19:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007.07.26 20:00:38 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2007.05.03 04:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT22690 ... hSource=13"
FF - prefs.js..extensions.enabledItems: {a0faa0a4-f1a7-4098-9a74-21efc3a92372}:3.6.1
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {daf44bf7-a45e-4450-979c-91cf07434c3d}:1.5.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {87f54a61-c9b3-4138-a38a-33c31770bb9e}:0.7
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programy\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Programy\FireFox\components [2011.06.20 11:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Programy\FireFox\plugins [2012.07.06 17:32:56 | 000,000,000 | ---D | M]

[2009.02.26 17:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Extensions
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions
[2009.12.18 11:57:32 | 000,000,000 | ---D | M] (MR Tech About:About) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0069127F-F91E-4A3A-829A-9CAB9D259E94}
[2009.12.18 11:57:34 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2009.02.26 17:06:57 | 000,000,000 | ---D | M] ("Winestripe") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{0d3b5f80-1735-4c93-b817-dc4e50660591}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] ("Tab Preview") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{1de0de3c-0b5c-4f67-90c6-689623894991}
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.26 17:06:58 | 000,000,000 | ---D | M] ("MinimizeToTray") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}
[2009.12.18 11:57:31 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009.02.26 17:07:00 | 000,000,000 | ---D | M] ("SpiderZilla") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}
[2009.12.18 11:57:39 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009.12.18 11:57:34 | 000,000,000 | ---D | M] (IE View) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
[2009.12.18 11:57:29 | 000,000,000 | ---D | M] (IE Tab) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009.12.18 11:57:35 | 000,000,000 | ---D | M] (OperaView) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{87f54a61-c9b3-4138-a38a-33c31770bb9e}
[2009.12.18 11:57:40 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2009.02.26 17:07:08 | 000,000,000 | ---D | M] (Mozilla Calendar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{8e117890-a33f-424b-a2ea-deb272731365}
[2009.12.18 11:57:36 | 000,000,000 | ---D | M] (DictionarySearch) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
[2009.02.26 17:07:08 | 000,000,000 | ---D | M] (Print Preview) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a1f99b9c-30d3-4848-a646-afd282011a72}
[2009.02.26 17:07:10 | 000,000,000 | ---D | M] (FireFTP) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009.02.26 17:07:11 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2009.02.26 17:07:11 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.12.18 11:57:36 | 000,000,000 | ---D | M] (Extended Statusbar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{daf44bf7-a45e-4450-979c-91cf07434c3d}
[2010.04.06 08:47:21 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2009.12.18 11:57:49 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009.02.26 17:06:55 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\cs@dictionaries.addons.mozilla.org
[2009.12.18 11:57:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\elemhidehelper@adblockplus.org
[2012.06.13 11:43:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\staged-xpis
[2009.02.26 17:06:56 | 000,000,000 | ---D | M] (Viamatic foXpose) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\xpose@viamatic.com
[2008.07.14 09:46:05 | 000,001,032 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\searchplugins\wikipedia-eng.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{87F54A61-C9B3-4138-A38A-33C31770BB9E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{A0FAA0A4-F1A7-4098-9A74-21EFC3A92372}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{DAF44BF7-A45E-4450-979C-91CF07434C3D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\LIĹˇKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C1NRUWVN.DEFAULT\EXTENSIONS\CS@DICTIONARIES.ADDONS.MOZILLA.ORG
[2012.07.09 12:54:47 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012.04.19 18:45:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.09.30 11:32:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.18 11:15:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.09.29 09:41:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.07 11:25:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012.04.19 18:45:53 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAMY\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Li\u0161ka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: ChemDraw Pro Plugin (Enabled) = C:\Programy\FireFox\plugins\npcdp32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programy\FireFox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programy\FireFox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Programy\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\Programy\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Liška\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.20 15:36:53 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\alcwzrd.exe (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SoundMan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = FF FF FF 03 [binary data]
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Programy\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .cdx - C:\Program Files\Internet Explorer\plugins\NPCDP32.DLL (CambridgeSoft.Com)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6010371-5590-445A-B76E-ECB4C6F505AD}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6010371-5590-445A-B76E-ECB4C6F505AD}: NameServer = 8.8.8.8
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/xhtml+xml {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\application/xhtml+xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=iso-8859-1 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O18 - Protocol\Filter\text/xml; charset=utf-8 {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Liška\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Liška\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.02 11:24:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{29f59415-c488-11de-b172-00224309b47a}\Shell - "" = AutoRun
O33 - MountPoints2\{29f59415-c488-11de-b172-00224309b47a}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\autoplay\cOmMAnd - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\AutoRun\command - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\eXPlOre\COMmAND - "" = F:\qcxytf.pif
O33 - MountPoints2\{49cfc20a-178c-11de-b0f9-00224309b47a}\Shell\oPEN\coMmaNd - "" = F:\qcxytf.pif
O34 - HKLM BootExecute: (dfboottime \??\C:\WINDOWS\System32\dfboottime.cfg)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.07.23 16:52:17 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
[2012.07.20 15:35:50 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.07.20 15:29:48 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTM (1).exe
[2012.07.19 18:34:38 | 000,000,000 | ---D | C] -- C:\6e431c8fd5f5ca4ee64b83f78957a0
[2012.07.19 14:07:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Plocha\Kinetika
[2012.07.17 19:32:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.07.17 19:32:16 | 000,000,000 | ---D | C] -- C:\rsit
[2012.07.17 18:59:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Liška\Recent
[2012.07.17 18:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.17 18:22:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2012.07.17 18:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.07.14 15:48:23 | 000,000,000 | ---D | C] -- d:\K vypálení
[2012.07.13 10:51:56 | 000,000,000 | ---D | C] -- d:\Pohlednice
[2012.07.09 15:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\Sun
[2012.07.07 18:44:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Data aplikací\vlc
[2012.07.07 18:39:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2012.07.06 17:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.07.06 17:33:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2012.07.06 17:32:56 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.07.06 17:32:56 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.07.06 17:32:23 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.07.06 17:32:22 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2008.07.03 11:25:01 | 015,523,560 | ---- | C] (Macrovision Corporation) -- C:\Program Files\U1 Setup.exe
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.07.23 17:10:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.07.23 17:00:45 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.23 17:00:14 | 000,189,508 | ---- | M] () -- C:\WINDOWS\System32\FontInfo.bin
[2012.07.23 17:00:14 | 000,060,716 | ---- | M] () -- C:\WINDOWS\System32\GlyphInfo.bin
[2012.07.23 16:58:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.07.23 16:50:51 | 000,342,537 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2010 Geeta.pdf
[2012.07.23 16:47:34 | 000,057,659 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2001 Seki.pdf
[2012.07.23 16:43:43 | 000,451,294 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden_ElKaissy.pdf
[2012.07.23 16:38:28 | 000,847,183 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden.pdf
[2012.07.23 16:33:22 | 000,223,304 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\1980 McDonald.pdf
[2012.07.23 16:29:14 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTL.exe
[2012.07.21 18:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.07.20 15:36:53 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.07.20 14:02:10 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Liška\Plocha\OTM (1).exe
[2012.07.19 18:36:50 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012.07.19 17:50:36 | 000,391,976 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.18 14:15:47 | 000,908,890 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2008 Wenger.pdf
[2012.07.18 14:14:19 | 000,448,426 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\2009 Wenger.pdf
[2012.07.17 19:12:06 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012.07.17 19:12:06 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012.07.17 18:42:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.17 18:25:08 | 000,008,343 | ---- | M] () -- C:\WINDOWS\WinCmd.ini
[2012.07.17 18:22:00 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2012.07.13 12:31:55 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Calculator Plus.lnk
[2012.07.13 11:35:08 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2012.07.12 18:57:52 | 000,002,461 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Office PowerPoint 2003.lnk
[2012.07.12 18:57:42 | 000,003,208 | ---- | M] () -- C:\WINDOWS\im32st.dat
[2012.07.12 18:57:40 | 000,025,574 | ---- | M] () -- C:\WINDOWS\IM17.CFG
[2012.07.12 17:27:18 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\InfoMapa 17.lnk
[2012.07.09 18:09:09 | 000,002,541 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Microsoft Office Word 2003.lnk
[2012.07.09 12:54:59 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.07.07 18:39:35 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.07.06 17:29:16 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.07.06 17:29:15 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.07.06 14:47:48 | 000,488,148 | ---- | M] () -- d:\posty-svatek.pdf
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.07.03 18:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.07.03 17:15:40 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.29 14:59:20 | 000,215,058 | ---- | M] () -- C:\Documents and Settings\Liška\Plocha\Obraz145.jpg
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.07.23 17:10:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.07.23 16:50:59 | 000,342,537 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2010 Geeta.pdf
[2012.07.23 16:47:41 | 000,057,659 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2001 Seki.pdf
[2012.07.23 16:44:06 | 000,451,294 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden_ElKaissy.pdf
[2012.07.23 16:38:49 | 000,847,183 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1990 Bowden.pdf
[2012.07.23 16:33:40 | 000,223,304 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\1980 McDonald.pdf
[2012.07.19 19:10:52 | 000,002,377 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office Word Viewer 2003.lnk
[2012.07.18 14:15:58 | 000,908,890 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2008 Wenger.pdf
[2012.07.18 14:14:37 | 000,448,426 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\2009 Wenger.pdf
[2012.07.17 18:42:59 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2012.07.17 18:22:00 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2012.07.13 14:51:16 | 000,215,058 | ---- | C] () -- C:\Documents and Settings\Liška\Plocha\Obraz145.jpg
[2012.07.09 12:55:01 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.07.07 18:39:35 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2012.07.06 14:47:47 | 000,488,148 | ---- | C] () -- d:\posty-svatek.pdf
[2012.02.16 14:50:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.10.04 08:22:06 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2011.07.19 15:55:35 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.07.16 11:23:41 | 000,003,208 | ---- | C] () -- C:\WINDOWS\im32st.dat
[2011.07.08 10:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.07.08 10:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.07.01 13:23:52 | 000,000,397 | ---- | C] () -- C:\WINDOWS\barcode.ini
[2011.06.29 16:11:24 | 000,000,093 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.06.15 14:01:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\longfile.INI
[2011.06.15 14:01:28 | 001,371,436 | ---- | C] () -- C:\WINDOWS\System32\VBAR2132.DLL
[2011.06.15 13:56:48 | 000,000,094 | ---- | C] () -- C:\WINDOWS\texture.ini
[2011.06.15 13:48:45 | 000,039,125 | ---- | C] () -- C:\WINDOWS\iccsigs.dat
[2011.06.15 13:48:34 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\scpext.dll
[2010.11.07 13:22:50 | 000,189,508 | ---- | C] () -- C:\WINDOWS\System32\FontInfo.bin
[2010.11.07 13:22:50 | 000,060,716 | ---- | C] () -- C:\WINDOWS\System32\GlyphInfo.bin
[2010.10.21 14:46:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ltserial.dll
[2010.10.06 17:09:12 | 000,000,528 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.09.01 16:12:49 | 000,001,891 | ---- | C] () -- C:\WINDOWS\MapaCR.INI
[2010.05.27 16:39:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Liška\test.m3u
[2010.05.12 15:29:17 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Liška\st
[2009.06.26 18:41:53 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.20 18:19:06 | 000,001,858 | ---- | C] () -- C:\Documents and Settings\Liška\Data aplikací\mercuryrc
[2009.02.26 16:26:34 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\Liška\Data aplikací\wklnhst.dat
[2009.02.26 16:26:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Liška\Local Settings\Data aplikací\fusioncache.dat

========== LOP Check ==========

[2009.03.04 13:43:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Advanced Chemistry Development
[2010.12.16 11:49:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.10.01 12:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OriginLab
[2009.02.27 19:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plocha
[2009.06.25 15:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2008.07.03 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\StarOffice8
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Template
[2009.03.23 17:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\CCDC
[2010.01.31 18:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\IDOS
[2009.04.02 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InterVideo
[2009.06.25 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MobileAction
[2012.07.06 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2009.10.05 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\ScanSoft
[2012.07.19 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Template
[2012.07.17 19:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\uTorrent
[2011.07.20 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Zoner
[2012.07.23 17:00:45 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\WINDOWS\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[31 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.19 19:52:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Adobe
[2010.03.07 13:38:58 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Liška\Data aplikací\Brother
[2009.03.23 17:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\CCDC
[2011.01.06 10:19:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Google
[2011.06.15 16:26:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Help
[2008.07.02 11:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Identities
[2010.01.31 18:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\IDOS
[2008.07.02 12:44:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InstallShield
[2009.04.02 19:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\InterVideo
[2009.03.02 16:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Macromedia
[2012.07.17 19:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Media Player Classic
[2011.11.26 20:10:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Liška\Data aplikací\Microsoft
[2012.03.19 22:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MiKTeX
[2009.06.25 15:59:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\MobileAction
[2009.02.26 17:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Mozilla
[2012.07.20 15:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\OpenOffice.org2
[2012.07.06 17:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Oracle
[2009.10.05 18:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\ScanSoft
[2011.10.04 22:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Skype
[2011.10.04 20:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\skypePM
[2012.07.19 18:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\StarOffice8
[2008.07.03 11:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Sun
[2008.07.03 11:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Template
[2012.07.17 19:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\uTorrent
[2012.07.22 18:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\vlc
[2009.09.22 09:54:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\WinRAR
[2011.07.20 14:49:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Liška\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.01.31 18:34:09 | 000,709,215 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\IDOS\unins000.exe
[2009.03.05 18:34:11 | 000,007,902 | R--- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Microsoft\Installer\{577DAE16-0C4D-45E9-A30C-C885A144F71D}\ARPPRODUCTICON.exe
[2006.11.01 17:30:18 | 000,014,336 | ---- | M] () -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{3cd27e92-1a30-11da-94c6-00e08161165f}\httrack\httrack.exe
[2007.10.08 01:57:52 | 000,307,200 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\psftp.exe
[2007.12.28 11:15:38 | 000,172,032 | ---- | M] (Simon Tatham) -- C:\Documents and Settings\Liška\Data aplikací\Mozilla\Firefox\Profiles\c1nruwvn.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\puttygen.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.07.02 13:14:43 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.07.02 13:14:43 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.07.02 13:14:43 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.07.23 17:00:14 | 000,189,508 | ---- | M] () -- C:\WINDOWS\system32\FontInfo.bin
[2012.07.23 17:00:14 | 000,060,716 | ---- | M] () -- C:\WINDOWS\system32\GlyphInfo.bin
[2012.07.21 18:16:31 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.07.23 17:10:31 | 000,000,512 | ---- | M] () MD5=BB7EF2E945F512A4B7604D8D00C03FBF -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.05.15 21:19:56 | 000,000,656 | ---- | M] () -- \Documents and Settings\Liška\Data aplikací\Microsoft\Office\Naposledy otevřené\Crack.LNK
[2006.10.13 19:35:44 | 000,274,017 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\Nevytříděné\My eBooks\Massive Chemistry and explosives book collection\Impact Firecrackers - Uploaded by X-Wulf.pdf
[2006.10.13 19:35:44 | 000,246,021 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\Nevytříděné\My eBooks\Massive Chemistry and explosives book collection\impactfirecrackers.pdf
[1997.04.25 09:02:00 | 000,016,068 | ---- | M] () -- \Programy\photopnt\CANVAS\cracks2c.pcx

< *keygen* /s >

< *loader* /s >
[2010.02.25 16:44:36 | 000,625,152 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2007.03.21 22:51:50 | 000,023,552 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\javaloader.uno.dll
[2007.03.22 15:15:18 | 000,005,226 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.py
[2007.03.22 03:42:18 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.dll
[2007.03.22 15:41:34 | 000,000,145 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.ini
[2007.03.21 22:51:50 | 000,018,432 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\shlibloader.uno.dll
[2007.03.22 03:28:52 | 000,003,199 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\unoloader.jar
[2007.08.17 21:27:02 | 000,021,504 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\javaloader.uno.dll
[2007.08.17 21:28:18 | 000,016,384 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\shlibloader.uno.dll
[2007.08.30 18:28:48 | 000,004,065 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\classes\unoloader.jar
[2011.05.21 12:41:00 | 000,379,444 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\luatexbase-loader.pdf
[2011.05.21 12:41:00 | 000,000,555 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader-latex.tex
[2011.05.21 12:41:00 | 000,000,548 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader-plain.tex
[2011.05.21 12:41:00 | 000,000,411 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader.lua
[2011.05.21 12:41:00 | 000,000,419 | ---- | M] () -- \Programy\MiKTeX\doc\luatex\luatexbase\test-loader.sub.lua
[2011.04.23 16:08:22 | 000,003,848 | ---- | M] () -- \Programy\MiKTeX\tex\generic\oberdiek\luatex-loader.sty
[2011.05.21 12:41:00 | 000,002,580 | ---- | M] () -- \Programy\MiKTeX\tex\luatex\luatexbase\luatexbase-loader.sty
[2011.05.21 12:41:00 | 000,002,075 | ---- | M] () -- \Programy\MiKTeX\tex\luatex\luatexbase\luatexbase.loader.lua
[2011.03.08 18:10:08 | 000,670,208 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 10:46:24 | 000,685,568 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Programy\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2011.06.08 15:20:02 | 000,102,792 | ---- | M] () -- \Programy\Photo Studio 13\Program32\8bfLoader.exe
[2011.06.08 15:20:16 | 000,019,336 | ---- | M] () -- \Programy\Photo Studio 13\Program32\WICLoader.exe
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.03.25 13:33:10 | 000,093,794 | ---- | M] () -- \Program Files\Sun\StarOffice 8\share\samples\nl\texts\Uitnodiging.odt

< *AutoKMS* /s >
[2012.03.22 00:17:58 | 001,923,584 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.exe
[2012.03.22 00:17:59 | 000,000,715 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.ini
[2012.07.20 15:34:32 | 000,073,594 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\AutoKMS\AutoKMS.log
[2012.07.20 15:34:56 | 000,000,266 | ---- | M] () -- \_OTM\MovedFiles\07202012_153550\C_WINDOWS\tasks\AutoKMS.job
[2012.07.19 18:38:39 | 000,046,488 | ---- | M] () -- \WINDOWS\Prefetch\AUTOKMS.EXE-01C3577A.pf

< *activator* /s >

< *serial* /s >
[2002.03.15 13:13:06 | 000,056,660 | ---- | M] () -- \Brother\BrDriver\MfcXP\2000\brserial.sys
[2010.06.16 10:02:00 | 000,000,091 | ---- | M] () -- \Documents and Settings\Liška\Plocha\Složky k zapsání na disk\Zdrojová data\CORSAIR (J)\CORSAIR (F)\Verze + serial.txt
[2007.03.22 01:56:44 | 000,188,993 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\serializer.jar
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.08.14 16:33:28 | 000,188,993 | ---- | M] () -- \Program Files\Sun\StarOffice 8\program\classes\serializer.jar
[2006.06.19 22:48:40 | 000,001,677 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\BadSerialNumberAlert.exv
[2006.05.09 23:26:40 | 000,001,545 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\CantChangeSerialNumberAlert.exv
[2006.05.09 23:26:40 | 000,001,550 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\InValidUpGradeSerialNumberAlert.exv
[2006.07.17 07:48:14 | 000,000,833 | ---- | M] () -- \Programy\Adobe\Acrobat 8.0\Acrobat\LMResources\ReserializeAlert.exv
[2008.08.26 23:33:52 | 000,052,736 | ---- | M] () -- \Programy\Scope\data\SerialIO.dll
[2008.07.02 13:38:34 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.12 16:20:05 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.17 19:20:56 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.04.12 16:20:31 | 000,086,016 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.04.18 14:04:06 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.05.10 15:40:37 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
[2012.05.10 15:49:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 18:05:27 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\6a37764b2df9b3f9c7775701027ef779\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.05.10 18:07:48 | 002,637,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0add366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
[2008.04.14 14:00:00 | 000,024,957 | ---- | M] () -- \WINDOWS\I386\DPSERIAL.DL_
[2008.04.14 14:00:00 | 000,030,259 | ---- | M] () -- \WINDOWS\I386\SERIAL.SY_
[2008.04.14 14:00:00 | 000,006,549 | ---- | M] () -- \WINDOWS\I386\SERIALUI.DL_
[2012.03.23 20:35:11 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.06.17 19:07:31 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.03.23 20:35:09 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.06.17 19:07:17 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2007.10.26 03:16:32 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.04.07 23:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2007.10.15 13:23:34 | 000,065,536 | ---- | M] () -- \WINDOWS\system32\ltserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> d:\cacert.crt:SummaryInformation

< End of report >

#14 Příspěvek od **Márty84** » 24 črc 2012 08:51

Stacilo dat to sem jen jednou

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4274948411-3488277450-594542929-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
[3 C:\Documents and Settings\Liška\Plocha\*.tmp files -> C:\Documents and Settings\Liška\Plocha\*.tmp -> ]
[1 d:\*.tmp files -> d:\*.tmp -> ]
[15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Help\*.tmp files -> C:\WINDOWS\Help\*.tmp -> ]
[31 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\*.tmp -> ]
[2012.07.19 18:38:39 | 000,046,488 | ---- | M] () -- \WINDOWS\Prefetch\AUTOKMS.EXE-01C3577A.pf
@Alternate Data Stream - 88 bytes -> d:\cacert.crt:SummaryInformation

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

selkir · #15 Příspěvek od **selkir** » 26 črc 2012 13:17

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Liška
->Temp folder emptied: 119785314 bytes
->Temporary Internet Files folder emptied: 2648677 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 179989602 bytes
->Flash cache emptied: 1406 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 318 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1365 bytes

Total Files Cleaned = 289,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Liška
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-4274948411-3488277450-594542929-1006\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_USERS\S-1-5-21-4274948411-3488277450-594542929-1006\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-4274948411-3488277450-594542929-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "http://search.conduit.com/?ctid=CT22690 ... hSource=13" removed from browser.startup.homepage
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll not found.
C:\Documents and Settings\Liška\Plocha\~WRL0856.tmp deleted successfully.
C:\Documents and Settings\Liška\Plocha\~WRL1300.tmp deleted successfully.
C:\Documents and Settings\Liška\Plocha\~WRL1851.tmp deleted successfully.
d:\~WRD3520.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP269.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP678.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7DB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP82C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP92A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA29.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAFB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC.tmp folder deleted successfully.
C:\WINDOWS\Help\SET4B.tmp deleted successfully.
C:\WINDOWS\Help\SET4C.tmp deleted successfully.
C:\WINDOWS\Help\SET4D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI104.tmp deleted successfully.
C:\WINDOWS\Installer\MSI107.tmp deleted successfully.
C:\WINDOWS\Installer\MSI13.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI17E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI197.tmp deleted successfully.
C:\WINDOWS\Installer\MSI19E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI21E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI23D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI241.tmp deleted successfully.
C:\WINDOWS\Installer\MSI281.tmp deleted successfully.
C:\WINDOWS\Installer\MSI316.tmp deleted successfully.
C:\WINDOWS\Installer\MSI31C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI31D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5CA.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5CD.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5D3.tmp deleted successfully.
C:\WINDOWS\Installer\MSI71.tmp deleted successfully.
C:\WINDOWS\Installer\MSI71F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7F1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI809.tmp deleted successfully.
C:\WINDOWS\Installer\MSI84B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI947.tmp deleted successfully.
C:\WINDOWS\Installer\MSICB.tmp deleted successfully.
C:\WINDOWS\Installer\MSICC.tmp deleted successfully.
C:\WINDOWS\Installer\MSID8.tmp deleted successfully.
C:\WINDOWS\Installer\MSIDF.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\5e59a287bfb899b0062752aa5690ab7c\download\BIT4E.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\80790281ccd7e15225d5c3f86466fa49\BIT2.tmp deleted successfully.
\WINDOWS\Prefetch\AUTOKMS.EXE-01C3577A.pf moved successfully.
ADS d:\cacert.crt:SummaryInformation deleted successfully.

OTL by OldTimer - Version 3.2.54.0 log created on 07242012_192512

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu