Požádám o kontrolu ntb dětí, díky.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr at 2012-09-26 09:30:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 33 GB (65%) free of 51 GB
Total RAM: 2037 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:31:13, on 26.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\CursorFX\CursorFX.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\CPUMon\CPUMon.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Documents and Settings\Petr\Plocha\bezp\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll
O2 - BHO: Norton Safety Minder BHO - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O4 - HKLM\..\Run: [EasySpeedUpManager] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
O4 - HKLM\..\Run: [EasySpeedUpManager2] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe /s
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [BatteryLifeExtender] C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe /2 (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [SSCKbdHk] C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [CursorFX] "C:\Program Files\Stardock\CursorFX\CursorFX.exe" (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [Google Update] "C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Michaela')
O4 - HKUS\S-1-5-21-3325764246-1398598611-381740816-1007\..\Run: [Facebook Update] "C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'Michaela')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.ovanet.cz/files/activex/AxisCamControl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton Online (NOF) - Symantec Corporation - C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS WOWXT/TSXT Service (SRS_WOWXT_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
O24 - Desktop Component AutorunsDisabled: (no name) - (no file)
--
End of file - 11931 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Scan (petr).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Defraggler Volume C Task.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-06-30 97248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28 113512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-07 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-02-26 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6EF6C45-5E8D-4c3b-B580-A5073261A381}]
RewardsArcadeSuite - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll [2011-11-03 528216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8E07826-0971-4f16-B133-047B88034E89}]
Norton Safety Minder BHO - C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\coIEPlg.dll [2012-08-13 508384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-07 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-09-07 79856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2011-04-20 188960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EasySpeedUpManager"=C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2010-02-11 374784]
"EasySpeedUpManager2"=C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-06-04 1900544]
"BatteryManager"=C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe [2010-05-27 3155456]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"CursorFX"=C:\Program Files\Stardock\CursorFX\CursorFX.exe [2008-07-07 416768]
"Google Update"=C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-10-23 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe [2010-11-02 39408]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-11-11 205312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Disabled:Facebook Video Calling"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
======List of files/folders created in the last 1 months======
2012-09-12 18:10:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-09-10 21:26:04 ----AC---- C:\WINDOWS\system32\S32EVNT1.DLL
2012-09-10 21:26:03 ----AC---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2012-09-10 21:26:01 ----DC---- C:\Program Files\Symantec
2012-09-10 21:26:01 ----DC---- C:\Program Files\Common Files\Symantec Shared
2012-09-10 21:25:17 ----DC---- C:\WINDOWS\system32\drivers\NSM
2012-09-10 21:24:35 ----DC---- C:\WINDOWS\system32\drivers\NOF
2012-09-10 21:24:35 ----DC---- C:\Program Files\Norton Online
2012-09-07 20:20:50 ----DC---- C:\Program Files\Common Files\Java
2012-09-07 20:19:16 ----AC---- C:\WINDOWS\system32\npdeployJava1.dll
2012-09-07 20:19:16 ----AC---- C:\WINDOWS\system32\javaws.exe
2012-09-07 20:19:15 ----AC---- C:\WINDOWS\system32\javaw.exe
2012-09-07 20:19:15 ----AC---- C:\WINDOWS\system32\java.exe
2012-09-07 20:14:37 ----DC---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2012-09-05 17:16:29 ----DC---- C:\Program Files\Common Files\Skype
2012-08-29 19:09:34 ----DC---- C:\Program Files\NortonInstaller
======List of files/folders modified in the last 1 months======
2012-09-26 09:30:58 ----DC---- C:\Program Files\trend micro
2012-09-25 19:53:25 ----DC---- C:\WINDOWS\Temp
2012-09-25 19:27:11 ----DC---- C:\WINDOWS\Prefetch
2012-09-25 13:34:16 ----DC---- C:\WINDOWS\system32\CatRoot2
2012-09-24 20:22:00 ----C---- C:\WINDOWS\SchedLgU.Txt
2012-09-24 19:40:45 ----DC---- C:\WINDOWS\Debug
2012-09-24 19:40:44 ----ADC---- C:\WINDOWS
2012-09-24 19:20:38 ----SDC---- C:\WINDOWS\Tasks
2012-09-24 19:05:41 ----RDC---- C:\Program Files
2012-09-24 18:59:26 ----DC---- C:\Program Files\SpeedFan
2012-09-23 11:27:27 ----DC---- C:\TEMP
2012-09-22 19:17:38 ----DC---- C:\WINDOWS\system32
2012-09-22 17:05:06 ----HDC---- C:\WINDOWS\inf
2012-09-22 17:04:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-09-22 17:04:11 ----DC---- C:\Program Files\Internet Explorer
2012-09-22 17:01:21 ----HDC---- C:\WINDOWS\$hf_mig$
2012-09-19 21:11:19 ----AC---- C:\WINDOWS\lexstat.ini
2012-09-17 15:22:08 ----SHDC---- C:\WINDOWS\Installer
2012-09-12 17:02:17 ----AC---- C:\WINDOWS\system32\MRT.exe
2012-09-11 11:39:43 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-09-10 21:26:30 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Norton
2012-09-10 21:26:04 ----DC---- C:\WINDOWS\system32\drivers
2012-09-10 21:26:01 ----DC---- C:\Program Files\Common Files
2012-09-10 21:16:23 ----DC---- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
2012-09-07 20:18:18 ----AC---- C:\WINDOWS\system32\deployJava1.dll
2012-09-05 17:17:20 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-09-05 17:16:32 ----RDC---- C:\Program Files\Skype
2012-08-28 20:48:50 ----AC---- C:\WINDOWS\system32\ieframe.dll
2012-08-28 17:18:59 ----AC---- C:\WINDOWS\system32\wininet.dll
2012-08-28 17:18:58 ----AC---- C:\WINDOWS\system32\urlmon.dll
2012-08-28 17:18:58 ----AC---- C:\WINDOWS\system32\url.dll
2012-08-28 17:18:58 ----AC---- C:\WINDOWS\system32\occache.dll
2012-08-28 17:18:57 ----AC---- C:\WINDOWS\system32\mstime.dll
2012-08-28 17:18:57 ----AC---- C:\WINDOWS\system32\mshtmled.dll
2012-08-28 17:18:57 ----AC---- C:\WINDOWS\system32\mshtml.dll
2012-08-28 17:18:54 ----AC---- C:\WINDOWS\system32\msfeedsbs.dll
2012-08-28 17:18:54 ----AC---- C:\WINDOWS\system32\msfeeds.dll
2012-08-28 17:18:53 ----AC---- C:\WINDOWS\system32\licmgr10.dll
2012-08-28 17:18:53 ----AC---- C:\WINDOWS\system32\jsproxy.dll
2012-08-28 17:18:51 ----AC---- C:\WINDOWS\system32\iertutil.dll
2012-08-28 17:18:50 ----AC---- C:\WINDOWS\system32\iepeers.dll
2012-08-28 17:18:45 ----AC---- C:\WINDOWS\system32\iedkcs32.dll
2012-08-28 14:07:34 ----AC---- C:\WINDOWS\system32\ie4uinit.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R1 ccSet_NOF;Norton Online Settings Manager; C:\WINDOWS\system32\drivers\NOF\0203000.007\ccSetx86.sys [2011-11-05 132744]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-27 218688]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpKsld8512eb8;MpKsld8512eb8; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{488EA123-EF1A-4F8B-8E1B-A7DC164A951C}\MpKsld8512eb8.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R2 DOSMEMIO;MEMIO; \??\C:\WINDOWS\system32\MEMIO.SYS []
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2010-04-28 54760]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2010-06-04 1606368]
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2010-04-01 109056]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-11-11 1751424]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-18 5878304]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys [2009-07-31 227496]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Safety Minder; C:\WINDOWS\System32\Drivers\NSM\0203000.01A\SymRdr.SYS [2011-11-17 197624]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VMC33F;Vimicro Camera Service VMC33F; C:\WINDOWS\System32\Drivers\VMC33F.sys [2009-07-01 237952]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-09-28 298752]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2011-12-14 483200]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-04-14 51752]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 ALSysIO;ALSysIO; \??\C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys []
S4 catchme;catchme; \??\C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys []
S4 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AshampooDefragService;Ashampoo Defrag Service; C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe [2008-10-09 750944]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 NOF;Norton Online; C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe [2011-11-30 138248]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SRS_WOWXT_Service;SRS WOWXT/TSXT Service; C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe [2009-08-06 66792]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-09-07 153584]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
R4 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-02 136176]
S2 KSS;Kaspersky Security Scan Service; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-04-25 202296]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-02 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka ntb dětí
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Preventivka ntb dětí
Používám : 
Re: Preventivka ntb dětí
Zdravim 
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
Odinstaloval jsem toolbar skype jinej jsem nenašel, ale sken už jede hodinu a zatím žádný závěr, on je to ale netbook takže tam to s ohledem na konfiguraci asi bude trvat déle. OTL ale jede dle správce vytěžuje kolem 50%
Používám :
-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
Tak se po cca 75 minutách podařilo dokončit sken
OTL logfile created on: 26.9.2012 13:16:01 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 55,46% Memory free
3,33 Gb Paging File | 2,62 Gb Available in Paging File | 78,64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,46 Gb Free Space | 64,85% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.09.26 13:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
PRC - [2012.08.30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
PRC - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2010.05.20 13:43:26 | 000,847,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010.05.06 15:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
PRC - [2010.03.25 20:44:26 | 001,891,720 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.03.24 05:12:58 | 001,599,880 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2010.02.11 08:22:38 | 000,374,784 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
PRC - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
PRC - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
PRC - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
PRC - [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\CursorFX\CursorFX.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.30 04:58:45 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012.08.30 04:58:42 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012.08.30 04:57:15 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012.08.30 04:57:13 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012.08.30 04:57:12 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012.08.30 03:50:45 | 009,607,368 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
MOD - [2011.10.24 12:29:32 | 000,816,224 | R--- | M] () -- C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\wincfi39.dll
MOD - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
MOD - [2010.04.16 14:11:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
MOD - [2009.09.19 19:42:22 | 000,031,744 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\SysInfo.dll
MOD - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2009.09.19 19:41:00 | 000,387,584 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
MOD - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
MOD - [2008.03.12 22:00:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Stardock\CursorFX\zlib1.dll
MOD - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
MOD - [2006.08.12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2003.08.07 21:25:36 | 000,205,312 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKFC5C.DLL
MOD - [2003.07.29 09:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe -- (NOF)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe -- (SRS_WOWXT_Service)
SRV - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe -- (AshampooDefragService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2012.09.25 18:21:01 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{488EA123-EF1A-4F8B-8E1B-A7DC164A951C}\MpKsld8512eb8.sys -- (MpKsld8512eb8)
DRV - [2012.09.10 21:26:02 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.12.14 12:38:57 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011.11.17 05:38:00 | 000,197,624 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NSM\0203000.01A\symrdr.sys -- (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A})
DRV - [2011.11.05 01:59:35 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NOF\0203000.007\ccSetx86.sys -- (ccSet_NOF)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.12 23:55:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:08:16 | 000,011,624 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011.02.27 17:52:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.04 20:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010.04.28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010.04.14 06:41:12 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010.03.18 01:40:12 | 005,878,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.12.30 13:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.11.18 16:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 16:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.28 11:22:00 | 000,298,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2009.07.31 18:59:14 | 000,227,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009.07.01 11:50:00 | 000,237,952 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC33F.sys -- (VMC33F)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.10.27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLS_cs
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Nová složka\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Documents and Settings\Petr\Local Settings\Data aplikací\RewardsArcadeSuite\1950\Firefox [2012.02.12 23:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\Documents and Settings\All Users\Data aplikací\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.3.0.20\coFFFw\ [2012.09.22 19:26:11 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... 1I7GGLS_cs
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\mbkkogpfmmfmppkbopdikooeibnjhfpi\2.3.0.26_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Picasa (Enabled) = D:\Nov\u00E1 slo\u017Eka\Picasa3\npPicasa3.dll
CHR - Extension: YouTube = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\crossrider
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\
CHR - Extension: Norton Safety Minder = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mbkkogpfmmfmppkbopdikooeibnjhfpi\2.3.0.26_0\
CHR - Extension: Gmail = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.06.11 23:32:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
O2 - BHO: (Norton Safety Minder BHO) - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [EasySpeedUpManager] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [EasySpeedUpManager2] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe (Samsung Electronics)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Documents and Settings\Kateřina\Nabídka Start\Programy\Po spuštění\CPUMon.lnk = C:\Program Files\CPUMon\CPUMon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.ovanet.cz/files/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C799312B-DF94-4FF4-8429-87EA8B73A5E0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:AutorunsDisabled () -
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.09.26 13:13:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.25 14:16:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Petr\Recent
========== Files - Modified Within 7 Days ==========
[2012.09.26 13:33:50 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2012.09.26 13:23:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.26 13:22:14 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.26 13:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.26 13:16:27 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.26 13:16:12 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012.09.26 13:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.26 13:08:02 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.26 13:01:12 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.25 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.25 19:08:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.25 18:05:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.25 15:22:08 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.25 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.25 14:15:27 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.24 19:58:49 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (petr).job
[2012.09.23 10:01:01 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.22 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.22 19:17:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.22 19:17:55 | 2136,256,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 12:05:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.19 21:11:19 | 000,000,298 | ---- | M] () -- C:\WINDOWS\lexstat.ini
========== Files Created - No Company Name ==========
[2012.09.26 13:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.11 20:05:25 | 000,108,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.05.09 11:44:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.03.29 23:38:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012.03.29 23:38:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012.03.29 23:38:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012.03.03 21:54:56 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.02.15 15:13:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.14 12:43:39 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2011.12.14 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.12.14 12:39:19 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2011.11.16 09:10:03 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011.11.16 07:46:07 | 000,000,058 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011.10.14 12:13:06 | 000,000,298 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.10.14 12:11:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2011.10.14 12:11:39 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2011.10.14 12:11:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2011.10.14 12:11:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011.10.14 12:09:52 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2011.10.14 12:09:16 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.04.19 13:22:20 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.04.19 13:22:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.02.20 18:01:45 | 002,703,360 | ---- | C] () -- C:\Documents and Settings\Petr\ntuser.rhk
[2010.12.10 23:50:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.10.20 09:55:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Petr\Data aplikací\wklnhst.dat
[2010.10.18 19:01:36 | 000,043,520 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.08.04 12:26:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 14:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.02.21 13:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2011.12.14 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2011.02.26 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.23 19:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.03.01 15:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.02 12:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2012.01.23 16:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.08.04 13:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
[2011.08.22 13:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2011.08.23 21:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.10.19 05:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinClon
[2010.08.04 12:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WLAN
[2011.01.10 08:55:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
[2011.12.16 21:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\.minecraft
[2011.11.11 20:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ConMet
[2012.01.20 16:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ICQ
[2012.02.03 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\IObit
[2010.12.29 19:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Miranda
[2011.03.04 19:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Nokia
[2011.03.01 16:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PlayFirst
[2011.08.13 13:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Rainmeter
[2011.07.18 19:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Telefónica Móviles
[2012.04.20 16:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Unity
[2011.05.27 14:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Zoner
[2012.01.14 09:40:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Michaela\Data aplikací\.#
[2012.09.11 18:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\.minecraft
[2011.11.11 18:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ConMet
[2011.03.04 19:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ICQ
[2012.02.02 12:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\IObit
[2011.03.02 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PC Suite
[2011.04.17 11:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PlayFirst
[2011.08.14 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Rainmeter
[2011.04.24 08:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Telefónica Móviles
[2012.04.30 16:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Unity
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2010.08.04 12:18:51 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.04 20:44:36 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.10.18 19:38:20 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2010.11.02 10:25:17 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.11.02 10:25:18 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.03.08 19:36:13 | 000,000,492 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.06.12 10:43:08 | 000,000,478 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2011.10.31 12:18:57 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2011.11.30 13:34:48 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2011.11.30 13:34:50 | 000,001,022 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2011.11.30 15:01:51 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2011.11.30 15:01:53 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2011.12.10 17:51:14 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2011.12.10 17:51:17 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.02.27 18:38:54 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.02.27 18:38:55 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.05.01 18:29:27 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.05.01 18:31:01 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.05.14 15:51:26 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.05.14 15:51:27 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[39 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.02.17 11:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.25 20:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2010.08.04 12:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.04 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\InstallShield
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2012.04.24 18:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.02.23 09:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Malwarebytes
[2011.02.17 11:22:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2010.10.23 19:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2012.05.09 11:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nero
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2011.11.16 07:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.11.16 01:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.12.28 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.01.20 12:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\SUPERAntiSpyware.com
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Uninstall.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012.09.24 19:58:49 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2012.09.22 12:05:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.25 18:05:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.23 10:01:01 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.26 13:01:12 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.25 15:22:08 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.26 13:22:14 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.25 19:08:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.26 14:08:04 | 000,001,022 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.22 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.26 13:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.25 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.26 14:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.26 13:16:27 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.26 13:16:12 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.09.26 14:18:55 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.08.04 14:06:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.08.04 14:06:22 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.08.04 14:06:22 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"CursorFX" = "C:\Program Files\Stardock\CursorFX\CursorFX.exe" -- [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation)
"Google Update" = "C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.10.23 14:52:24 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.26 13:23:17 | 000,000,512 | ---- | M] () MD5=3225A118DFAC7A2F0603E0548DA580E6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.09.11 17:58:27 | 046,832,595 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\hry\Minecraft-1.3.2-cracked.exe
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Nabídka Start\Programy\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.09.11 17:50:56 | 000,000,963 | ---- | M] () -- \Documents and Settings\Michaela\Plocha\Start Minecraft Cracked.lnk
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2009.08.11 10:33:12 | 000,018,150 | ---- | M] () -- \Program Files\Samsung Casual Games\Go-Go Gourmet\Sound\firecracks.ogg
< *keygen* /s >
< *loader* /s >
[2010.01.21 15:05:00 | 000,000,232 | R--- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.08.28 12:29:14 | 000,013,317 | ---- | M] () -- \Documents and Settings\Kateřina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\images\1024\page\loader-logo.png
[2012.09.24 18:12:37 | 000,105,903 | ---- | M] () -- \Documents and Settings\Michaela\Local Settings\Temporary Internet Files\Content.IE5\F4L2KFON\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.09.24 18:12:36 | 000,000,753 | ---- | M] () -- \Documents and Settings\Michaela\Local Settings\Temporary Internet Files\Content.IE5\SPM29AKY\AdLoader[1].htm
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2011.06.24 22:56:21 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.24 22:56:22 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.24 22:56:21 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.26 19:28:55 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.08.02 22:22:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.24 22:57:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.24 22:57:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.08.26 18:32:50 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011.08.26 20:37:01 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.09.03 20:31:22 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\warsheep\preloader02.swf
[2011.08.26 18:14:47 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\zoopaloola\preloader02.swf
[2012.04.25 19:52:22 | 000,262,544 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll
[2012.04.25 18:57:04 | 000,006,522 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_center.png
[2012.04.25 18:57:04 | 000,008,711 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_left.png
[2012.04.25 18:57:04 | 000,008,745 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_right.png
[2012.04.25 18:57:24 | 000,000,154 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\resources\neutral\decl\common\widgets\ConditionalLoader.qml
[2010.12.09 14:10:30 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.08.11 10:33:56 | 000,004,960 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\LoaderBar.gif
[2009.08.11 10:33:56 | 000,001,064 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\_LoaderBar.gif
[2006.12.27 15:45:42 | 000,466,944 | ---- | M] () -- \Program Files\Samsung\Easy Display Manager\DMLoader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.08.04 12:57:29 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2012.09.26 13:01:43 | 000,024,676 | ---- | M] () -- \WINDOWS\Prefetch\DMLOADER.EXE-126D6CC1.pf
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2012.02.02 15:15:04 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2012.02.21 15:46:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:0EC24B70403293D3
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9
< End of report >
OTL logfile created on: 26.9.2012 13:16:01 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 55,46% Memory free
3,33 Gb Paging File | 2,62 Gb Available in Paging File | 78,64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,46 Gb Free Space | 64,85% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.09.26 13:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
PRC - [2012.08.30 04:58:46 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
PRC - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2010.05.20 13:43:26 | 000,847,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010.05.06 15:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
PRC - [2010.03.25 20:44:26 | 001,891,720 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.03.24 05:12:58 | 001,599,880 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2010.02.11 08:22:38 | 000,374,784 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
PRC - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
PRC - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
PRC - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
PRC - [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\CursorFX\CursorFX.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.30 04:58:45 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012.08.30 04:58:42 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012.08.30 04:57:15 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012.08.30 04:57:13 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012.08.30 04:57:12 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012.08.30 03:50:45 | 009,607,368 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
MOD - [2011.10.24 12:29:32 | 000,816,224 | R--- | M] () -- C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\wincfi39.dll
MOD - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
MOD - [2010.04.16 14:11:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
MOD - [2009.09.19 19:42:22 | 000,031,744 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\SysInfo.dll
MOD - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2009.09.19 19:41:00 | 000,387,584 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
MOD - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
MOD - [2008.03.12 22:00:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Stardock\CursorFX\zlib1.dll
MOD - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
MOD - [2006.08.12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2003.08.07 21:25:36 | 000,205,312 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKFC5C.DLL
MOD - [2003.07.29 09:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe -- (NOF)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe -- (SRS_WOWXT_Service)
SRV - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe -- (AshampooDefragService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2012.09.25 18:21:01 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{488EA123-EF1A-4F8B-8E1B-A7DC164A951C}\MpKsld8512eb8.sys -- (MpKsld8512eb8)
DRV - [2012.09.10 21:26:02 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.12.14 12:38:57 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011.11.17 05:38:00 | 000,197,624 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NSM\0203000.01A\symrdr.sys -- (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A})
DRV - [2011.11.05 01:59:35 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NOF\0203000.007\ccSetx86.sys -- (ccSet_NOF)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.12 23:55:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:08:16 | 000,011,624 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011.02.27 17:52:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.04 20:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010.04.28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010.04.14 06:41:12 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010.03.18 01:40:12 | 005,878,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.12.30 13:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.11.18 16:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 16:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.28 11:22:00 | 000,298,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2009.07.31 18:59:14 | 000,227,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009.07.01 11:50:00 | 000,237,952 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC33F.sys -- (VMC33F)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.10.27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLS_cs
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Nová složka\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Documents and Settings\Petr\Local Settings\Data aplikací\RewardsArcadeSuite\1950\Firefox [2012.02.12 23:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\Documents and Settings\All Users\Data aplikací\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.3.0.20\coFFFw\ [2012.09.22 19:26:11 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... 1I7GGLS_cs
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\mbkkogpfmmfmppkbopdikooeibnjhfpi\2.3.0.26_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Picasa (Enabled) = D:\Nov\u00E1 slo\u017Eka\Picasa3\npPicasa3.dll
CHR - Extension: YouTube = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.42_0\
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\crossrider
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\
CHR - Extension: Norton Safety Minder = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mbkkogpfmmfmppkbopdikooeibnjhfpi\2.3.0.26_0\
CHR - Extension: Gmail = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.06.11 23:32:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
O2 - BHO: (Norton Safety Minder BHO) - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [EasySpeedUpManager] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [EasySpeedUpManager2] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe (Samsung Electronics)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Documents and Settings\Kateřina\Nabídka Start\Programy\Po spuštění\CPUMon.lnk = C:\Program Files\CPUMon\CPUMon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.ovanet.cz/files/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C799312B-DF94-4FF4-8429-87EA8B73A5E0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:AutorunsDisabled () -
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.09.26 13:13:12 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.25 14:16:13 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Petr\Recent
========== Files - Modified Within 7 Days ==========
[2012.09.26 13:33:50 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2012.09.26 13:23:17 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.26 13:22:14 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.26 13:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.26 13:16:27 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.26 13:16:12 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012.09.26 13:13:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.26 13:08:02 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.26 13:01:12 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.25 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.25 19:08:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.25 18:05:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.25 15:22:08 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.25 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.25 14:15:27 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.24 19:58:49 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (petr).job
[2012.09.23 10:01:01 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.22 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.22 19:17:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.22 19:17:55 | 2136,256,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 12:05:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.19 21:11:19 | 000,000,298 | ---- | M] () -- C:\WINDOWS\lexstat.ini
========== Files Created - No Company Name ==========
[2012.09.26 13:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.11 20:05:25 | 000,108,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.05.09 11:44:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.03.29 23:38:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012.03.29 23:38:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012.03.29 23:38:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012.03.03 21:54:56 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.02.15 15:13:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.14 12:43:39 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2011.12.14 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.12.14 12:39:19 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2011.11.16 09:10:03 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011.11.16 07:46:07 | 000,000,058 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011.10.14 12:13:06 | 000,000,298 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.10.14 12:11:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2011.10.14 12:11:39 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2011.10.14 12:11:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2011.10.14 12:11:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011.10.14 12:09:52 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2011.10.14 12:09:16 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.04.19 13:22:20 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.04.19 13:22:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.02.20 18:01:45 | 002,703,360 | ---- | C] () -- C:\Documents and Settings\Petr\ntuser.rhk
[2010.12.10 23:50:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.10.20 09:55:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Petr\Data aplikací\wklnhst.dat
[2010.10.18 19:01:36 | 000,043,520 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.08.04 12:26:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 14:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.02.21 13:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2011.12.14 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2011.02.26 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.23 19:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.03.01 15:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.02 12:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2012.01.23 16:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.08.04 13:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
[2011.08.22 13:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2011.08.23 21:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.10.19 05:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinClon
[2010.08.04 12:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WLAN
[2011.01.10 08:55:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
[2011.12.16 21:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\.minecraft
[2011.11.11 20:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ConMet
[2012.01.20 16:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ICQ
[2012.02.03 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\IObit
[2010.12.29 19:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Miranda
[2011.03.04 19:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Nokia
[2011.03.01 16:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PlayFirst
[2011.08.13 13:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Rainmeter
[2011.07.18 19:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Telefónica Móviles
[2012.04.20 16:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Unity
[2011.05.27 14:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Zoner
[2012.01.14 09:40:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Michaela\Data aplikací\.#
[2012.09.11 18:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\.minecraft
[2011.11.11 18:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ConMet
[2011.03.04 19:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ICQ
[2012.02.02 12:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\IObit
[2011.03.02 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PC Suite
[2011.04.17 11:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PlayFirst
[2011.08.14 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Rainmeter
[2011.04.24 08:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Telefónica Móviles
[2012.04.30 16:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Unity
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2010.08.04 12:18:51 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.04 20:44:36 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.10.18 19:38:20 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2010.11.02 10:25:17 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.11.02 10:25:18 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.03.08 19:36:13 | 000,000,492 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.06.12 10:43:08 | 000,000,478 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2011.10.31 12:18:57 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2011.11.30 13:34:48 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2011.11.30 13:34:50 | 000,001,022 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2011.11.30 15:01:51 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2011.11.30 15:01:53 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2011.12.10 17:51:14 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2011.12.10 17:51:17 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.02.27 18:38:54 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.02.27 18:38:55 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.05.01 18:29:27 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.05.01 18:31:01 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.05.14 15:51:26 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.05.14 15:51:27 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[39 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.02.17 11:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.25 20:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2010.08.04 12:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.04 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\InstallShield
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2012.04.24 18:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.02.23 09:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Malwarebytes
[2011.02.17 11:22:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2010.10.23 19:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2012.05.09 11:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nero
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2011.11.16 07:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.11.16 01:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.12.28 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.01.20 12:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\SUPERAntiSpyware.com
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Uninstall.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012.09.24 19:58:49 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2012.09.22 12:05:02 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.25 18:05:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.23 10:01:01 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.26 13:01:12 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.25 15:22:08 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.26 13:22:14 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.25 19:08:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.26 14:08:04 | 000,001,022 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.22 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.26 13:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.25 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.26 14:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.26 13:16:27 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.26 13:16:12 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.09.26 14:18:55 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.08.04 14:06:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.08.04 14:06:22 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.08.04 14:06:22 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"CursorFX" = "C:\Program Files\Stardock\CursorFX\CursorFX.exe" -- [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation)
"Google Update" = "C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.10.23 14:52:24 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.26 13:23:17 | 000,000,512 | ---- | M] () MD5=3225A118DFAC7A2F0603E0548DA580E6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.09.11 17:58:27 | 046,832,595 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\hry\Minecraft-1.3.2-cracked.exe
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Nabídka Start\Programy\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.09.11 17:50:56 | 000,000,963 | ---- | M] () -- \Documents and Settings\Michaela\Plocha\Start Minecraft Cracked.lnk
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2009.08.11 10:33:12 | 000,018,150 | ---- | M] () -- \Program Files\Samsung Casual Games\Go-Go Gourmet\Sound\firecracks.ogg
< *keygen* /s >
< *loader* /s >
[2010.01.21 15:05:00 | 000,000,232 | R--- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.08.28 12:29:14 | 000,013,317 | ---- | M] () -- \Documents and Settings\Kateřina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\images\1024\page\loader-logo.png
[2012.09.24 18:12:37 | 000,105,903 | ---- | M] () -- \Documents and Settings\Michaela\Local Settings\Temporary Internet Files\Content.IE5\F4L2KFON\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.09.24 18:12:36 | 000,000,753 | ---- | M] () -- \Documents and Settings\Michaela\Local Settings\Temporary Internet Files\Content.IE5\SPM29AKY\AdLoader[1].htm
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2011.06.24 22:56:21 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.24 22:56:22 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.24 22:56:21 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.26 19:28:55 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.08.02 22:22:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.24 22:57:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.24 22:57:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.08.26 18:32:50 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011.08.26 20:37:01 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.09.03 20:31:22 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\warsheep\preloader02.swf
[2011.08.26 18:14:47 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\zoopaloola\preloader02.swf
[2012.04.25 19:52:22 | 000,262,544 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\prloader.dll
[2012.04.25 18:57:04 | 000,006,522 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_center.png
[2012.04.25 18:57:04 | 000,008,711 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_left.png
[2012.04.25 18:57:04 | 000,008,745 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_right.png
[2012.04.25 18:57:24 | 000,000,154 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\resources\neutral\decl\common\widgets\ConditionalLoader.qml
[2010.12.09 14:10:30 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.08.11 10:33:56 | 000,004,960 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\LoaderBar.gif
[2009.08.11 10:33:56 | 000,001,064 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\_LoaderBar.gif
[2006.12.27 15:45:42 | 000,466,944 | ---- | M] () -- \Program Files\Samsung\Easy Display Manager\DMLoader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.08.04 12:57:29 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2012.09.26 13:01:43 | 000,024,676 | ---- | M] () -- \WINDOWS\Prefetch\DMLOADER.EXE-126D6CC1.pf
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2012.02.02 15:15:04 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2012.02.21 15:46:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:0EC24B70403293D3
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9
< End of report >
Používám :
-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
A druhý sken
OTL Extras logfile created on: 26.9.2012 13:16:01 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 55,46% Memory free
3,33 Gb Paging File | 2,62 Gb Available in Paging File | 78,64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,46 Gb Free Space | 64,85% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Disabled:Facebook Video Calling -- (Skype Limited)
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE -- (Lexmark International, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AA278D-E0B9-4F99-ACCC-070978A38453}" = Easy Resolution Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBEBAAF-A363-458D-8D26-9F61AC98ACC3}" = SRS WOW XT and TSXT
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 pro Windows
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51BED-E7D3-11DB-A386-005056C00008}" = WebCam SCB-0340N
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111212843}" = Diner Dash 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113143653}" = Dream Chronicles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C8BFF2-0044-4500-8BB5-BEB0D2335885}" = REALTEK PCIE Wireless LAN Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C4582EED-A3FB-4358-8F3F-8C994460DF28}" = EasyFileShare
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F9557866-B4C8-4CE5-8508-0E386BDC20B2}" = Easy Network Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2
"AutocompletePro3_is1" = AutocompletePro
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"CPUMon_is1" = CPUMon
"CursorFX" = CursorFX
"Đ»đ¸ßÇĺµçÓ°_is1" = BlazeTV 1.0.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"Elantech" = ETDWare PS/2-x86 7.0.7.0_WHQL
"ESET Online Scanner" = ESET Online Scanner v3
"Game Booster_is1" = Game Booster
"GIMP-2_is1" = GIMP 2.8.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NOF" = Norton Online
"Nokia PC Suite" = Nokia PC Suite
"NSM" = Norton Safety Minder
"O2CZ" = O2
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter (remove only)
"Síťový adaptér Broadcom 802.11" = Síťový adaptér Broadcom 802.11
"SpeedFan" = SpeedFan (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"Vit Registry Fix" = Vit Registry Fix 9.5 (remove only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"RewardsArcadeSuite" = RewardsArcadeSuite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.9.2012 15:08:06 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 11.9.2012 5:39:20 | Computer Name = POKOJIK | Source = Family Safety Service | ID = 0
Description = IDCRL login failed. Error Code: 80048848 Username: 'si.pet@hotmail.com'
Proxy:
'(null)' Proxy Bypass: '(null)' Environment: 'Production'
Error - 11.9.2012 5:39:20 | Computer Name = POKOJIK | Source = Family Safety Service | ID = 0
Description = IDCRL login failed (second attempt). Error Code: 80048848 Username:
'si.pet@hotmail.com' Proxy: '(null)' Proxy Bypass: '(null)' Environment: 'Production'
Error - 11.9.2012 11:17:56 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 13.9.2012 11:28:06 | Computer Name = POKOJIK | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 11.2.0.9, chybující modul trayicon.dll,
verze 2.3.0.26, adresa chyby 0x00099809.
Error - 18.9.2012 11:43:27 | Computer Name = POKOJIK | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Přístup byl odepřen.
Error - 18.9.2012 11:43:30 | Computer Name = POKOJIK | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Přístup byl odepřen.
Error - 18.9.2012 15:55:36 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 18.9.2012 15:57:53 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 22.9.2012 13:19:33 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ OSession Events ]
Error - 27.3.2011 6:14:24 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 3.5.2012 10:17:40 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:46 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:46 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:46 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 8:17:14 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
< End of report >
OTL Extras logfile created on: 26.9.2012 13:16:01 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 55,46% Memory free
3,33 Gb Paging File | 2,62 Gb Available in Paging File | 78,64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,46 Gb Free Space | 64,85% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Disabled:Facebook Video Calling -- (Skype Limited)
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE -- (Lexmark International, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AA278D-E0B9-4F99-ACCC-070978A38453}" = Easy Resolution Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBEBAAF-A363-458D-8D26-9F61AC98ACC3}" = SRS WOW XT and TSXT
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 pro Windows
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51BED-E7D3-11DB-A386-005056C00008}" = WebCam SCB-0340N
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111212843}" = Diner Dash 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113143653}" = Dream Chronicles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C8BFF2-0044-4500-8BB5-BEB0D2335885}" = REALTEK PCIE Wireless LAN Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C4582EED-A3FB-4358-8F3F-8C994460DF28}" = EasyFileShare
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F9557866-B4C8-4CE5-8508-0E386BDC20B2}" = Easy Network Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2
"AutocompletePro3_is1" = AutocompletePro
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"CPUMon_is1" = CPUMon
"CursorFX" = CursorFX
"Đ»đ¸ßÇĺµçÓ°_is1" = BlazeTV 1.0.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"Elantech" = ETDWare PS/2-x86 7.0.7.0_WHQL
"ESET Online Scanner" = ESET Online Scanner v3
"Game Booster_is1" = Game Booster
"GIMP-2_is1" = GIMP 2.8.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NOF" = Norton Online
"Nokia PC Suite" = Nokia PC Suite
"NSM" = Norton Safety Minder
"O2CZ" = O2
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter (remove only)
"Síťový adaptér Broadcom 802.11" = Síťový adaptér Broadcom 802.11
"SpeedFan" = SpeedFan (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"Vit Registry Fix" = Vit Registry Fix 9.5 (remove only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"RewardsArcadeSuite" = RewardsArcadeSuite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.9.2012 15:08:06 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 11.9.2012 5:39:20 | Computer Name = POKOJIK | Source = Family Safety Service | ID = 0
Description = IDCRL login failed. Error Code: 80048848 Username: 'si.pet@hotmail.com'
Proxy:
'(null)' Proxy Bypass: '(null)' Environment: 'Production'
Error - 11.9.2012 5:39:20 | Computer Name = POKOJIK | Source = Family Safety Service | ID = 0
Description = IDCRL login failed (second attempt). Error Code: 80048848 Username:
'si.pet@hotmail.com' Proxy: '(null)' Proxy Bypass: '(null)' Environment: 'Production'
Error - 11.9.2012 11:17:56 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 13.9.2012 11:28:06 | Computer Name = POKOJIK | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 11.2.0.9, chybující modul trayicon.dll,
verze 2.3.0.26, adresa chyby 0x00099809.
Error - 18.9.2012 11:43:27 | Computer Name = POKOJIK | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Přístup byl odepřen.
Error - 18.9.2012 11:43:30 | Computer Name = POKOJIK | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Přístup byl odepřen.
Error - 18.9.2012 15:55:36 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 18.9.2012 15:57:53 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 22.9.2012 13:19:33 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ OSession Events ]
Error - 27.3.2011 6:14:24 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 3.5.2012 10:17:40 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:45 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:46 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:46 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 7:09:46 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7023
Description = Služba Správa aplikací byla ukončena s následující chybou: %%126
Error - 26.9.2012 8:17:14 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
< End of report >
Používám :
Re: Preventivka ntb dětí
Odinstalujte Kaspersky Security Scan jinak bude kolidovat s MSE Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO) IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60347 IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLS_cs O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O3 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) [2011.01.10 08:55:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E} [2012.01.14 09:40:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Michaela\Data aplikací\.# [2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.# [2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit [2010.08.04 20:44:36 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini [2010.10.18 19:38:20 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job [2010.11.02 10:25:17 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2010.11.02 10:25:18 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2011.03.08 19:36:13 | 000,000,492 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2011.06.12 10:43:08 | 000,000,478 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job [2011.10.31 12:18:57 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job [2011.11.30 13:34:48 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job [2011.11.30 13:34:50 | 000,001,022 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job [2011.11.30 15:01:51 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job [2011.11.30 15:01:53 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job [2011.12.10 17:51:14 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job [2011.12.10 17:51:17 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job [2012.02.27 18:38:54 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job [2012.02.27 18:38:55 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job [2012.05.01 18:29:27 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job [2012.05.01 18:31:01 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [2012.05.14 15:51:26 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job [2012.05.14 15:51:27 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job @Alternate Data Stream - 24 bytes -> C:\WINDOWS:0EC24B70403293D3 @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8 @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728 @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2 @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57 @Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9 :services gupdate gupdatem ICQ Service :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=- "Google Update"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] :files C:\Program Files\ICQ6Toolbar C:\Program Files\Lavasoft %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
Bohužel se dneska vyskytl problém a to ten, že jsem se vůbec nemohl připojit k internetu, zkusil jsem bod obnovení a poprvé to nepomohlo. Musel jsem dát bod obnovení až 5 dní zpět a připojení již funguje. Chci se tedy zeptat jak pokračovat dále, protože jsem se vrátil o 4 dny dříve oproti provedené kontrole OTL, zda tedy vložit nový výpis rsit nebo pokračovat v postupu jak je popsáno v předchozím příspěvku. Díky.
Používám :
Re: Preventivka ntb dětí
Ten problem nastal po aplikaci skriptu OTL 
Udelejte znovu sken pomoci OTL - nastaveni atd jako minule"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
No to právě nemám tušení, protože po tom co proběhl sken počítač ještě normálně běžel až do večera kdy se vypnul a ráno už jsem se nepřihlásil k síti a ani mi to nenašlo žádné další sítě v okolí a musel jsem právě udělat bod obnovy až 5 dní zpět. Jestli mohl nějakou nestabilitu způsobit právě script OTL to vůbec netuším ale je možný, že právě tím vypnutím večer a zapnutím ráno mohlo dojít k nějakému problému v nastavení připojení k bezdrátové síti. Docela mám obavu udělat nový sken aby to nedopadlo jako dneska ráno Udělám ho ale až zítra, včera to trvalo přes 75 minut. 
Udělám ho ale až zítra, včera to trvalo přes 75 minut. Používám :
Re: Preventivka ntb dětí
Skenem se nema co pokazit - OTL pri nem nic nemeni, nic nenastavuje To az pak pri oprave, proto jsem se ptal jestli byl problem az po tom opravnem skriptu OK, nic se nedeje, ja tu budu vecer"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
Omlouvám se za zpoždění, ale byl jsem nečekaně služebně odvolán mimo. Nové logy OTL
OTL logfile created on: 29.9.2012 20:26:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,46% Memory free
3,33 Gb Paging File | 2,53 Gb Available in Paging File | 76,11% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,43 Gb Free Space | 64,79% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.09.29 20:25:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
PRC - [2012.09.25 11:43:01 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
PRC - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.11.16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2010.05.20 13:43:26 | 000,847,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010.05.06 15:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
PRC - [2010.03.25 20:44:26 | 001,891,720 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.03.24 05:12:58 | 001,599,880 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2010.02.11 08:22:38 | 000,374,784 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
PRC - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
PRC - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
PRC - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
PRC - [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\CursorFX\CursorFX.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
========== Modules (No Company Name) ==========
MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012.09.25 11:42:57 | 012,278,808 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012.09.10 08:03:02 | 004,051,456 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\1.0.1.3\libGLESv2.dll
MOD - [2012.09.10 08:03:02 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\1.0.1.3\libEGL.dll
MOD - [2011.10.24 12:29:32 | 000,816,224 | R--- | M] () -- C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\wincfi39.dll
MOD - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
MOD - [2010.04.16 14:11:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
MOD - [2009.09.19 19:42:22 | 000,031,744 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\SysInfo.dll
MOD - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2009.09.19 19:41:00 | 000,387,584 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
MOD - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.12 22:00:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Stardock\CursorFX\zlib1.dll
MOD - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
MOD - [2006.08.12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2003.07.29 09:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe -- (NOF)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe -- (SRS_WOWXT_Service)
SRV - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe -- (AshampooDefragService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2012.09.28 18:37:30 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA08DCA1-5C20-4C35-B0D0-C9D3807F5683}\MpKsl23245268.sys -- (MpKsl23245268)
DRV - [2012.09.10 21:26:02 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.12.14 12:38:57 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011.11.17 05:38:00 | 000,197,624 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NSM\0203000.01A\symrdr.sys -- (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A})
DRV - [2011.11.05 01:59:35 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NOF\0203000.007\ccSetx86.sys -- (ccSet_NOF)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.12 23:55:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:08:16 | 000,011,624 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011.02.27 17:52:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.04 20:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010.04.28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010.04.14 06:41:12 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010.03.18 01:40:12 | 005,878,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.12.30 13:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.11.18 16:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 16:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.28 11:22:00 | 000,298,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2009.07.31 18:59:14 | 000,227,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009.07.01 11:50:00 | 000,237,952 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC33F.sys -- (VMC33F)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.10.27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLS_cs
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Nová složka\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Documents and Settings\Petr\Local Settings\Data aplikací\RewardsArcadeSuite\1950\Firefox [2012.02.12 23:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\Documents and Settings\All Users\Data aplikací\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.3.0.20\coFFFw\ [2012.09.29 17:25:02 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\mbkkogpfmmfmppkbopdikooeibnjhfpi\2.3.0.26_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Picasa (Enabled) = D:\Nov\u00E1 slo\u017Eka\Picasa3\npPicasa3.dll
CHR - Extension: Weather (extension) = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.0_0\
CHR - Extension: YouTube = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Ozn\u00E1men\u00ED Google+ = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.0.1.619_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: TimelineRemove = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.4_0\
CHR - Extension: Hodiny = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.9_0\
CHR - Extension: Classic = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
CHR - Extension: Centrum.cz Email Notifik\u00E1tor = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm\0.0.4.0_0\
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\crossrider
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\
CHR - Extension: The Weather Channel for Chrome = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop\1.0.0.4_0\
CHR - Extension: Weather Window by WeatherBug = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\1.0.12_0\
CHR - Extension: Tla\u010D\u00EDtko Google +1 = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.1.2.424_0\
CHR - Extension: Weather Europe = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kadgobdfbdigmegffjkflccgkdnjpine\4.2_0\
CHR - Extension: Mapy Google = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.5_0\
CHR - Extension: Facebook Notifications = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Picasa = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.06.11 23:32:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
O2 - BHO: (Norton Safety Minder BHO) - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\coieplg.dll (Symantec Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [EasySpeedUpManager] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [EasySpeedUpManager2] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe (Samsung Electronics)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2012.09.27 12:05:21 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Documents and Settings\Kateřina\Nabídka Start\Programy\Po spuštění\CPUMon.lnk = C:\Program Files\CPUMon\CPUMon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.ovanet.cz/files/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C799312B-DF94-4FF4-8429-87EA8B73A5E0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:AutorunsDisabled () -
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.09.29 20:25:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.27 12:05:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
[2012.09.27 10:54:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Petr\Recent
[2012.09.27 10:12:24 | 000,000,000 | ---D | C] -- C:\Config.Msi
========== Files - Modified Within 7 Days ==========
[2012.09.29 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.29 20:35:42 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2012.09.29 20:34:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.29 20:25:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.29 20:22:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.29 20:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.29 20:19:10 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.29 20:15:00 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.29 16:49:08 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012.09.29 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.29 11:15:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.28 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.28 18:25:58 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.27 12:07:20 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2012.09.27 12:07:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.27 12:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.27 12:06:59 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.27 12:06:58 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.27 11:41:38 | 000,002,250 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Google Chrome.lnk
[2012.09.27 10:58:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.27 10:58:05 | 2136,256,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.27 10:24:08 | 000,433,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.27 10:24:08 | 000,068,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.27 10:24:07 | 000,430,114 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.09.27 10:24:07 | 000,079,118 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.09.27 10:16:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (petr).job
========== Files Created - No Company Name ==========
[2012.09.26 13:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.11 20:05:25 | 000,108,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.05.09 11:44:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.03.29 23:38:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012.03.29 23:38:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012.03.29 23:38:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012.03.03 21:54:56 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.02.15 15:13:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.14 12:43:39 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2011.12.14 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.12.14 12:39:19 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2011.11.16 09:10:03 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011.11.16 07:46:07 | 000,000,058 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011.10.14 12:13:06 | 000,000,298 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.10.14 12:11:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2011.10.14 12:11:39 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2011.10.14 12:11:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2011.10.14 12:11:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011.10.14 12:09:52 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2011.10.14 12:09:16 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.04.19 13:22:20 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.04.19 13:22:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.02.20 18:01:45 | 002,703,360 | ---- | C] () -- C:\Documents and Settings\Petr\ntuser.rhk
[2010.12.10 23:50:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.10.20 09:55:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Petr\Data aplikací\wklnhst.dat
[2010.10.18 19:01:36 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.08.04 12:26:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 14:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.02.21 13:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2011.12.14 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2011.02.26 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.23 19:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.03.01 15:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.02 12:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2012.01.23 16:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.08.04 13:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
[2011.08.22 13:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2011.08.23 21:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.10.19 05:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinClon
[2010.08.04 12:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WLAN
[2011.01.10 08:55:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
[2011.12.16 21:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\.minecraft
[2011.11.11 20:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ConMet
[2012.01.20 16:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ICQ
[2012.02.03 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\IObit
[2010.12.29 19:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Miranda
[2011.03.04 19:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Nokia
[2011.03.01 16:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PlayFirst
[2011.08.13 13:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Rainmeter
[2011.07.18 19:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Telefónica Móviles
[2012.04.20 16:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Unity
[2011.05.27 14:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Zoner
[2012.01.14 09:40:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Michaela\Data aplikací\.#
[2012.09.29 17:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\.minecraft
[2011.11.11 18:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ConMet
[2011.03.04 19:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ICQ
[2012.02.02 12:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\IObit
[2011.03.02 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PC Suite
[2011.04.17 11:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PlayFirst
[2011.08.14 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Rainmeter
[2011.04.24 08:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Telefónica Móviles
[2012.04.30 16:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Unity
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2010.08.04 12:18:51 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.04 20:44:36 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.10.18 19:38:20 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2010.11.02 10:25:17 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.11.02 10:25:18 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.03.08 19:36:13 | 000,000,492 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.06.12 10:43:08 | 000,000,478 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2011.10.31 12:18:57 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2011.11.30 13:34:48 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2011.11.30 13:34:50 | 000,001,022 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2011.11.30 15:01:51 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2011.11.30 15:01:53 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2011.12.10 17:51:14 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2011.12.10 17:51:17 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.02.27 18:38:54 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.02.27 18:38:55 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.05.01 18:29:27 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.05.01 18:31:01 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.05.14 15:51:26 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.05.14 15:51:27 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[39 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.02.17 11:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.25 20:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2010.08.04 12:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.04 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\InstallShield
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2012.04.24 18:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.02.23 09:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Malwarebytes
[2011.02.17 11:22:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2010.10.23 19:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2012.05.09 11:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nero
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2011.11.16 07:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.11.16 01:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.12.28 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.01.20 12:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\SUPERAntiSpyware.com
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Uninstall.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012.09.27 12:07:20 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2012.09.27 12:06:58 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.27 12:06:59 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.27 12:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.27 12:07:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.29 20:19:10 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.29 21:22:01 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.29 11:15:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.29 21:15:05 | 000,001,022 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.28 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.29 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.29 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.29 21:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.28 18:25:58 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.29 16:49:08 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.09.29 21:20:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.08.04 14:06:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.08.04 14:06:22 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.08.04 14:06:22 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.09.27 10:24:07 | 000,079,118 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.09.27 10:24:08 | 000,068,480 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.09.27 10:24:07 | 000,430,114 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.09.27 10:24:08 | 000,433,524 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.09.27 10:16:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"CursorFX" = "C:\Program Files\Stardock\CursorFX\CursorFX.exe" -- [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation)
"Google Update" = "C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.10.23 14:52:24 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.29 20:34:38 | 000,000,512 | ---- | M] () MD5=3225A118DFAC7A2F0603E0548DA580E6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.09.11 17:58:27 | 046,832,595 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\hry\Minecraft-1.3.2-cracked.exe
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Nabídka Start\Programy\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Nabídka Start\Programy\Minecraft Cracked\Uninstall Minecraft Cracked.lnk
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Plocha\Start Minecraft Cracked.lnk
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2009.08.11 10:33:12 | 000,018,150 | ---- | M] () -- \Program Files\Samsung Casual Games\Go-Go Gourmet\Sound\firecracks.ogg
< *keygen* /s >
< *loader* /s >
[2010.01.21 15:05:00 | 000,000,232 | R--- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.08.28 12:29:14 | 000,013,317 | ---- | M] () -- \Documents and Settings\Kateřina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\images\1024\page\loader-logo.png
[2012.09.27 12:55:43 | 000,001,440 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.0_0\lib\sf\loader.js
[2012.09.27 12:54:23 | 000,005,379 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.4_0\api-utils\lib\content\loader.js
[2012.09.27 12:54:26 | 000,004,163 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.4_0\api-utils\lib\windows\loader.js
[2012.09.27 12:54:54 | 000,010,819 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\1.0.12_0\images\ajax-loader.gif
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2011.06.24 22:56:21 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.24 22:56:22 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.24 22:56:21 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.26 19:28:55 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.08.02 22:22:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.24 22:57:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.24 22:57:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.08.26 18:32:50 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011.08.26 20:37:01 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.09.03 20:31:22 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\warsheep\preloader02.swf
[2011.08.26 18:14:47 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\zoopaloola\preloader02.swf
[2010.12.09 14:10:30 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.08.11 10:33:56 | 000,004,960 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\LoaderBar.gif
[2009.08.11 10:33:56 | 000,001,064 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\_LoaderBar.gif
[2006.12.27 15:45:42 | 000,466,944 | ---- | M] () -- \Program Files\Samsung\Easy Display Manager\DMLoader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.08.04 12:57:29 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2012.09.29 20:19:42 | 000,026,046 | ---- | M] () -- \WINDOWS\Prefetch\DMLOADER.EXE-126D6CC1.pf
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2012.02.02 15:15:04 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2012.02.21 15:46:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:0EC24B70403293D3
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9
< End of report >
OTL logfile created on: 29.9.2012 20:26:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,46% Memory free
3,33 Gb Paging File | 2,53 Gb Available in Paging File | 76,11% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,43 Gb Free Space | 64,79% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.09.29 20:25:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
PRC - [2012.09.25 11:43:01 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2012.03.26 17:08:12 | 000,931,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe
PRC - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.11.16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2010.05.20 13:43:26 | 000,847,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010.05.06 15:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
PRC - [2010.03.25 20:44:26 | 001,891,720 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.03.24 05:12:58 | 001,599,880 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2010.02.11 08:22:38 | 000,374,784 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
PRC - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe
PRC - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
PRC - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
PRC - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
PRC - [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\CursorFX\CursorFX.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
========== Modules (No Company Name) ==========
MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012.09.25 11:42:57 | 012,278,808 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012.09.10 08:03:02 | 004,051,456 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\1.0.1.3\libGLESv2.dll
MOD - [2012.09.10 08:03:02 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\1.0.1.3\libEGL.dll
MOD - [2011.10.24 12:29:32 | 000,816,224 | R--- | M] () -- C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\wincfi39.dll
MOD - [2010.05.27 20:09:50 | 003,155,456 | ---- | M] () -- C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
MOD - [2010.04.20 14:26:44 | 000,300,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackGround.exe
MOD - [2010.04.16 14:11:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
MOD - [2009.09.19 19:42:22 | 000,031,744 | ---- | M] () -- C:\Program Files\Rainmeter\Plugins\SysInfo.dll
MOD - [2009.09.19 19:41:10 | 000,109,568 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.exe
MOD - [2009.09.19 19:41:00 | 000,387,584 | ---- | M] () -- C:\Program Files\Rainmeter\Rainmeter.dll
MOD - [2008.10.09 09:18:32 | 000,173,408 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
MOD - [2008.10.09 09:18:26 | 000,083,296 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.12 22:00:32 | 000,059,904 | ---- | M] () -- C:\Program Files\Stardock\CursorFX\zlib1.dll
MOD - [2007.10.10 00:36:30 | 001,105,408 | ---- | M] () -- C:\Program Files\CPUMon\CPUMon.exe
MOD - [2006.08.12 12:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
MOD - [2003.07.29 09:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\LXBKPP5C.DLL
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.26 17:03:40 | 000,011,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.11.30 04:17:50 | 000,138,248 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Online\Engine\2.3.0.7\ccSvcHst.exe -- (NOF)
SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.06 19:23:56 | 000,066,792 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Program Files\SRS Labs\SRS WOW XT and TSXT\SRS_PostInstaller.exe -- (SRS_WOWXT_Service)
SRV - [2008.10.09 09:18:18 | 000,750,944 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe -- (AshampooDefragService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2012.09.28 18:37:30 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA08DCA1-5C20-4C35-B0D0-C9D3807F5683}\MpKsl23245268.sys -- (MpKsl23245268)
DRV - [2012.09.10 21:26:02 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.12.14 12:38:57 | 000,483,200 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2011.11.17 05:38:00 | 000,197,624 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NSM\0203000.01A\symrdr.sys -- (SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A})
DRV - [2011.11.05 01:59:35 | 000,132,744 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NOF\0203000.007\ccSetx86.sys -- (ccSet_NOF)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.07.12 23:55:22 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:08:16 | 000,011,624 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011.02.27 17:52:51 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.06.04 20:29:04 | 001,606,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2010.04.28 07:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010.04.14 06:41:12 | 000,051,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2010.03.18 01:40:12 | 005,878,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.12.30 13:20:54 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.11.18 16:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 16:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.28 11:22:00 | 000,298,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2009.07.31 18:59:14 | 000,227,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009.07.01 11:50:00 | 000,237,952 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMC33F.sys -- (VMC33F)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.10.27 06:18:05 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tbid=60347
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLS_cs
IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Nová složka\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Documents and Settings\Petr\Local Settings\Data aplikací\RewardsArcadeSuite\1950\Firefox [2012.02.12 23:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}: C:\Documents and Settings\All Users\Data aplikací\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.3.0.20\coFFFw\ [2012.09.29 17:25:02 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\mbkkogpfmmfmppkbopdikooeibnjhfpi\2.3.0.26_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Petr\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Picasa (Enabled) = D:\Nov\u00E1 slo\u017Eka\Picasa3\npPicasa3.dll
CHR - Extension: Weather (extension) = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.0_0\
CHR - Extension: YouTube = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Ozn\u00E1men\u00ED Google+ = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.0.1.619_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: TimelineRemove = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.4_0\
CHR - Extension: Hodiny = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo\1.9_0\
CHR - Extension: Classic = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
CHR - Extension: Centrum.cz Email Notifik\u00E1tor = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm\0.0.4.0_0\
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\crossrider
CHR - Extension: RewardsArcade Suite = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ielefkgbofdpglioecfjcbikholflklb\1.20.54_0\
CHR - Extension: The Weather Channel for Chrome = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop\1.0.0.4_0\
CHR - Extension: Weather Window by WeatherBug = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\1.0.12_0\
CHR - Extension: Tla\u010D\u00EDtko Google +1 = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp\1.1.2.424_0\
CHR - Extension: Weather Europe = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\kadgobdfbdigmegffjkflccgkdnjpine\4.2_0\
CHR - Extension: Mapy Google = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.5_0\
CHR - Extension: Facebook Notifications = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Picasa = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.06.11 23:32:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps)
O2 - BHO: (Norton Safety Minder BHO) - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.26\coieplg.dll (Symantec Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [EasySpeedUpManager] C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [EasySpeedUpManager2] C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager2.exe (Samsung Electronics)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005..\Run: [CursorFX] C:\Program Files\Stardock\CursorFX\CursorFX.exe (Stardock Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2012.09.27 12:05:21 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O4 - Startup: C:\Documents and Settings\Kateřina\Nabídka Start\Programy\Po spuštění\CPUMon.lnk = C:\Program Files\CPUMon\CPUMon.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/produ ... wsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.ovanet.cz/files/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C799312B-DF94-4FF4-8429-87EA8B73A5E0}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:AutorunsDisabled () -
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.09.29 20:25:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.27 12:05:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
[2012.09.27 10:54:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Petr\Recent
[2012.09.27 10:12:24 | 000,000,000 | ---D | C] -- C:\Config.Msi
========== Files - Modified Within 7 Days ==========
[2012.09.29 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.29 20:35:42 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2012.09.29 20:34:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.29 20:25:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Petr\Plocha\OTL.exe
[2012.09.29 20:22:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.29 20:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.29 20:19:10 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.29 20:15:00 | 000,001,022 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.29 16:49:08 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012.09.29 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.29 11:15:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.28 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.28 18:25:58 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.27 12:07:20 | 000,000,392 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2012.09.27 12:07:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.27 12:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.27 12:06:59 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.27 12:06:58 | 000,001,036 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.27 11:41:38 | 000,002,250 | ---- | M] () -- C:\Documents and Settings\Petr\Plocha\Google Chrome.lnk
[2012.09.27 10:58:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.27 10:58:05 | 2136,256,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.27 10:24:08 | 000,433,524 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.27 10:24:08 | 000,068,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.27 10:24:07 | 000,430,114 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2012.09.27 10:24:07 | 000,079,118 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2012.09.27 10:16:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Scan (petr).job
========== Files Created - No Company Name ==========
[2012.09.26 13:23:17 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.05.11 20:05:25 | 000,108,808 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.05.09 11:44:35 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.03.29 23:38:05 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012.03.29 23:38:05 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012.03.29 23:38:05 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012.03.03 21:54:56 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.02.15 15:13:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.14 12:43:39 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
[2011.12.14 12:40:00 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.12.14 12:39:19 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2011.11.16 09:10:03 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2011.11.16 07:46:07 | 000,000,058 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2011.10.14 12:13:06 | 000,000,298 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2011.10.14 12:11:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2011.10.14 12:11:39 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2011.10.14 12:11:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2011.10.14 12:11:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2011.10.14 12:09:52 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2011.10.14 12:09:16 | 000,297,984 | ---- | C] () -- C:\WINDOWS\unin0405.exe
[2011.04.19 13:22:20 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011.04.19 13:22:20 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011.02.20 18:01:45 | 002,703,360 | ---- | C] () -- C:\Documents and Settings\Petr\ntuser.rhk
[2010.12.10 23:50:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.10.20 09:55:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Petr\Data aplikací\wklnhst.dat
[2010.10.18 19:01:36 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Petr\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.08.04 12:26:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 14:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.02.21 13:09:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2011.12.14 12:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2011.02.26 16:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.10.23 19:07:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.03.01 15:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.02.02 12:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2012.01.23 16:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.08.04 13:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SAMSUNG
[2011.08.22 13:39:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2011.08.23 21:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2010.10.19 05:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinClon
[2010.08.04 12:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WLAN
[2011.01.10 08:55:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E}
[2011.12.16 21:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\.minecraft
[2011.11.11 20:36:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ConMet
[2012.01.20 16:59:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\ICQ
[2012.02.03 17:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\IObit
[2010.12.29 19:58:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Miranda
[2011.03.04 19:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Nokia
[2011.03.01 16:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PC Suite
[2011.08.22 13:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\PlayFirst
[2011.08.13 13:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Rainmeter
[2011.07.18 19:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Telefónica Móviles
[2012.04.20 16:30:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Unity
[2011.05.27 14:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kateřina\Data aplikací\Zoner
[2012.01.14 09:40:12 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Michaela\Data aplikací\.#
[2012.09.29 17:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\.minecraft
[2011.11.11 18:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ConMet
[2011.03.04 19:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\ICQ
[2012.02.02 12:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\IObit
[2011.03.02 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PC Suite
[2011.04.17 11:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\PlayFirst
[2011.08.14 10:46:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Rainmeter
[2011.04.24 08:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Telefónica Móviles
[2012.04.30 16:19:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michaela\Data aplikací\Unity
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
========== Purity Check ==========
========== Custom Scans ==========
< >
[2010.08.04 12:18:51 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.04 20:44:36 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.10.18 19:38:20 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
[2010.11.02 10:25:17 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.11.02 10:25:18 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.03.08 19:36:13 | 000,000,492 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.06.12 10:43:08 | 000,000,478 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2011.10.31 12:18:57 | 000,000,392 | ---- | C] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2011.11.30 13:34:48 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2011.11.30 13:34:50 | 000,001,022 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2011.11.30 15:01:51 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2011.11.30 15:01:53 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2011.12.10 17:51:14 | 000,000,986 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2011.12.10 17:51:17 | 000,001,038 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.02.27 18:38:54 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.02.27 18:38:55 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.05.01 18:29:27 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.05.01 18:31:01 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.05.14 15:51:26 | 000,001,036 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.05.14 15:51:27 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[39 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.11.15 22:08:32 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Petr\Data aplikací\.#
[2011.02.17 11:14:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Adobe
[2011.11.16 07:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ConMet
[2012.01.03 13:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\DAEMON Tools Lite
[2012.07.13 15:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Dropbox
[2012.02.25 20:14:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Google
[2012.02.12 23:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\ICQ
[2010.08.04 12:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Identities
[2010.08.04 12:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\InstallShield
[2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit
[2012.04.24 18:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Macromedia
[2011.02.23 09:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Malwarebytes
[2011.02.17 11:22:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Petr\Data aplikací\Microsoft
[2010.12.27 15:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Miranda
[2010.10.23 19:07:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Mozilla
[2012.05.09 11:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nero
[2011.03.01 16:54:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Nokia
[2011.02.21 13:50:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Notebook Hardware Control
[2011.03.01 16:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\PC Suite
[2012.09.10 21:16:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Rainmeter
[2011.11.16 07:49:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Skype
[2011.11.16 01:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\skypePM
[2010.12.28 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Sun
[2011.01.20 12:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\SUPERAntiSpyware.com
[2010.10.18 14:19:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Telefónica Móviles
[2010.12.21 23:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Template
[2011.02.21 13:46:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\VS Revo Group
[2011.12.31 16:04:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Wise Registry Cleaner
[2011.05.27 10:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\Zoner
< %APPDATA%\*.exe /s >
[2012.02.15 01:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe
[2012.02.15 01:03:44 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Uninstall.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job
[2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012.09.27 12:07:20 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job
[2012.09.27 12:06:58 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.27 12:06:59 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.27 12:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.27 12:07:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.29 20:19:10 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.29 21:22:01 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.29 11:15:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job
[2012.09.29 21:15:05 | 000,001,022 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job
[2012.09.28 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job
[2012.09.29 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job
[2012.09.29 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job
[2012.09.29 21:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job
[2012.09.28 18:25:58 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2012.09.29 16:49:08 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2012.09.29 21:20:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.08.04 14:06:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.08.04 14:06:22 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.08.04 14:06:22 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.09.27 10:24:07 | 000,079,118 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2012.09.27 10:24:08 | 000,068,480 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2012.09.27 10:24:07 | 000,430,114 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2012.09.27 10:24:08 | 000,433,524 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2012.09.27 10:16:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"CursorFX" = "C:\Program Files\Stardock\CursorFX\CursorFX.exe" -- [2008.07.07 17:46:45 | 000,416,768 | ---- | M] (Stardock Corporation)
"Google Update" = "C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.10.23 14:52:24 | 000,136,176 | ---- | M] (Google Inc.)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.29 20:34:38 | 000,000,512 | ---- | M] () MD5=3225A118DFAC7A2F0603E0548DA580E6 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.09.11 17:58:27 | 046,832,595 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\hry\Minecraft-1.3.2-cracked.exe
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Nabídka Start\Programy\Minecraft Cracked\Start Minecraft Cracked.lnk
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Nabídka Start\Programy\Minecraft Cracked\Uninstall Minecraft Cracked.lnk
[2012.09.11 17:50:56 | 000,000,975 | ---- | M] () -- \Documents and Settings\Michaela\Plocha\Start Minecraft Cracked.lnk
[2012.05.05 15:38:42 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2009.08.11 10:33:12 | 000,018,150 | ---- | M] () -- \Program Files\Samsung Casual Games\Go-Go Gourmet\Sound\firecracks.ogg
< *keygen* /s >
< *loader* /s >
[2010.01.21 15:05:00 | 000,000,232 | R--- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.08.28 12:29:14 | 000,013,317 | ---- | M] () -- \Documents and Settings\Kateřina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\13_0\images\1024\page\loader-logo.png
[2012.09.27 12:55:43 | 000,001,440 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc\0.9.0.0_0\lib\sf\loader.js
[2012.09.27 12:54:23 | 000,005,379 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.4_0\api-utils\lib\content\loader.js
[2012.09.27 12:54:26 | 000,004,163 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dnedfaenfnkikficknkklbdedlecmpgc\1.0.4_0\api-utils\lib\windows\loader.js
[2012.09.27 12:54:54 | 000,010,819 | ---- | M] () -- \Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak\1.0.12_0\images\ajax-loader.gif
[2012.05.04 23:42:40 | 000,043,889 | ---- | M] () -- \Program Files\GIMP 2\lib\gdk-pixbuf-2.0\2.10.0\loaders\libpixbufloader-svg.dll
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2011.06.24 22:56:21 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.24 22:56:22 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.24 22:56:21 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.26 19:28:55 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.08.02 22:22:00 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.24 22:57:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.24 22:57:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011.08.26 18:32:50 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011.08.26 20:37:01 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011.09.03 20:31:22 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\warsheep\preloader02.swf
[2011.08.26 18:14:47 | 000,003,830 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\zoopaloola\preloader02.swf
[2010.12.09 14:10:30 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.08.11 10:33:56 | 000,004,960 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\LoaderBar.gif
[2009.08.11 10:33:56 | 000,001,064 | ---- | M] () -- \Program Files\Samsung Casual Games\Zuma Deluxe\images\_LoaderBar.gif
[2006.12.27 15:45:42 | 000,466,944 | ---- | M] () -- \Program Files\Samsung\Easy Display Manager\DMLoader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010.08.04 12:57:29 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \WINDOWS\I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \WINDOWS\I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \WINDOWS\I386\OSLOADER.NT_
[2012.09.29 20:19:42 | 000,026,046 | ---- | M] () -- \WINDOWS\Prefetch\DMLOADER.EXE-126D6CC1.pf
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2012.02.02 15:15:04 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2012.02.21 15:46:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:0EC24B70403293D3
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728
@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2
@Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9
< End of report >
Používám :
-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
2 log
OTL Extras logfile created on: 29.9.2012 20:26:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,46% Memory free
3,33 Gb Paging File | 2,53 Gb Available in Paging File | 76,11% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,43 Gb Free Space | 64,79% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Disabled:Facebook Video Calling -- (Skype Limited)
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE -- (Lexmark International, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AA278D-E0B9-4F99-ACCC-070978A38453}" = Easy Resolution Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBEBAAF-A363-458D-8D26-9F61AC98ACC3}" = SRS WOW XT and TSXT
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 pro Windows
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51BED-E7D3-11DB-A386-005056C00008}" = WebCam SCB-0340N
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111212843}" = Diner Dash 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113143653}" = Dream Chronicles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C8BFF2-0044-4500-8BB5-BEB0D2335885}" = REALTEK PCIE Wireless LAN Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C4582EED-A3FB-4358-8F3F-8C994460DF28}" = EasyFileShare
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F9557866-B4C8-4CE5-8508-0E386BDC20B2}" = Easy Network Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2
"AutocompletePro3_is1" = AutocompletePro
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"CPUMon_is1" = CPUMon
"CursorFX" = CursorFX
"Đ»đ¸ßÇĺµçÓ°_is1" = BlazeTV 1.0.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"Elantech" = ETDWare PS/2-x86 7.0.7.0_WHQL
"ESET Online Scanner" = ESET Online Scanner v3
"Game Booster_is1" = Game Booster
"GIMP-2_is1" = GIMP 2.8.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NOF" = Norton Online
"Nokia PC Suite" = Nokia PC Suite
"NSM" = Norton Safety Minder
"O2CZ" = O2
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter (remove only)
"Síťový adaptér Broadcom 802.11" = Síťový adaptér Broadcom 802.11
"SpeedFan" = SpeedFan (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"Vit Registry Fix" = Vit Registry Fix 9.5 (remove only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"RewardsArcadeSuite" = RewardsArcadeSuite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.9.2012 4:21:56 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:21:58 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:00 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:02 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:04 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:05 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:59:44 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.9.2012 2:04:14 | Computer Name = POKOJIK | Source = Google Update | ID = 20
Description =
Error - 29.9.2012 7:25:37 | Computer Name = POKOJIK | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 11.2.0.9, chybující modul trayicon.dll,
verze 2.3.0.26, adresa chyby 0x00099a58.
Error - 29.9.2012 11:25:59 | Computer Name = POKOJIK | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 11.2.0.9, chybující modul trayicon.dll,
verze 2.3.0.26, adresa chyby 0x00099a58.
[ OSession Events ]
Error - 27.3.2011 6:14:24 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 3.5.2012 10:17:40 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.9.2012 6:40:35 | Computer Name = POKOJIK | Source = DCOM | ID = 10010
Description = Server {C2BFE331-6739-4270-86C9-493D9A04CD38} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 29.9.2012 6:42:55 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 7:20:14 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7031
Description = Služba Norton Online byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 29.9.2012 11:22:55 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7031
Description = Služba Norton Online byla nečekaně ukončena. Stalo se to 2 krát. Následující
opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 29.9.2012 11:27:38 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 12:35:23 | Computer Name = POKOJIK | Source = DCOM | ID = 10010
Description = Server {C2BFE331-6739-4270-86C9-493D9A04CD38} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 29.9.2012 12:39:50 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 12:48:03 | Computer Name = POKOJIK | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.137.673.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852
Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.8800.0 Kód
chyby: 0x8024402f Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.
Error - 29.9.2012 13:40:08 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 14:52:15 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
< End of report >
OTL Extras logfile created on: 29.9.2012 20:26:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Petr\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 56,46% Memory free
3,33 Gb Paging File | 2,53 Gb Available in Paging File | 76,11% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,06 Gb Total Space | 32,43 Gb Free Space | 64,79% Space Free | Partition Type: NTFS
Drive D: | 88,99 Gb Total Space | 57,62 Gb Free Space | 64,75% Space Free | Partition Type: NTFS
Computer Name: POKOJIK | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Petr\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Michaela\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Disabled:Facebook Video Calling -- (Skype Limited)
"C:\WINDOWS\system32\LEXPPS.EXE" = C:\WINDOWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EXE -- (Lexmark International, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{0F842B77-56EA-4AAF-8295-81A022350B5E}" = Microsoft Security Client
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AA278D-E0B9-4F99-ACCC-070978A38453}" = Easy Resolution Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBEBAAF-A363-458D-8D26-9F61AC98ACC3}" = SRS WOW XT and TSXT
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 pro Windows
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Samsung Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71A51BED-E7D3-11DB-A386-005056C00008}" = WebCam SCB-0340N
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111212843}" = Diner Dash 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113143653}" = Dream Chronicles
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}" = Cooking Dash
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E106A57-A17E-431D-B48F-175E42EB9F74}" = imagine digital freedom - Samsung
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}" = ChargeableUSB
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C8BFF2-0044-4500-8BB5-BEB0D2335885}" = REALTEK PCIE Wireless LAN Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1080852-065E-4991-9260-F3756E3CC182}" = CursorFX
"{C4582EED-A3FB-4358-8F3F-8C994460DF28}" = EasyFileShare
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{F4F41D14-E0DD-4FB4-AA09-A14225C769BD}" = Atheros WLAN Client
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F9557866-B4C8-4CE5-8508-0E386BDC20B2}" = Easy Network Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Magical Defrag 2_is1" = Ashampoo Magical Defrag 2
"AutocompletePro3_is1" = AutocompletePro
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"CCleaner" = CCleaner
"CPUMon_is1" = CPUMon
"CursorFX" = CursorFX
"Đ»đ¸ßÇĺµçÓ°_is1" = BlazeTV 1.0.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.8)
"Elantech" = ETDWare PS/2-x86 7.0.7.0_WHQL
"ESET Online Scanner" = ESET Online Scanner v3
"Game Booster_is1" = Game Booster
"GIMP-2_is1" = GIMP 2.8.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Lexmark X1100 Series" = Lexmark X1100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NOF" = Norton Online
"Nokia PC Suite" = Nokia PC Suite
"NSM" = Norton Safety Minder
"O2CZ" = O2
"Picasa 3" = Picasa 3
"Rainmeter" = Rainmeter (remove only)
"Síťový adaptér Broadcom 802.11" = Síťový adaptér Broadcom 802.11
"SpeedFan" = SpeedFan (remove only)
"The KMPlayer" = The KMPlayer (remove only)
"Vit Registry Fix" = Vit Registry Fix 9.5 (remove only)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.9.1
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"RewardsArcadeSuite" = RewardsArcadeSuite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.9.2012 4:21:56 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:21:58 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:00 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:02 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:04 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:22:05 | Computer Name = POKOJIK | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 27.9.2012 4:59:44 | Computer Name = POKOJIK | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 28.9.2012 2:04:14 | Computer Name = POKOJIK | Source = Google Update | ID = 20
Description =
Error - 29.9.2012 7:25:37 | Computer Name = POKOJIK | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 11.2.0.9, chybující modul trayicon.dll,
verze 2.3.0.26, adresa chyby 0x00099a58.
Error - 29.9.2012 11:25:59 | Computer Name = POKOJIK | Source = Application Error | ID = 1000
Description = Chybující aplikace ccsvchst.exe, verze 11.2.0.9, chybující modul trayicon.dll,
verze 2.3.0.26, adresa chyby 0x00099a58.
[ OSession Events ]
Error - 27.3.2011 6:14:24 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 3.5.2012 10:17:40 | Computer Name = POKOJIK | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 29.9.2012 6:40:35 | Computer Name = POKOJIK | Source = DCOM | ID = 10010
Description = Server {C2BFE331-6739-4270-86C9-493D9A04CD38} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 29.9.2012 6:42:55 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 7:20:14 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7031
Description = Služba Norton Online byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 29.9.2012 11:22:55 | Computer Name = POKOJIK | Source = Service Control Manager | ID = 7031
Description = Služba Norton Online byla nečekaně ukončena. Stalo se to 2 krát. Následující
opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 29.9.2012 11:27:38 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 12:35:23 | Computer Name = POKOJIK | Source = DCOM | ID = 10010
Description = Server {C2BFE331-6739-4270-86C9-493D9A04CD38} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 29.9.2012 12:39:50 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 12:48:03 | Computer Name = POKOJIK | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.137.673.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852
Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.8800.0 Kód
chyby: 0x8024402f Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.
Error - 29.9.2012 13:40:08 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
Error - 29.9.2012 14:52:15 | Computer Name = POKOJIK | Source = MRxSmb | ID = 8003
Description = Hlavní prohledávač přijal oznámení serveru od počítače PETERS56, který
se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{C799312B-DF94-4FF4-.
Hlavní
prohledávač bude ukončen nebo bude vyvolána volba.
< End of report >
Používám :
Re: Preventivka ntb dětí
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2010.06.21 17:47:04 | 000,246,584 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer) DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | Disabled | Stopped] -- C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys -- (ALSysIO) IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60347 IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm IE - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLS_cs O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. O3 - HKU\S-1-5-21-3325764246-1398598611-381740816-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) [2012.02.02 12:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit [2011.01.10 08:55:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E} [2012.04.24 10:21:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Petr\Data aplikací\IObit [2012.09.23 12:28:47 | 000,000,478 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job [2012.09.23 12:28:48 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2012.09.27 12:07:20 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Defraggler Volume C Task.job [2012.09.27 12:06:58 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job [2012.09.27 12:06:59 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job [2012.09.27 12:07:00 | 000,001,036 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job [2012.09.27 12:07:02 | 000,001,058 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job [2012.09.29 20:19:10 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2012.09.29 21:22:01 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2012.09.29 11:15:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job [2012.09.29 21:15:05 | 000,001,022 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job [2012.09.28 21:40:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job [2012.09.29 20:40:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job [2012.09.29 15:21:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job [2012.09.29 21:21:00 | 000,001,038 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job [2012.09.29 21:20:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job @Alternate Data Stream - 24 bytes -> C:\WINDOWS:0EC24B70403293D3 @Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8 @Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728 @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2 @Alternate Data Stream - 139 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57 @Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3 @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9 :services gupdate gupdatem :reg [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=- "Google Update"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] :files C:\Program Files\ICQ6Toolbar %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Peters56
- Vzorný návštěvník
- Příspěvky: 254
- Registrován: 28 pro 2009 19:08
- Bydliště: Litvínov
- Kontaktovat uživatele:
Re: Preventivka ntb dětí
Log
All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Service Lavasoft Kernexplorer stopped successfully!
Service Lavasoft Kernexplorer deleted successfully!
File C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys not found.
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
File C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1}\ deleted successfully.
C:\Program Files\Seznam.cz\toolbar\toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E} folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Game Booster folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Startup Manager folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Smart RAM folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit folder moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\Tasks\Defraggler Volume C Task.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job moved successfully.
ADS C:\WINDOWS:0EC24B70403293D3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9 deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
========== FILES ==========
C:\Program Files\ICQ6Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Kateřina
->Temp folder emptied: 834508 bytes
->Temporary Internet Files folder emptied: 8880239 bytes
->Java cache emptied: 4536040 bytes
->Google Chrome cache emptied: 344368432 bytes
->Flash cache emptied: 539 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Michaela
->Temp folder emptied: 648154 bytes
->Temporary Internet Files folder emptied: 11617765 bytes
->Java cache emptied: 620450 bytes
->Google Chrome cache emptied: 69234260 bytes
->Flash cache emptied: 773 bytes
User: NetworkService
->Temp folder emptied: 1408150 bytes
->Temporary Internet Files folder emptied: 948903 bytes
->Flash cache emptied: 562 bytes
User: Petr
->Temp folder emptied: 29775381 bytes
->Temporary Internet Files folder emptied: 9125345 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 56008326 bytes
->Flash cache emptied: 1207 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2784507 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 227494766 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 314836 bytes
RecycleBin emptied: 391324 bytes
Total Files Cleaned = 733,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Kateřina
->Flash cache emptied: 0 bytes
User: LocalService
User: Michaela
->Flash cache emptied: 0 bytes
User: NetworkService
->Flash cache emptied: 0 bytes
User: Petr
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: Kateřina
->Java cache emptied: 0 bytes
User: LocalService
User: Michaela
->Java cache emptied: 0 bytes
User: NetworkService
User: Petr
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 09302012_215346
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Service Lavasoft Kernexplorer stopped successfully!
Service Lavasoft Kernexplorer deleted successfully!
File C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys not found.
Service ALSysIO stopped successfully!
Service ALSysIO deleted successfully!
File C:\DOCUME~1\Petr\LOCALS~1\Temp\ALSysIO.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1}\ deleted successfully.
C:\Program Files\Seznam.cz\toolbar\toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-3325764246-1398598611-381740816-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\Documents and Settings\All Users\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{7D93B3B9-36B7-4383-9666-CFAD7F2AC87E} folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Game Booster folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Startup Manager folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Smart RAM folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Documents and Settings\Petr\Data aplikací\IObit folder moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Scan (petr).job moved successfully.
C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\Tasks\Defraggler Volume C Task.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1005UA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1006UA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3325764246-1398598611-381740816-1007UA.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{024CA3EC-CD20-4D32-A1E8-762905EDC154}.job moved successfully.
ADS C:\WINDOWS:0EC24B70403293D3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:B623B5B8 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:E36F5B57 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:D8A7F3FF deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:4CF61E54 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:478FEFC3 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:41099CE9 deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
========== FILES ==========
C:\Program Files\ICQ6Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Kateřina
->Temp folder emptied: 834508 bytes
->Temporary Internet Files folder emptied: 8880239 bytes
->Java cache emptied: 4536040 bytes
->Google Chrome cache emptied: 344368432 bytes
->Flash cache emptied: 539 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Michaela
->Temp folder emptied: 648154 bytes
->Temporary Internet Files folder emptied: 11617765 bytes
->Java cache emptied: 620450 bytes
->Google Chrome cache emptied: 69234260 bytes
->Flash cache emptied: 773 bytes
User: NetworkService
->Temp folder emptied: 1408150 bytes
->Temporary Internet Files folder emptied: 948903 bytes
->Flash cache emptied: 562 bytes
User: Petr
->Temp folder emptied: 29775381 bytes
->Temporary Internet Files folder emptied: 9125345 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 56008326 bytes
->Flash cache emptied: 1207 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2784507 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 227494766 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 314836 bytes
RecycleBin emptied: 391324 bytes
Total Files Cleaned = 733,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: Kateřina
->Flash cache emptied: 0 bytes
User: LocalService
User: Michaela
->Flash cache emptied: 0 bytes
User: NetworkService
->Flash cache emptied: 0 bytes
User: Petr
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: Kateřina
->Java cache emptied: 0 bytes
User: LocalService
User: Michaela
->Java cache emptied: 0 bytes
User: NetworkService
User: Petr
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 09302012_215346
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Používám :
Re: Preventivka ntb dětí
Tentokrat vse probehlo jak melo...jak se chova ntb?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?