OTL Extras logfile created on: 4.3.2013 20:00:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Zdeněk\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023.48 Mb Total Physical Memory | 513.68 Mb Available Physical Memory | 50.19% Memory free
1.28 Gb Paging File | 0.94 Gb Available in Paging File | 73.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 4.60 Gb Free Space | 23.55% Space Free | Partition Type: NTFS
Drive D: | 54.99 Gb Total Space | 6.93 Gb Free Space | 12.60% Space Free | Partition Type: NTFS
Computer Name: DOMA-PC | User Name: Zdeněk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"14131:TCP" = 14131:TCP:*:Enabled:BitComet 14131 TCP
"14131:UDP" = 14131:UDP:*:Enabled:BitComet 14131 UDP
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\HP\HP Software Update\HPWUCli.exe" = C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Disabled:HP Software Update Client -- (Hewlett-Packard)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = PowerStarter
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5421155F-B033-49DB-9B33-8F80F233D4D5}" = GdiplusUpgrade
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{631141AD-79AA-447F-B403-21C704D39B8C}" = UPC Fiber Power Optimizer
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DE39343-0C7E-4b3a-8BDC-A846B7A8CAFE}" = CameraDrivers
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78FD2974-C98B-4b84-9E9F-1AEE16AE0029}" = HP Fotoaparáty Photosmart 4.5
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A157DF9D-462F-4BF9-8C5E-3854BC9CC08F}" = HP Digital Photo Advisor
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2009.10.22
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BEB79508-7D67-4A2F-9FB3-54C2B68E9532}" = PC Connectivity Solution
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{D043E0F8-5EFA-4102-A863-08F39D9DF2F4}" = Nokia Software Updater
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy 1.0
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"3310 MA-Handset Manager" = 3310 MA-Handset Manager
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"AntiKeylog 1.00" = AntiKeylog 1.00
"avast" = avast! Free Antivirus
"CANONBJ_Deinstall_CNMCP50.DLL" = Canon i250
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.4
"Defraggler" = Defraggler
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"HP Photo & Imaging" = HP Image Zone 4.5
"Hunky Dorys Scrum-ptious Red team (standard).scr" = Hunky Dorys Scrum-ptious Blue
"Cheating-Death" = Cheating-Death 4.33.4
"icaroot" = Kořenové certifikáty I.CA
"InPorte Home" = InPorte Home
"KeePass Password Safe_is1" = KeePass Password Safe 1.18
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.9.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MozBackup_is1" = MozBackup 1.4.3
"Mozilla Firefox (3.0.5)" = Mozilla Firefox (3.0.5)
"Mozilla Firefox 19.0 (x86 cs)" = Mozilla Firefox 19.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PC Alert 4" = PC Alert 4
"Picasa 3" = Picasa 3
"Polda V_is1" = Polda V
"predatorAbsolute" = predatorAbsolute Screen Saver
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"Revo Uninstaller" = Revo Uninstaller 1.94
"SMS Posílač_is1" = SMS Posílač 2.9.85
"Unlocker" = Unlocker 1.8.7
"UPC Fiber Power Optimizer" = UPC Fiber Power Optimizer
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Application Detect
========== Last 20 Event Log Errors ==========
[ Antivirus Events ]
Error - 1.11.2009 14:49:33 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 1.11.2009 14:49:33 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 2.11.2009 14:12:29 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 2.11.2009 14:12:29 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 2.11.2009 14:12:30 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 2.11.2009 14:12:30 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 1.1.2010 16:43:40 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 1.1.2010 16:43:40 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 1.1.2010 16:43:40 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
Error - 1.1.2010 16:43:40 | Computer Name = DOMA-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 27.3.2012 7:23:28 | Computer Name = DOMA-PC | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 28.5.2012 18:02:59 | Computer Name = DOMA-PC | Source = ESENT | ID = 489
Description = wuauclt (3024) Pokus o otevření souboru C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log
jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá
přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru
se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 28.5.2012 18:03:00 | Computer Name = DOMA-PC | Source = ESENT | ID = 455
Description = wuaueng.dll (3024) SUS20ClientDataStore: Při otevírání souboru protokolu
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log došlo k chybě -1032 (0xfffffbf8).
Error - 28.5.2012 18:03:10 | Computer Name = DOMA-PC | Source = ESENT | ID = 489
Description = wuauclt (3024) Pokus o otevření souboru C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log
jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá
přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru
se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error - 28.5.2012 18:03:10 | Computer Name = DOMA-PC | Source = ESENT | ID = 455
Description = wuaueng.dll (3024) SUS20ClientDataStore: Při otevírání souboru protokolu
C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log došlo k chybě -1032 (0xfffffbf8).
Error - 29.10.2012 14:06:00 | Computer Name = DOMA-PC | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 21.12.2012 5:45:44 | Computer Name = DOMA-PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error - 21.12.2012 5:45:44 | Computer Name = DOMA-PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error - 21.12.2012 5:45:46 | Computer Name = DOMA-PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
Error - 21.12.2012 5:45:46 | Computer Name = DOMA-PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
[ System Events ]
Error - 3.3.2013 13:10:29 | Computer Name = DOMA-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.21 pro síťovou kartu s adresou 000C7657553F
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 13:22:43 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 3.3.2013 13:22:43 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 3.3.2013 13:22:43 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 3.3.2013 13:22:43 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 3.3.2013 13:23:56 | Computer Name = DOMA-PC | Source = PlugPlayManager | ID = 11
Description = Zařízení Root\LEGACY_ASFWHIDE\0000 se již v systému nenachází, přestože
nebylo nejdříve připraveno k odebrání.
Error - 3.3.2013 17:20:14 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 3.3.2013 17:20:14 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 3.3.2013 17:20:15 | Computer Name = DOMA-PC | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Utilities Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 4.3.2013 12:59:05 | Computer Name = DOMA-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.20 pro síťovou kartu s adresou 000C7657553F
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomalý start PC, pomalé otevírání dokumentů a www stránek
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Ten prvni log neni log. Je to jen zkopirovane to, co jsem napsal ja. Bud sem zkopirujte spravnylog, nebo, pokud se nevytvoril, zkuste to spustit znovu v nouzovem rezimu
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Omlouvám se blbě jsem to zkopíroval.
OTL logfile created on: 4.3.2013 20:00:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Zdeněk\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023.48 Mb Total Physical Memory | 513.68 Mb Available Physical Memory | 50.19% Memory free
1.28 Gb Paging File | 0.94 Gb Available in Paging File | 73.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 4.60 Gb Free Space | 23.55% Space Free | Partition Type: NTFS
Drive D: | 54.99 Gb Total Space | 6.93 Gb Free Space | 12.60% Space Free | Partition Type: NTFS
Computer Name: DOMA-PC | User Name: Zdeněk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.04 19:58:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdeněk\Plocha\OTL.exe
PRC - [2013.02.19 18:50:18 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.04 09:53:43 | 002,063,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\13030400\algo.dll
MOD - [2013.02.19 18:50:16 | 003,067,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013.02.19 18:50:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a4cnx6fe)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.29 17:48:54 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.05.23 03:44:04 | 001,171,648 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.05.14 11:44:06 | 000,740,044 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.google.com
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.02.09 12:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.19 18:50:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.21 14:24:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: F:\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: F:\Mozilla Firefox\plugins
[2008.12.30 20:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Extensions
[2011.01.09 18:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] ("Azerty III") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
[2007.10.19 18:09:48 | 000,000,000 | ---D | M] ("Forecastfox") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] ("Mostly Crystal") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{0cdfdd5e-eea6-45ff-b035-81243cf02efb}
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] (Silver Skin) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001}(2)
[2006.10.01 19:14:43 | 000,000,000 | ---D | M] ("Adblock") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{34274bf4-1d97-a289-e984-17e546307e4f}(2)
[2007.12.11 22:03:42 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2007.12.11 22:03:42 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] ("Noia 2.0 (eXtreme)") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2007.10.19 18:09:48 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2006.10.01 19:14:47 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}(2)
[2007.10.19 18:09:48 | 000,000,000 | ---D | M] ("Adblock Plus") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2007.10.23 18:00:15 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2009.09.17 20:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}\defaults\preferences\extensions
[2013.02.26 18:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions
[2008.12.27 10:12:44 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2)
[2008.12.27 10:12:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2007.03.22 21:27:29 | 000,831,915 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{0cdfdd5e-eea6-45ff-b035-81243cf02efb}\chrome\tmp.xpi
[2007.01.17 19:15:00 | 000,909,206 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}\chrome\tmp.xpi
[2013.02.26 18:24:24 | 000,348,178 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2011.04.17 09:30:40 | 000,003,145 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi
[2011.07.19 15:24:40 | 000,097,169 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2013.02.17 11:30:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2007.12.13 19:51:39 | 000,001,928 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\live-search.xml
[2006.10.31 18:42:55 | 000,001,349 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\seznam-encyklopedie.xml
[2013.02.19 18:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{0538E3E3-7E9B-4D49-8831-A227C80A7AD3}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A66}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2013.02.19 18:50:18 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013.02.19 18:50:12 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 18:50:12 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.21 09:25:12 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.01.03 22:54:49 | 000,002,061 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qipsearch.xml
[2013.02.19 18:50:12 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 18:50:12 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.19 18:50:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2013.03.03 21:23:54 | 000,000,019 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O15 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..Trusted Domains: ([]msn in Tento počítač)
O15 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..Trusted Domains: mfcr.cz ([]* in Důvěryhodné servery)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D34284B-BE4F-4762-9B77-91F7A379F932}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.03.04 19:57:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zdeněk\Plocha\OTL.exe
[2013.03.04 19:49:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zdeněk\Recent
[2013.03.03 22:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2013.03.03 22:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.03.02 14:51:44 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.02 14:51:44 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.02 14:51:26 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.02 14:51:26 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.02 14:51:26 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.02.19 18:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.17 22:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdeněk\Nabídka Start\Programy\Revo Uninstaller
========== Files - Modified Within 30 Days ==========
[2013.03.04 20:03:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.04 19:58:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdeněk\Plocha\OTL.exe
[2013.03.04 19:52:33 | 000,004,452 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.03.04 19:52:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.03 22:15:34 | 000,606,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.03.03 21:23:54 | 000,000,019 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013.03.03 17:00:01 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2013.03.03 16:47:22 | 000,011,891 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Plocha\xxx.odt
[2013.03.02 14:54:51 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.02 14:54:51 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.02 14:51:05 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.03.02 14:51:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.02 14:51:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.02 14:51:00 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.02 14:50:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.02 14:50:58 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.03.02 14:50:58 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.03.01 18:50:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.02.28 20:16:39 | 000,008,868 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Plocha\peníze převody účtů.ods
[2013.02.09 12:12:53 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.02.09 12:12:53 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
========== Files Created - No Company Name ==========
[2013.03.04 20:03:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.03 16:47:20 | 000,011,891 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Plocha\xxx.odt
[2013.02.28 20:06:57 | 000,008,868 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Plocha\peníze převody účtů.ods
[2012.03.06 20:58:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2008.05.23 20:50:12 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Data aplikací\NMM-MetaData.db
[2007.05.24 16:51:39 | 000,036,937 | ---- | C] () -- C:\Program Files\czk.lng
[2006.12.22 21:53:15 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2005.06.10 16:51:48 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\fusioncache.dat
[2004.07.28 18:13:18 | 000,208,896 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2007.12.17 18:25:25 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2012.12.27 11:31:50 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.07.12 17:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.02.26 11:08:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.04.17 10:30:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2011.04.17 08:47:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2013.03.02 17:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.03.13 16:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.03.08 19:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2007.03.25 16:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.02.26 16:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.02.26 16:36:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.11.23 19:14:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3155EF3F-3778-4C4C-B0F3-3E48423B8965}
[2009.06.07 11:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQ
[2009.06.07 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQ Toolbar
[2009.06.07 11:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQLite
[2009.06.07 11:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\KeePass
[2009.06.07 11:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\Leadertech
[2009.06.07 11:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\LimeWire
[2009.06.07 11:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\Nokia
[2009.06.07 11:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\Nokia Multimedia Player
[2009.06.07 11:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\OpenOffice.org
[2009.06.07 11:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\PC Suite
[2009.06.07 11:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\TuneUp Software
[2004.07.28 11:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG7
[2011.04.17 08:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Canon
[2008.03.14 20:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar
[2005.04.12 15:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQLite
[2011.01.25 00:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\iScreensaver
[2009.02.08 18:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\KeePass
[2004.07.31 16:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Leadertech
[2009.03.04 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\LimeWire
[2008.05.23 20:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Nokia
[2008.12.02 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\OpenOffice.org
[2012.06.20 20:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Oracle
[2008.05.22 20:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\PC Suite
[2011.02.26 16:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\TuneUp Software
[2009.10.28 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\VSRevoGroup
========== Purity Check ==========
========== Custom Scans ==========
< >
[2004.07.28 10:13:35 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.08.13 17:26:33 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
< >
< MD5 for: AGP440.SYS >
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 23:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.02.08 02:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.04 06:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 23:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\explorer.exe
[2004.08.17 23:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 06:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\changer.sys
[2004.08.04 07:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.09.13 14:43:58 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.09.20 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 23:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 23:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\cache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 07:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.04 07:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 23:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 23:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 23:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
< MD5 for: TCPIP.SYS >
[2005.03.14 01:55:08 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=0E66B538096A6529D1AC66E78EB0D5C8 -- C:\WINDOWS\$hf_mig$\KB893066\SP2GDR\tcpip.sys
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2002.08.29 01:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtUninstallKB893066_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2006.01.13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 07:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 23:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 23:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 23:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.17 23:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 23:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.17 23:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\cache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.09.28 14:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Adobe
[2005.08.31 15:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\AdobeUM
[2006.12.22 21:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Apple Computer
[2011.04.17 08:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Canon
[2005.02.01 20:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\CyberLink
[2008.09.25 14:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\DivX
[2010.11.12 18:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Help
[2008.03.14 20:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar
[2005.04.12 15:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQLite
[2005.04.11 17:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Identities
[2011.01.25 00:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\iScreensaver
[2009.02.08 18:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\KeePass
[2008.07.20 16:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Lavasoft
[2004.07.31 16:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Leadertech
[2009.03.04 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\LimeWire
[2009.10.07 19:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Macromedia
[2008.12.28 18:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Malwarebytes
[2012.11.01 18:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Media Player Classic
[2011.09.28 14:22:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Microsoft
[2006.03.26 18:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Microsoft(3)
[2009.04.23 18:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla
[2006.03.18 13:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\MSN6
[2008.05.23 20:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Nokia
[2008.12.02 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\OpenOffice.org
[2012.06.20 20:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Oracle
[2008.05.22 20:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\PC Suite
[2012.12.21 10:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Skype
[2012.10.03 20:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\skypePM
[2005.04.30 17:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Sun
[2005.09.03 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Talkback
[2011.02.26 16:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\TuneUp Software
[2009.10.28 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\VSRevoGroup
[2013.01.08 19:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Winamp
< %APPDATA%\*.exe /s >
[2007.10.20 16:37:09 | 003,380,048 | ---- | M] (Lime Wire LLC) -- C:\Documents and Settings\Zdeněk\Data aplikací\LimeWire\.NetworkShare\LimeWireWin4.14.10.exe
[2012.03.21 21:21:07 | 000,158,000 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\FlashGot.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.29 17:48:54 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2004.07.28 11:46:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004.07.28 11:46:21 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004.07.28 11:46:21 | 000,397,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.03.02 14:50:58 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\deployJava1.dll
[2013.03.02 14:54:51 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2013.03.02 14:54:51 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2013.03.03 22:15:34 | 000,606,896 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.03.02 14:50:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\java.exe
[2013.03.02 14:51:00 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javacpl.cpl
[2013.03.02 14:51:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaw.exe
[2013.03.02 14:51:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaws.exe
[2013.03.02 14:50:58 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\npDeployJava1.dll
[2013.03.04 19:52:33 | 000,004,452 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.03.02 14:51:05 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\WindowsAccessBridge.dll
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.04 20:03:52 | 000,000,512 | ---- | M] () MD5=215DECB69641171FA7C53AE0A20D5D08 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2005.12.03 12:56:44 | 000,067,756 | ---- | M] () -- \Program Files\Valve\cstrike\sound\misc\cracker1.wav
< *keygen* /s >
[2006.06.03 21:48:00 | 000,128,512 | ---- | M] () -- \Program Files\Eidos Interactive\Hitman 2 Silent Assassin\keygen.exe
< *loader* /s >
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2010.02.12 14:17:06 | 000,331,776 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2010.02.04 13:23:54 | 000,131,072 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.01.21 14:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2010.06.07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.01.09 19:14:55 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 21:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.01.09 19:15:12 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2003.09.15 13:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.15 12:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.15 12:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 12:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2004.08.17 23:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.04 06:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.04 06:59:37 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.ntd
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2013.02.18 06:28:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\system32\DirectX\DX1F.tmp\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013.02.21 17:47:45 | 000,000,104 | ---- | M] () -- \Documents and Settings\Zdeněk\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp
[2012.03.29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.12.21 10:36:05 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2004.08.17 23:43:54 | 000,028,416 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\grserial.sys
[2004.08.17 23:44:15 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2005.06.10 16:39:51 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.12.01 16:07:15 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.04.14 06:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.07.20 02:54:18 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\serial.sys
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
< End of report >
OTL logfile created on: 4.3.2013 20:00:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Zdeněk\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023.48 Mb Total Physical Memory | 513.68 Mb Available Physical Memory | 50.19% Memory free
1.28 Gb Paging File | 0.94 Gb Available in Paging File | 73.63% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 4.60 Gb Free Space | 23.55% Space Free | Partition Type: NTFS
Drive D: | 54.99 Gb Total Space | 6.93 Gb Free Space | 12.60% Space Free | Partition Type: NTFS
Computer Name: DOMA-PC | User Name: Zdeněk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.03.04 19:58:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdeněk\Plocha\OTL.exe
PRC - [2013.02.19 18:50:18 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.04 09:53:43 | 002,063,872 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\13030400\algo.dll
MOD - [2013.02.19 18:50:16 | 003,067,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - [2013.02.19 18:50:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a4cnx6fe)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.29 17:48:54 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.05.23 03:44:04 | 001,171,648 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.05.14 11:44:06 | 000,740,044 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://www.google.com
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.02.09 12:12:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.19 18:50:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.02.21 14:24:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Components: F:\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.5\extensions\\Plugins: F:\Mozilla Firefox\plugins
[2008.12.30 20:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Extensions
[2011.01.09 18:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] ("Azerty III") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
[2007.10.19 18:09:48 | 000,000,000 | ---D | M] ("Forecastfox") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] ("Mostly Crystal") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{0cdfdd5e-eea6-45ff-b035-81243cf02efb}
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] (Silver Skin) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001}(2)
[2006.10.01 19:14:43 | 000,000,000 | ---D | M] ("Adblock") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{34274bf4-1d97-a289-e984-17e546307e4f}(2)
[2007.12.11 22:03:42 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2007.12.11 22:03:42 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2008.12.30 18:11:11 | 000,000,000 | ---D | M] ("Noia 2.0 (eXtreme)") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2007.10.19 18:09:48 | 000,000,000 | ---D | M] ("Fasterfox") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2006.10.01 19:14:47 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}(2)
[2007.10.19 18:09:48 | 000,000,000 | ---D | M] ("Adblock Plus") -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2007.10.23 18:00:15 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2009.09.17 20:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}\defaults\preferences\extensions
[2013.02.26 18:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions
[2008.12.27 10:12:44 | 000,000,000 | ---D | M] (Flashblock) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}(2)
[2008.12.27 10:12:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2007.03.22 21:27:29 | 000,831,915 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{0cdfdd5e-eea6-45ff-b035-81243cf02efb}\chrome\tmp.xpi
[2007.01.17 19:15:00 | 000,909,206 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}\chrome\tmp.xpi
[2013.02.26 18:24:24 | 000,348,178 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2011.04.17 09:30:40 | 000,003,145 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{338e0b96-2285-4424-b4c8-e25560750fa3}.xpi
[2011.07.19 15:24:40 | 000,097,169 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2013.02.17 11:30:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2007.12.13 19:51:39 | 000,001,928 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\live-search.xml
[2006.10.31 18:42:55 | 000,001,349 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\seznam-encyklopedie.xml
[2013.02.19 18:49:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{0538E3E3-7E9B-4D49-8831-A227C80A7AD3}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A66}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ZDENÄ›K\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3AWRE7IA.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[2013.02.19 18:50:18 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2013.02.19 18:50:12 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.19 18:50:12 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.21 09:25:12 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.01.03 22:54:49 | 000,002,061 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qipsearch.xml
[2013.02.19 18:50:12 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.19 18:50:12 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.19 18:50:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2013.03.03 21:23:54 | 000,000,019 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O15 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..Trusted Domains: ([]msn in Tento počítač)
O15 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..Trusted Domains: mfcr.cz ([]* in Důvěryhodné servery)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D34284B-BE4F-4762-9B77-91F7A379F932}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.LEAD - C:\WINDOWS\System32\LCodcCMP.dll (LEAD Technologies, Inc.)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.03.04 19:57:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Zdeněk\Plocha\OTL.exe
[2013.03.04 19:49:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Zdeněk\Recent
[2013.03.03 22:36:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2013.03.03 22:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.03.02 14:51:44 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.02 14:51:44 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.02 14:51:26 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.02 14:51:26 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.02 14:51:26 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.02.19 18:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.02.17 22:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Zdeněk\Nabídka Start\Programy\Revo Uninstaller
========== Files - Modified Within 30 Days ==========
[2013.03.04 20:03:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.04 19:58:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Zdeněk\Plocha\OTL.exe
[2013.03.04 19:52:33 | 000,004,452 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.03.04 19:52:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.03 22:15:34 | 000,606,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.03.03 21:23:54 | 000,000,019 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013.03.03 17:00:01 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2013.03.03 16:47:22 | 000,011,891 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Plocha\xxx.odt
[2013.03.02 14:54:51 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.02 14:54:51 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.02 14:51:05 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.03.02 14:51:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.02 14:51:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.02 14:51:00 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.02 14:50:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.02 14:50:58 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.03.02 14:50:58 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.03.01 18:50:57 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.02.28 20:16:39 | 000,008,868 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Plocha\peníze převody účtů.ods
[2013.02.09 12:12:53 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.02.09 12:12:53 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
========== Files Created - No Company Name ==========
[2013.03.04 20:03:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.03 16:47:20 | 000,011,891 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Plocha\xxx.odt
[2013.02.28 20:06:57 | 000,008,868 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Plocha\peníze převody účtů.ods
[2012.03.06 20:58:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2008.05.23 20:50:12 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Data aplikací\NMM-MetaData.db
[2007.05.24 16:51:39 | 000,036,937 | ---- | C] () -- C:\Program Files\czk.lng
[2006.12.22 21:53:15 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2005.06.10 16:51:48 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\fusioncache.dat
[2004.07.28 18:13:18 | 000,208,896 | ---- | C] () -- C:\Documents and Settings\Zdeněk\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2007.12.17 18:25:25 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2012.12.27 11:31:50 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.07.12 17:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.02.26 11:08:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2011.04.17 10:30:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2011.04.17 08:47:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2013.03.02 17:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.03.13 16:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.03.08 19:00:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2007.03.25 16:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.02.26 16:40:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.02.26 16:36:34 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.11.23 19:14:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3155EF3F-3778-4C4C-B0F3-3E48423B8965}
[2009.06.07 11:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQ
[2009.06.07 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQ Toolbar
[2009.06.07 11:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQLite
[2009.06.07 11:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\KeePass
[2009.06.07 11:02:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\Leadertech
[2009.06.07 11:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\LimeWire
[2009.06.07 11:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\Nokia
[2009.06.07 11:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\Nokia Multimedia Player
[2009.06.07 11:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\OpenOffice.org
[2009.06.07 11:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\PC Suite
[2009.06.07 11:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\TuneUp Software
[2004.07.28 11:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG7
[2011.04.17 08:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Canon
[2008.03.14 20:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar
[2005.04.12 15:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQLite
[2011.01.25 00:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\iScreensaver
[2009.02.08 18:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\KeePass
[2004.07.31 16:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Leadertech
[2009.03.04 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\LimeWire
[2008.05.23 20:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Nokia
[2008.12.02 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\OpenOffice.org
[2012.06.20 20:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Oracle
[2008.05.22 20:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\PC Suite
[2011.02.26 16:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\TuneUp Software
[2009.10.28 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\VSRevoGroup
========== Purity Check ==========
========== Custom Scans ==========
< >
[2004.07.28 10:13:35 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.08.13 17:26:33 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
< >
< MD5 for: AGP440.SYS >
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.04 07:07:41 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 06:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 23:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.02.08 02:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.04 06:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 23:49:03 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 23:49:06 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\explorer.exe
[2004.08.17 23:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\cache\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.04 06:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2005.04.18 20:28:24 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\changer.sys
[2004.08.04 07:00:12 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=DAF1A8193B6CAF0FB858CADCC5C4AF4A -- C:\WINDOWS\$NtServicePackUninstall$\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.09.13 14:43:58 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.09.20 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 23:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2004.08.17 23:49:23 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\cache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 07:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.04 07:14:28 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\cache\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 23:49:13 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 23:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 23:49:27 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 23:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 23:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\cache\svchost.exe
< MD5 for: TCPIP.SYS >
[2005.03.14 01:55:08 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=0E66B538096A6529D1AC66E78EB0D5C8 -- C:\WINDOWS\$hf_mig$\KB893066\SP2GDR\tcpip.sys
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2002.08.29 01:58:12 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtUninstallKB893066_0$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\cache\tcpip.sys
[2006.01.13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[2006.01.13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2005.05.25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2005.05.25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 07:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 23:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.17 23:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\cache\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 23:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.17 23:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\cache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 23:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2004.08.17 23:49:20 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\cache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.09.28 14:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Adobe
[2005.08.31 15:57:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\AdobeUM
[2006.12.22 21:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Apple Computer
[2011.04.17 08:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Canon
[2005.02.01 20:51:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\CyberLink
[2008.09.25 14:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\DivX
[2010.11.12 18:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Help
[2008.03.14 20:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar
[2005.04.12 15:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQLite
[2005.04.11 17:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Identities
[2011.01.25 00:27:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\iScreensaver
[2009.02.08 18:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\KeePass
[2008.07.20 16:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Lavasoft
[2004.07.31 16:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Leadertech
[2009.03.04 18:05:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\LimeWire
[2009.10.07 19:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Macromedia
[2008.12.28 18:16:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Malwarebytes
[2012.11.01 18:01:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Media Player Classic
[2011.09.28 14:22:28 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Microsoft
[2006.03.26 18:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Microsoft(3)
[2009.04.23 18:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla
[2006.03.18 13:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\MSN6
[2008.05.23 20:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Nokia
[2008.12.02 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\OpenOffice.org
[2012.06.20 20:58:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Oracle
[2008.05.22 20:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\PC Suite
[2012.12.21 10:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Skype
[2012.10.03 20:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\skypePM
[2005.04.30 17:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Sun
[2005.09.03 14:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Talkback
[2011.02.26 16:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\TuneUp Software
[2009.10.28 18:51:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\VSRevoGroup
[2013.01.08 19:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\Winamp
< %APPDATA%\*.exe /s >
[2007.10.20 16:37:09 | 003,380,048 | ---- | M] (Lime Wire LLC) -- C:\Documents and Settings\Zdeněk\Data aplikací\LimeWire\.NetworkShare\LimeWireWin4.14.10.exe
[2012.03.21 21:21:07 | 000,158,000 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\s5yskbg2.Zdenda\FlashGot.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.11.29 17:48:54 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2004.07.28 11:46:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2004.07.28 11:46:21 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2004.07.28 11:46:21 | 000,397,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.03.02 14:50:58 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\deployJava1.dll
[2013.03.02 14:54:51 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2013.03.02 14:54:51 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2013.03.03 22:15:34 | 000,606,896 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.03.02 14:50:59 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\java.exe
[2013.03.02 14:51:00 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javacpl.cpl
[2013.03.02 14:51:00 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaw.exe
[2013.03.02 14:51:00 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaws.exe
[2013.03.02 14:50:58 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\npDeployJava1.dll
[2013.03.04 19:52:33 | 000,004,452 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.03.02 14:51:05 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\WindowsAccessBridge.dll
< %SYSTEMDRIVE%\*.exe >
[2001.05.24 12:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.04 20:03:52 | 000,000,512 | ---- | M] () MD5=215DECB69641171FA7C53AE0A20D5D08 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2005.12.03 12:56:44 | 000,067,756 | ---- | M] () -- \Program Files\Valve\cstrike\sound\misc\cracker1.wav
< *keygen* /s >
[2006.06.03 21:48:00 | 000,128,512 | ---- | M] () -- \Program Files\Eidos Interactive\Hitman 2 Silent Assassin\keygen.exe
< *loader* /s >
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2010.02.12 14:17:06 | 000,331,776 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2010.02.04 13:23:54 | 000,131,072 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.01.21 14:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2010.06.07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.01.09 19:14:55 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 21:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.01.09 19:15:12 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2003.09.15 13:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.15 12:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.15 12:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 12:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2004.08.17 23:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.04 06:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.04 06:59:37 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\osloader.ntd
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2013.02.18 06:28:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\system32\DirectX\DX1F.tmp\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2013.02.21 17:47:45 | 000,000,104 | ---- | M] () -- \Documents and Settings\Zdeněk\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp
[2012.03.29 06:01:00 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.12.21 10:36:05 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2004.08.17 23:43:54 | 000,028,416 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\grserial.sys
[2004.08.17 23:44:15 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2005.06.10 16:39:51 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.12.01 16:07:15 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.04.14 06:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.07.20 02:54:18 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\serial.sys
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
< End of report >
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTLDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
[2007.12.13 19:51:39 | 000,001,928 | ---- | M] () -- C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\live-search.xml
[2009.01.03 22:54:49 | 000,002,061 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\qipsearch.xml
O15 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..Trusted Domains: ([]msn in Tento počítač)
O15 - HKU\S-1-5-21-448539723-602162358-1801674531-1003\..Trusted Domains: mfcr.cz ([]* in Důvěryhodné servery)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
[2009.06.07 11:00:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\INTERNET\Data aplikací\ICQ Toolbar
[2004.07.28 11:05:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG7
[2008.03.14 20:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: INTERNET
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Zdeněk
->Temp folder emptied: 831350 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36531102 bytes
->Flash cache emptied: 492 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 339991 bytes
Total Files Cleaned = 36.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: INTERNET
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Zdeněk
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Prefs.js: true removed from browser.search.useDBForOrder
C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\live-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mfcr.cz\ deleted successfully.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Documents and Settings\INTERNET\Data aplikací\ICQ Toolbar folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG7 folder moved successfully.
C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\system folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\sysbckup folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\inf folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\help folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\drivers folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\directx folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\amstream.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\bda.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\bdaplgin.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\BdaSup.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ccdecode.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ccdecode.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d8.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d8thk.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d8thk.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d9.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dim.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dim.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dim700.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dpmesh.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dpmesh.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dramp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dramp.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3drm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3drm.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dxof.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dxof.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ddraw.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ddrawex.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\devenum.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\diactfrm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\diactfrm.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\diactfrm.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoy.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoybrz.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoychs.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoycht.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoycze.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoydut.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyfrn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyger.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyitn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyjpn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoykor.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoypol.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyrus.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyspa.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyswe.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dimap.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dimap.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dimaps.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput8.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput8.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmband.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmcompos.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmime.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmloader.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmscript.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmstyle.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmsynth.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmusic.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmusic.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dplay.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dplaysvr.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dplayx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpmodemx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnaddr.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnet.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnhpast.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnhupnp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnlobby.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnsvr.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvacm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvoice.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvoice.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvsetup.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvvox.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpwsockx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsdmo.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsdmoprp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound.vxd deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound3d.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dswave.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx7vb.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx8vb.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx9bda.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx9bdaxp.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx9w2k.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxapi.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxapi.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxbda.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiabrz.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiachs.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiacht.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiacze.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiadut.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiafrn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiag.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiag.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiager.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiagn.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiaitn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiajpn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiakor.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiapol.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiarus.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiaspa.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiaswe.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdllreg.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdllreg.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxnetsrv.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxnetsrv.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxnt.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxntunp.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxver.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxxp.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxxp.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\encapi.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\gcdef.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\gcdef.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ipsink.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\joy.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\joy.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ks.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ks.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\kscaptur.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksfilter.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksolay.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksproxy.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksreg.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\kstvtune.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksuser.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\kswdmcap.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksxbar.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\l3codecx.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mciqtz32.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mpe.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mpe.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\Mpeg2Data.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mpg2splt.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\msdmo.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\msdv.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\MSDvbNP.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mskssrv.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mspclock.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mspqm.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mstee.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\MSVidCtl.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mswebdvd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\msyuv.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\nabtsfec.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\nabtsfec.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ndisip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ndisip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\pid.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\pid.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\psisdecd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\psisrndr.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qasf.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qcap.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qdv.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qdvd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qedit.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qedwipes.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\quartz.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\quartz.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\slip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\slip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\stream.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\streamip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\streamip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\swenum.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\vbisurf.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\wstcodec.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\wstcodec.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\wstdecod.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp folder deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 03052013_201805
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
User: INTERNET
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Zdeněk
->Temp folder emptied: 831350 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 36531102 bytes
->Flash cache emptied: 492 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 339991 bytes
Total Files Cleaned = 36.00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Guest
User: INTERNET
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: Zdeněk
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Prefs.js: true removed from browser.search.useDBForOrder
C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\live-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\qipsearch.xml moved successfully.
Registry value HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-448539723-602162358-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mfcr.cz\ deleted successfully.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Documents and Settings\INTERNET\Data aplikací\ICQ Toolbar folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG7 folder moved successfully.
C:\Documents and Settings\Zdeněk\Data aplikací\ICQ Toolbar folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\system folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\sysbckup folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\inf folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\help folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\drivers folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\directx folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\amstream.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\bda.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\bdaplgin.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\BdaSup.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ccdecode.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ccdecode.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d8.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d8thk.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d8thk.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3d9.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dim.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dim.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dim700.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dpmesh.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dpmesh.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dramp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dramp.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3drm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3drm.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dxof.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\d3dxof.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ddraw.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ddrawex.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\devenum.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\diactfrm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\diactfrm.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\diactfrm.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoy.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoybrz.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoychs.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoycht.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoycze.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoydut.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyfrn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyger.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyitn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyjpn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoykor.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoypol.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyrus.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyspa.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dijoyswe.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dimap.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dimap.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dimaps.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput8.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dinput8.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmband.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmcompos.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmime.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmloader.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmscript.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmstyle.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmsynth.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmusic.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dmusic.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dplay.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dplaysvr.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dplayx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpmodemx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnaddr.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnet.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnhpast.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnhupnp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnlobby.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpnsvr.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvacm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvoice.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvoice.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvsetup.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpvvox.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dpwsockx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsdmo.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsdmoprp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound.vxd deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dsound3d.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dswave.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx7vb.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx8vb.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx9bda.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx9bdaxp.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dx9w2k.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxapi.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxapi.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxbda.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiabrz.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiachs.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiacht.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiacze.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiadut.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiafrn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiag.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiag.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiager.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiagn.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiaitn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiajpn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiakor.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiapol.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiarus.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiaspa.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdiaswe.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdllreg.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxdllreg.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxnetsrv.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxnetsrv.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxnt.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxntunp.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxver.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxxp.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\dxxp.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\encapi.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\gcdef.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\gcdef.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ipsink.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\joy.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\joy.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ks.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ks.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\kscaptur.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksfilter.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksolay.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksproxy.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksreg.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\kstvtune.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksuser.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\kswdmcap.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ksxbar.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\l3codecx.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mciqtz32.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mpe.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mpe.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\Mpeg2Data.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mpg2splt.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\msdmo.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\msdv.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\MSDvbNP.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mskssrv.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mspclock.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mspqm.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mstee.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\MSVidCtl.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\mswebdvd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\msyuv.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\nabtsfec.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\nabtsfec.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ndisip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\ndisip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\pid.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\pid.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\psisdecd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\psisrndr.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qasf.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qcap.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qdv.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qdvd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qedit.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\qedwipes.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\quartz.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\quartz.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\slip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\slip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\stream.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\streamip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\streamip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\swenum.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\vbisurf.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\wstcodec.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\wstcodec.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp\wstdecod.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX1F.tmp folder deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 03052013_201805
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Znovu spustte OTL a kliknete na napis Vycisti. OTL po sobe uklidi.
Mozillu doporucuji preinstalovat. Je to nejucinejsi zpusob, jak se zbavit nechteneho svinstva. Pokud nechcete prijit o nastaveni, nebo zalozky, zalohujte si je pomoci programku MozBackup http://www.slunecnice.cz/sw/mozbackup/
Pak dejte novy log z RSIT a napiste, jestli je to stejne, nebo se stav nejak zmenil.
Mozillu doporucuji preinstalovat. Je to nejucinejsi zpusob, jak se zbavit nechteneho svinstva. Pokud nechcete prijit o nastaveni, nebo zalozky, zalohujte si je pomoci programku MozBackup http://www.slunecnice.cz/sw/mozbackup/
Pak dejte novy log z RSIT a napiste, jestli je to stejne, nebo se stav nejak zmenil.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Provedeno a vyčištěno v OTL. Je zajímavé, že mám v ovládacích panelech-programy nainstalovaný Firefox 2 x. Oba programy jsem odinstaloval a nainstaloval nový Firefox.
Ještě jedné věci se divím. Jednu dobu po čištění jsem měl na C disku už 4,97 GB volného místa. Po všem dalším čištění a odinstalaci TuneUp a jednoho toho Firefoxu mám nyní volného místa jen 4,39 GB. Nějak to nemůžu pochopit
Tady posílám ten log RSIT :
Logfile of random's system information tool 1.09 (written by random/random)
Run by Zdeněk at 2013-03-05 22:37:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (22%) free of 20 GB
Total RAM: 1023 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:38:45, on 5.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUMENTS AND SETTINGS\ZDENĚK\PLOCHA\RSIT.exe
C:\Program Files\trend micro\Zdeněk.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 3842 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default
prefs.js - "browser.search.useDBForOrder" - ""
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\
{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{0cdfdd5e-eea6-45ff-b035-81243cf02efb}
{2A10B180-05EF-11D9-8C50-444553540001}(2)
{34274bf4-1d97-a289-e984-17e546307e4f}(2)
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{c36177c0-224a-11da-8cd6-0800200c9a66}(2)
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\
seznam-encyklopedie.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-02 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-05-23 88363]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Disabled:HP Software Update Client"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.sl_anet"=sl_anet.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=serwvdrv.dll
"vidc.LEAD"=LCODCCMP.DLL
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2013-03-05 22:37:48 ----DC---- C:\rsit
2013-03-05 22:10:28 ----DC---- C:\Program Files\Mozilla Maintenance Service
2013-03-05 22:10:18 ----DC---- C:\Program Files\Mozilla Firefox
2013-03-03 22:36:32 ----DC---- C:\Program Files\Defraggler
2013-03-02 14:51:44 ----AC---- C:\WINDOWS\system32\javaws.exe
2013-03-02 14:51:26 ----AC---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-03-02 14:51:26 ----AC---- C:\WINDOWS\system32\javaw.exe
2013-03-02 14:51:26 ----AC---- C:\WINDOWS\system32\java.exe
2013-02-17 11:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-02-17 11:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-02-17 11:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-02-17 11:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-02-17 11:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2792100$
2013-02-17 11:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2797052$
======List of files/folders modified in the last 1 month======
2013-03-05 22:38:45 ----DC---- C:\Program Files\trend micro
2013-03-05 22:32:08 ----ADC---- C:\WINDOWS\Temp
2013-03-05 22:28:31 ----DC---- C:\Program Files\CCleaner
2013-03-05 22:26:36 ----DC---- C:\WINDOWS
2013-03-05 22:20:18 ----SHDC---- C:\WINDOWS\Installer
2013-03-05 22:20:16 ----HDC---- C:\Config.Msi
2013-03-05 22:19:18 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-03-05 22:19:14 ----DC---- C:\Program Files\Common Files\Adobe
2013-03-05 22:19:07 ----DC---- C:\Program Files\Adobe
2013-03-05 22:17:18 ----DC---- C:\WINDOWS\system32
2013-03-05 22:10:28 ----ADC---- C:\Program Files
2013-03-05 20:18:41 ----DC---- C:\WINDOWS\system32\DirectX
2013-03-05 20:18:27 ----DC---- C:\WINDOWS\system32\drivers\etc
2013-03-03 22:16:02 ----DC---- C:\WINDOWS\system32\Restore
2013-03-03 22:16:01 ----SHD---- C:\System Volume Information
2013-03-03 22:14:46 ----DC---- C:\WINDOWS\system32\CatRoot2
2013-03-03 21:32:38 ----DC---- C:\WINDOWS\system32\drivers
2013-03-03 18:24:00 ----DC---- C:\WINDOWS\Tasks
2013-03-03 17:00:01 ----RSHC---- C:\boot.ini
2013-03-03 17:00:01 ----AC---- C:\WINDOWS\win.ini
2013-03-03 17:00:01 ----AC---- C:\WINDOWS\system.ini
2013-03-03 16:34:20 ----DC---- C:\Documents and Settings
2013-03-02 20:13:31 ----DC---- C:\WINDOWS\Debug
2013-03-02 17:47:01 ----DC---- C:\Program Files\Codec Pack - All In 1
2013-03-02 17:34:03 ----DC---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-03-02 15:13:34 ----DC---- C:\Program Files\CPUID
2013-03-02 14:58:00 ----DC---- C:\WINDOWS\system32\Adobe
2013-03-02 14:54:51 ----AC---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-03-02 14:50:58 ----AC---- C:\WINDOWS\system32\npDeployJava1.dll
2013-03-02 14:50:58 ----AC---- C:\WINDOWS\system32\deployJava1.dll
2013-03-02 14:50:49 ----DC---- C:\Program Files\Java
2013-02-17 22:40:01 ----HDC---- C:\Program Files\InstallShield Installation Information
2013-02-17 11:38:53 ----AC---- C:\WINDOWS\system32\MRT.exe
2013-02-17 11:38:39 ----DC---- C:\WINDOWS\inf
2013-02-17 11:38:35 ----DC---- C:\WINDOWS\system32\dllcache
2013-02-17 11:33:35 ----DC---- C:\WINDOWS\$hf_mig$
2013-02-12 19:19:23 ----DC---- C:\Program Files\KeePass Password Safe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-29 716272]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 AgereSoftModem;InPorte Home; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-05-23 1171648]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-05-14 740044]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-13 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-07-12 2459968]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ak8f0wic;ak8f0wic; C:\WINDOWS\system32\drivers\ak8f0wic.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2004-07-12 114755]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-16 115608]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
-----------------EOF-----------------
Ještě jedné věci se divím. Jednu dobu po čištění jsem měl na C disku už 4,97 GB volného místa. Po všem dalším čištění a odinstalaci TuneUp a jednoho toho Firefoxu mám nyní volného místa jen 4,39 GB. Nějak to nemůžu pochopit
Tady posílám ten log RSIT :
Logfile of random's system information tool 1.09 (written by random/random)
Run by Zdeněk at 2013-03-05 22:37:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (22%) free of 20 GB
Total RAM: 1023 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:38:45, on 5.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUMENTS AND SETTINGS\ZDENĚK\PLOCHA\RSIT.exe
C:\Program Files\trend micro\Zdeněk.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 3842 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\avast! Emergency Update.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default
prefs.js - "browser.search.useDBForOrder" - ""
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\extensions\
{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{0cdfdd5e-eea6-45ff-b035-81243cf02efb}
{2A10B180-05EF-11D9-8C50-444553540001}(2)
{34274bf4-1d97-a289-e984-17e546307e4f}(2)
{37E4D8EA-8BDA-4831-8EA1-89053939A250}
{3d7eb24f-2740-49df-8937-200b1cc08f8a}
{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{c36177c0-224a-11da-8cd6-0800200c9a66}(2)
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Documents and Settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\3awre7ia.default\searchplugins\
seznam-encyklopedie.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-02 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-02 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-05-23 88363]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-12 4112384]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Disabled:HP Software Update Client"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.sl_anet"=sl_anet.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=serwvdrv.dll
"vidc.LEAD"=LCODCCMP.DLL
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2013-03-05 22:37:48 ----DC---- C:\rsit
2013-03-05 22:10:28 ----DC---- C:\Program Files\Mozilla Maintenance Service
2013-03-05 22:10:18 ----DC---- C:\Program Files\Mozilla Firefox
2013-03-03 22:36:32 ----DC---- C:\Program Files\Defraggler
2013-03-02 14:51:44 ----AC---- C:\WINDOWS\system32\javaws.exe
2013-03-02 14:51:26 ----AC---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-03-02 14:51:26 ----AC---- C:\WINDOWS\system32\javaw.exe
2013-03-02 14:51:26 ----AC---- C:\WINDOWS\system32\java.exe
2013-02-17 11:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-02-17 11:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-02-17 11:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-02-17 11:36:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-02-17 11:35:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2792100$
2013-02-17 11:35:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2797052$
======List of files/folders modified in the last 1 month======
2013-03-05 22:38:45 ----DC---- C:\Program Files\trend micro
2013-03-05 22:32:08 ----ADC---- C:\WINDOWS\Temp
2013-03-05 22:28:31 ----DC---- C:\Program Files\CCleaner
2013-03-05 22:26:36 ----DC---- C:\WINDOWS
2013-03-05 22:20:18 ----SHDC---- C:\WINDOWS\Installer
2013-03-05 22:20:16 ----HDC---- C:\Config.Msi
2013-03-05 22:19:18 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-03-05 22:19:14 ----DC---- C:\Program Files\Common Files\Adobe
2013-03-05 22:19:07 ----DC---- C:\Program Files\Adobe
2013-03-05 22:17:18 ----DC---- C:\WINDOWS\system32
2013-03-05 22:10:28 ----ADC---- C:\Program Files
2013-03-05 20:18:41 ----DC---- C:\WINDOWS\system32\DirectX
2013-03-05 20:18:27 ----DC---- C:\WINDOWS\system32\drivers\etc
2013-03-03 22:16:02 ----DC---- C:\WINDOWS\system32\Restore
2013-03-03 22:16:01 ----SHD---- C:\System Volume Information
2013-03-03 22:14:46 ----DC---- C:\WINDOWS\system32\CatRoot2
2013-03-03 21:32:38 ----DC---- C:\WINDOWS\system32\drivers
2013-03-03 18:24:00 ----DC---- C:\WINDOWS\Tasks
2013-03-03 17:00:01 ----RSHC---- C:\boot.ini
2013-03-03 17:00:01 ----AC---- C:\WINDOWS\win.ini
2013-03-03 17:00:01 ----AC---- C:\WINDOWS\system.ini
2013-03-03 16:34:20 ----DC---- C:\Documents and Settings
2013-03-02 20:13:31 ----DC---- C:\WINDOWS\Debug
2013-03-02 17:47:01 ----DC---- C:\Program Files\Codec Pack - All In 1
2013-03-02 17:34:03 ----DC---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-03-02 15:13:34 ----DC---- C:\Program Files\CPUID
2013-03-02 14:58:00 ----DC---- C:\WINDOWS\system32\Adobe
2013-03-02 14:54:51 ----AC---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-03-02 14:50:58 ----AC---- C:\WINDOWS\system32\npDeployJava1.dll
2013-03-02 14:50:58 ----AC---- C:\WINDOWS\system32\deployJava1.dll
2013-03-02 14:50:49 ----DC---- C:\Program Files\Java
2013-02-17 22:40:01 ----HDC---- C:\Program Files\InstallShield Installation Information
2013-02-17 11:38:53 ----AC---- C:\WINDOWS\system32\MRT.exe
2013-02-17 11:38:39 ----DC---- C:\WINDOWS\inf
2013-02-17 11:38:35 ----DC---- C:\WINDOWS\system32\dllcache
2013-02-17 11:33:35 ----DC---- C:\WINDOWS\$hf_mig$
2013-02-12 19:19:23 ----DC---- C:\Program Files\KeePass Password Safe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-29 716272]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-20 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 AgereSoftModem;InPorte Home; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-05-23 1171648]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-05-14 740044]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-09-13 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-07-12 2459968]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ak8f0wic;ak8f0wic; C:\WINDOWS\system32\drivers\ak8f0wic.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2004-07-12 114755]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-16 115608]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
-----------------EOF-----------------
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
To je normalni. System si tha aktualizace, stale se tvori docasne soubory, navic ten ukazatel taky neni uplne presny. Takze volne misto kolisa.
Chtelo by to aktualizovat Internet Explorer. I kdyz treba neni pouzivany. Jelikoz je vlastne soucasti systemu, mel by byt aktualni.
Log je OK. Jak to tedy vypada?
Chtelo by to aktualizovat Internet Explorer. I kdyz treba neni pouzivany. Jelikoz je vlastne soucasti systemu, mel by byt aktualni.
Log je OK. Jak to tedy vypada?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Je to lepší až na to dlouhé otvírání prohlížeče Firefox. Když už se to otevře, tak je potom ale načítání stránek rychlé.
V logu RSIT jsem předtím nikdy neměl toto :
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
Co to je ?
V logu RSIT jsem předtím nikdy neměl toto :
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
Co to je ?
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Jak dlouho mozilla nabiha? Pokud nepomohl jeji reinstal, asi uz to nezrychlim. Nemate tam nejake doplnky, rozsireni, nebo neco takoveho?
Ty radky v logu jsou OK. Je to zaznam, ze byl resetovany hosts soubor.
Ty radky v logu jsou OK. Je to zaznam, ze byl resetovany hosts soubor.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
No nějaké ty doplňky a rozšíření tam jsou, ale který by to mohl dělat to nevím. Zkusím se obrátit na mozilla fórum.
Jenom jsem se chtěl ještě zeptat na tu pořád prázdnou složku Prefetsch, kam by se měly ukládat nějaké soubory, které slouží k urychlení načítání a otevření již jednou použitých souborů ? Nějaký postup o obnovení jsem četl tady :
http://www.pc-help.cz/viewtopic.php?t=10100
Jenom jsem se chtěl ještě zeptat na tu pořád prázdnou složku Prefetsch, kam by se měly ukládat nějaké soubory, které slouží k urychlení načítání a otevření již jednou použitých souborů ? Nějaký postup o obnovení jsem četl tady :
http://www.pc-help.cz/viewtopic.php?t=10100
Re: pomalý start PC, pomalé otevírání dokumentů a www stráne
Tak bud je vsechny odinstalujete a budete po jednom pridavat a zkouset, ktery to dela, nebo si nechte poraditna tom foru. Tam by to meli vedet nejlepe 
Ten postup na Prefetch klidne zkuste.
31.3.2013 pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
Ten postup na Prefetch klidne zkuste.
31.3.2013 pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?