http://imageshack.us/f/197/hdtuneobr.bmp/
http://imageshack.us/f/843/hdtunetv.png/
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zasekaný PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zasekaný PC
Odchazi vam disk. Doporucuji pravidelne zalohovat.
vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Zasekaný PC
Počítač je v podstatně lepším stavu. Takže by bylo vhodné pořídit nový disk?
Re: Zasekaný PC
Jak daleko to ma k normalu?tuffgong píše:Počítač je v podstatně lepším stavu
Je tam vadny sektor. To nevesti nic dobreho. Samozrejme muze slouzit jeste nekolik let, ale muze se to rychle zhorsit a padnout za par dnu. To se neda odhadnout.tuffgong píše:Takže by bylo vhodné pořídit nový disk?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Zasekaný PC
No PC se mi zdá být v pořádku až na krátké občasné zpomalení internetu. Každopádně jste mi moc pomohl. Díky za váš čas.
Re: Zasekaný PC
Tak se kouknem hloubeji, jestli neco nevystourame.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Zasekaný PC
OTL Extras logfile created on: 10.4.2013 17:32:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\majer\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,08% Memory free
4,84 Gb Paging File | 3,88 Gb Available in Paging File | 80,08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 123,27 Gb Free Space | 52,93% Space Free | Partition Type: NTFS
Computer Name: MAJER-96FD7797B | User Name: majer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58906:TCP" = 58906:TCP:*:Enabled:Pando Media Booster
"58906:UDP" = 58906:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58906:TCP" = 58906:TCP:*:Enabled:Pando Media Booster
"58906:UDP" = 58906:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Garena Plus\Room\garena_room.exe" = C:\Program Files\Garena Plus\Room\garena_room.exe:*:Disabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
"C:\Riot Games\League of Legends\lol.launcher.exe" = C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:Play League of Legends -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{105F3CE5-FE55-408E-BF30-E78F85BA0B12}" = Dell Printer Software
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35A99221-DAF4-4769-880F-ECC57548FBCC}" = Video Edit Master
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{537D1E0A-753A-48FE-A5DE-A124A43C68BE}" = Shutdown Timer
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.95
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.21.1212
"Free YouTube Download_is1" = Free YouTube Download version 3.1.41.1130
"HD Tune_is1" = HD Tune 2.55
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Basic)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PSPad editor_is1" = PSPad editor
"Quake III Arena" = Quake III Arena
"Sbírka úloh z fyziky pro SŠ_is1" = Prometheus Sbírka úloh z fyziky pro SŠ 1.0
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 2.0.1
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6.9.2012 8:13:40 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.0.1526.0, P3 timeout, P4 1.1.8704.0, P5 fixed, P6 4 _ 2049+, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 3.10.2012 9:23:53 | Computer Name = MAJER-96FD7797B | Source = Microsoft Security Client | ID = 5000
Description =
Error - 11.10.2012 9:13:29 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.1.522.0, P3 timeout, P4 1.1.8800.0, P5 fixed, P6 4 _ 2049+, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 15.11.2012 11:52:16 | Computer Name = MAJER-96FD7797B | Source = MsiInstaller | ID = 10005
Description = Product: Windows Movie Maker 2.6 -- This product only runs on Windows
Vista
Error - 17.11.2012 5:35:52 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd,
P4 11.1.3927.0, P5 mpsigstub.exe, P6 4.1.522.0, P7 microsoft security essentials,
P8 NIL, P9 NIL, P10 NIL.
Error - 19.11.2012 16:57:18 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
Error - 21.11.2012 13:44:25 | Computer Name = MAJER-96FD7797B | Source = Application Error | ID = 1000
Description = Chybující aplikace moviemk.exe, verze 2.1.4028.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x049ddb38.
Error - 10.12.2012 11:31:22 | Computer Name = MAJER-96FD7797B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace moviemk.exe, verze 2.1.4028.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.12.2012 11:22:36 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 4.1.522.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 14.12.2012 11:22:42 | Computer Name = MAJER-96FD7797B | Source = Application Error | ID = 1000
Description = Chybující aplikace javaw.exe, verze 7.0.70.11, chybující modul msvcr100.dll,
verze 10.0.30319.1, adresa chyby 0x0008ae6e.
[ System Events ]
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft Antimalware Service byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 15000 milisekund: Restartovat
službu.
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7034
Description = Služba Ralink Registry Writer byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7034
Description = Služba Dell Printer Status Watcher byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 6.4.2013 12:33:04 | Computer Name = MAJER-96FD7797B | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 7.4.2013 1:44:14 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.4 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 7.4.2013 15:52:17 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.4 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 8.4.2013 6:45:04 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.4 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 9.4.2013 8:53:55 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.6 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 10.4.2013 7:36:11 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.6 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\majer\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,08% Memory free
4,84 Gb Paging File | 3,88 Gb Available in Paging File | 80,08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 123,27 Gb Free Space | 52,93% Space Free | Partition Type: NTFS
Computer Name: MAJER-96FD7797B | User Name: majer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58906:TCP" = 58906:TCP:*:Enabled:Pando Media Booster
"58906:UDP" = 58906:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58906:TCP" = 58906:TCP:*:Enabled:Pando Media Booster
"58906:UDP" = 58906:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\TmNationsForever\TmForever.exe" = C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Garena Plus\Room\garena_room.exe" = C:\Program Files\Garena Plus\Room\garena_room.exe:*:Disabled:Garena -- (Garena Online PTE LTD)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s
"C:\Riot Games\League of Legends\lol.launcher.exe" = C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:Play League of Legends -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{105F3CE5-FE55-408E-BF30-E78F85BA0B12}" = Dell Printer Software
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35A99221-DAF4-4769-880F-ECC57548FBCC}" = Video Edit Master
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{537D1E0A-753A-48FE-A5DE-A124A43C68BE}" = Shutdown Timer
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A97F28B2-3BA1-49B7-AEF6-CC8956ED8CAA}" = Nokia PC Suite
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 2.95
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.21.1212
"Free YouTube Download_is1" = Free YouTube Download version 3.1.41.1130
"HD Tune_is1" = HD Tune 2.55
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Basic)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PSPad editor_is1" = PSPad editor
"Quake III Arena" = Quake III Arena
"Sbírka úloh z fyziky pro SŠ_is1" = Prometheus Sbírka úloh z fyziky pro SŠ 1.0
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 2.0.1
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6.9.2012 8:13:40 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.0.1526.0, P3 timeout, P4 1.1.8704.0, P5 fixed, P6 4 _ 2049+, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 3.10.2012 9:23:53 | Computer Name = MAJER-96FD7797B | Source = Microsoft Security Client | ID = 5000
Description =
Error - 11.10.2012 9:13:29 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P2 4.1.522.0, P3 timeout, P4 1.1.8800.0, P5 fixed, P6 4 _ 2049+, P7 5 _ not boot,
P8 NIL, P9 NIL, P10 NIL.
Error - 15.11.2012 11:52:16 | Computer Name = MAJER-96FD7797B | Source = MsiInstaller | ID = 10005
Description = Product: Windows Movie Maker 2.6 -- This product only runs on Windows
Vista
Error - 17.11.2012 5:35:52 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070670, P2 patchapplication, P3 am bdd,
P4 11.1.3927.0, P5 mpsigstub.exe, P6 4.1.522.0, P7 microsoft security essentials,
P8 NIL, P9 NIL, P10 NIL.
Error - 19.11.2012 16:57:18 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp,
P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10
NIL.
Error - 21.11.2012 13:44:25 | Computer Name = MAJER-96FD7797B | Source = Application Error | ID = 1000
Description = Chybující aplikace moviemk.exe, verze 2.1.4028.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x049ddb38.
Error - 10.12.2012 11:31:22 | Computer Name = MAJER-96FD7797B | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace moviemk.exe, verze 2.1.4028.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.12.2012 11:22:36 | Computer Name = MAJER-96FD7797B | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 2152759308, P2 unspecified, P3 scanfile,
P4 4.1.522.0, P5 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094),
P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
Error - 14.12.2012 11:22:42 | Computer Name = MAJER-96FD7797B | Source = Application Error | ID = 1000
Description = Chybující aplikace javaw.exe, verze 7.0.70.11, chybující modul msvcr100.dll,
verze 10.0.30319.1, adresa chyby 0x0008ae6e.
[ System Events ]
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7031
Description = Služba Microsoft Antimalware Service byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 15000 milisekund: Restartovat
službu.
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7034
Description = Služba Ralink Registry Writer byla neočekávaně ukončena. Tento stav
nastal již 1krát.
Error - 6.4.2013 8:46:37 | Computer Name = MAJER-96FD7797B | Source = Service Control Manager | ID = 7034
Description = Služba Dell Printer Status Watcher byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 6.4.2013 12:33:04 | Computer Name = MAJER-96FD7797B | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\D má chybný blok.
Error - 7.4.2013 1:44:14 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.4 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 7.4.2013 15:52:17 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.4 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 8.4.2013 6:45:04 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.4 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 9.4.2013 8:53:55 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.6 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
Error - 10.4.2013 7:36:11 | Computer Name = MAJER-96FD7797B | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.10.21.6 pro síťovou kartu se síťovou
adresou 001FCF51D535 byla ukončena.
< End of report >
Re: Zasekaný PC
OTL logfile created on: 10.4.2013 17:32:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\majer\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,08% Memory free
4,84 Gb Paging File | 3,88 Gb Available in Paging File | 80,08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 123,27 Gb Free Space | 52,93% Space Free | Partition Type: NTFS
Computer Name: MAJER-96FD7797B | User Name: majer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.10 17:30:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\majer\Plocha\OTL.exe
PRC - [2013.03.09 14:08:43 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.02.16 00:31:18 | 001,430,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010.06.01 12:03:32 | 000,566,680 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
PRC - [2010.06.01 12:03:24 | 000,226,696 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
PRC - [2010.06.01 12:03:18 | 000,886,152 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
PRC - [2009.10.16 12:58:52 | 000,116,016 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
PRC - [2009.03.09 12:45:22 | 001,662,976 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2008.09.05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.09 14:08:04 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.02.05 22:27:17 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_weblink.CZE
MOD - [2013.02.02 20:20:07 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_Updater.CZE
MOD - [2013.02.02 20:19:56 | 002,642,432 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_Annots.CZE
MOD - [2013.02.02 20:19:54 | 000,097,792 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_EScript.CZE
MOD - [2013.01.27 11:30:50 | 009,294,848 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
MOD - [2012.12.18 16:28:12 | 000,305,880 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012.10.08 21:45:24 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.07.01 20:34:04 | 000,344,064 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.07.07 23:52:44 | 000,555,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.11.28 04:32:00 | 001,163,264 | ---- | M] () -- C:\Program Files\Ralink\Common\acAuth.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.09 14:08:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.01 12:03:24 | 000,226,696 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
SRV - [2009.10.16 12:58:52 | 000,116,016 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
SRV - [2008.09.05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012.07.03 08:51:00 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.11.01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 10:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 10:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.06.29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.06.25 08:07:44 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.06.25 08:07:40 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.06.25 08:07:40 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.03.04 17:30:14 | 000,709,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.07 14:42:36 | 000,016,512 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RAPIProtocol.sys -- (RAPIProtocol)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f ... 1391513730
IE - HKLM\..\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}: "URL" = http://websearch.ask.com/redirect?clien ... 6EF2331DDE
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.09 14:08:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.07.02 14:46:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\majer\Data aplikací\Mozilla\Extensions
[2013.03.09 14:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\majer\Data aplikací\Mozilla\Firefox\Profiles\k2wekq08.default\extensions
[2013.02.21 01:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.09 14:08:44 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.21 01:04:26 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.21 01:04:26 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.21 01:04:26 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.21 01:04:26 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.21 01:04:26 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2013.04.05 22:09:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DLPSP] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
O4 - HKLM..\Run: [DLQLU] C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE (Dell Inc.)
O4 - HKLM..\Run: [DLUPDR] C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE (Dell Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\majer\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 1173373177 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1175608281 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.21.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00604E01-D5B6-461A-B44A-B5F6DB22ACD0}: DhcpNameServer = 10.10.21.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\majer\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\majer\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.10 17:30:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\majer\Plocha\OTL.exe
[2013.04.10 13:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013.04.06 15:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2013.04.06 15:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.04.06 14:53:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\majer\Recent
[2013.04.06 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2013.04.06 12:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
[2013.04.02 19:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\majer\Plocha\skola jirik
[2013.03.29 23:23:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\majer\Nabídka Start\Programy\Savage 2 A Tortured Soul
[2013.03.29 23:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Savage 2 - A Tortured Soul
[2013.03.28 21:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\majer\Plocha\foukačka
[2013.03.27 22:44:40 | 000,459,700 | ---- | C] (GamePark ) -- C:\Documents and Settings\majer\Plocha\GameParkSetup_v2090.exe
[2013.03.27 22:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2013.03.14 15:22:18 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
========== Files - Modified Within 30 Days ==========
[2013.04.10 17:34:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.10 17:30:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\majer\Plocha\OTL.exe
[2013.04.10 17:19:20 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.04.10 14:52:21 | 003,195,301 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\SkyBlock.zip
[2013.04.10 13:47:52 | 006,813,447 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\čtvrtletka.zip
[2013.04.08 15:07:16 | 000,473,005 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\Adventure-MAPA.zip
[2013.04.08 14:49:58 | 045,383,910 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\YT07.zip
[2013.04.07 16:54:46 | 000,021,525 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\OSN.odt
[2013.04.06 15:03:47 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2013.04.06 14:58:22 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.04.06 14:57:20 | 000,105,238 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\Cleaner zaloha.reg
[2013.04.06 14:51:51 | 000,435,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.04.06 14:51:51 | 000,432,402 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.04.06 14:51:51 | 000,079,370 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.04.06 14:51:51 | 000,068,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.04.06 14:47:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.06 14:41:32 | 000,296,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.04.06 12:04:32 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\HD Tune.lnk
[2013.04.05 22:09:09 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013.04.05 17:59:19 | 000,045,194 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\room_v3.dat
[2013.04.05 09:46:54 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.04 16:56:05 | 000,013,179 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\beatles.odt
[2013.04.04 11:09:30 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.04 10:01:38 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\RSIT(1).exe
[2013.04.04 09:28:56 | 000,014,420 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\tahak.odt
[2013.04.02 19:29:51 | 001,761,945 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\WP_000175.jpg.zip
[2013.04.02 19:29:39 | 002,108,315 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\WP_000161.jpg.zip
[2013.04.02 12:33:22 | 000,237,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013.03.31 12:11:50 | 000,019,497 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\nohavica.odt
[2013.03.28 20:57:03 | 047,685,916 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\škola-hry-na-foukačku.rar
[2013.03.28 13:54:53 | 003,363,238 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\1.rar
[2013.03.27 22:44:45 | 000,459,700 | ---- | M] (GamePark ) -- C:\Documents and Settings\majer\Plocha\GameParkSetup_v2090.exe
[2013.03.27 11:13:40 | 000,013,392 | ---- | M] () -- C:\Documents and Settings\majer\Dokumenty\tahak1.odt
[2013.03.26 22:29:15 | 000,013,392 | ---- | M] () -- C:\Documents and Settings\majer\Dokumenty\tahak.odt
[2013.03.26 19:21:01 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Order Printer Supplies.lnk
[2013.03.22 16:19:19 | 015,073,146 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\ja-pisnicka-2.pdf
[2013.03.16 15:09:51 | 000,006,475 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\pinecc.jpeg
[2013.03.16 14:25:33 | 005,328,407 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\fyzika(1).zip
========== Files Created - No Company Name ==========
[2013.04.10 17:34:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.10 14:52:03 | 003,195,301 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\SkyBlock.zip
[2013.04.10 13:42:10 | 006,813,447 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\čtvrtletka.zip
[2013.04.08 15:07:15 | 000,473,005 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\Adventure-MAPA.zip
[2013.04.08 14:45:33 | 045,383,910 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\YT07.zip
[2013.04.07 16:52:48 | 000,021,525 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\OSN.odt
[2013.04.06 15:03:47 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2013.04.06 14:57:01 | 000,105,238 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\Cleaner zaloha.reg
[2013.04.06 12:04:32 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\HD Tune.lnk
[2013.04.04 10:01:36 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\RSIT(1).exe
[2013.04.03 21:11:15 | 000,014,420 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\tahak.odt
[2013.04.02 19:29:50 | 001,761,945 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\WP_000175.jpg.zip
[2013.04.02 19:29:34 | 002,108,315 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\WP_000161.jpg.zip
[2013.03.28 20:54:24 | 047,685,916 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\škola-hry-na-foukačku.rar
[2013.03.28 13:54:50 | 003,363,238 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\1.rar
[2013.03.27 11:13:40 | 000,013,392 | ---- | C] () -- C:\Documents and Settings\majer\Dokumenty\tahak1.odt
[2013.03.26 22:29:15 | 000,013,392 | ---- | C] () -- C:\Documents and Settings\majer\Dokumenty\tahak.odt
[2013.03.22 16:13:05 | 015,073,146 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\ja-pisnicka-2.pdf
[2013.03.16 15:09:51 | 000,006,475 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\pinecc.jpeg
[2013.03.16 14:25:17 | 005,328,407 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\fyzika(1).zip
[2013.01.04 15:48:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.12.23 10:10:26 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\majer\Data aplikací\room_v3.dat
[2012.12.04 15:15:40 | 000,000,920 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).err
[2012.12.02 18:28:12 | 000,001,224 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).nast
[2012.11.03 21:19:43 | 000,000,871 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2012.10.05 09:51:44 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012.07.19 22:15:22 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 08:30:32 | 000,009,694 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.err
[2012.07.03 08:27:11 | 000,001,000 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.nast
[2012.07.02 14:33:58 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2012.07.02 14:33:45 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012.07.01 23:51:48 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.07.01 23:49:04 | 000,296,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.01 22:44:07 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.07.01 22:44:05 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.07.01 22:44:05 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.07.01 22:14:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.07.01 22:08:08 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012.07.01 22:07:02 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2012.07.01 22:07:02 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2012.07.01 22:04:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.01 22:00:45 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012.07.14 17:26:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.04.20 21:30:25 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.07.03 10:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.07.16 18:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2013.04.05 17:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
[2012.07.11 22:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.07.11 22:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.09.23 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Prometheus
[2012.07.02 14:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ralink Driver
[2012.09.27 13:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.04.07 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2013.04.10 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\.minecraft
[2013.04.06 14:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DAEMON Tools Lite
[2012.12.29 17:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DVDVideoSoft
[2012.11.03 19:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\FlexSave
[2013.04.05 17:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\GarenaPlus
[2012.07.14 17:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Leadertech
[2013.02.09 01:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\LolClient
[2012.07.11 22:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Nokia
[2012.08.09 19:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\OpenOffice.org
[2012.07.11 22:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\PC Suite
[2012.12.09 12:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Xilisoft
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012.07.01 22:01:32 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.07.01 22:06:01 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.02.16 11:05:35 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.02.16 11:05:43 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
< >
< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.10 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\.minecraft
[2012.08.10 09:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Adobe
[2013.04.06 14:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DAEMON Tools Lite
[2012.12.29 17:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DVDVideoSoft
[2012.11.03 19:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\FlexSave
[2013.04.05 17:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\GarenaPlus
[2012.07.01 22:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Identities
[2012.07.02 14:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\InstallShield
[2012.07.14 17:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Leadertech
[2013.02.09 01:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\LolClient
[2012.07.01 22:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Macromedia
[2013.02.26 22:29:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\majer\Data aplikací\Microsoft
[2012.07.02 14:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Mozilla
[2012.07.11 22:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Nokia
[2012.08.09 19:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\OpenOffice.org
[2012.07.11 22:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\PC Suite
[2013.01.22 22:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\PSpad
[2012.07.16 18:19:47 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\majer\Data aplikací\SecuROM
[2013.03.06 00:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Skype
[2012.12.08 15:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Sun
[2013.04.05 22:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\vlc
[2012.07.03 10:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\WinRAR
[2012.12.09 12:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Xilisoft
< %APPDATA%\*.exe /s >
[2012.11.03 19:31:27 | 001,897,024 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\FlexSave\CloseMsgAP.exe
[2012.11.03 19:31:26 | 003,299,904 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\FlexSave\FlexSave.exe
[2012.11.03 19:31:27 | 001,706,048 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\FlexSave\Setup.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_21F3885A18D238E15AAE81.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_5820AE36D624D2041047F0.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_6FEFF9B68218417F98F549.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_C31A92D1BB281EC8512D60.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.07.01 23:48:09 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.07.01 23:48:09 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.07.01 23:48:09 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.10 17:34:11 | 000,000,512 | ---- | M] () MD5=8A6970D0F0DB52AAEA311EC489642DF9 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.07.22 00:32:04 | 001,893,234 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\TrackMania\Cache\9DEC16AA03C05037C63F053C20CCE0E2_noppinator.45+crack+%2834%29+invisible+field.Day.LightMap.zip
[2012.07.22 14:00:21 | 001,635,656 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\TrackMania\Cache\C636F7B9A6B5A11605E7B0C4111E82FC_noppinator.45+crack+%2818%29+fast+ride.Day.LightMap.zip
[2012.07.21 22:30:24 | 000,031,568 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (04) check your limit.Replay.gbx
[2012.07.22 12:37:06 | 000,032,836 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (05) a taste of speed.Replay.gbx
[2012.07.22 12:24:38 | 000,032,442 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (08) deep falling.Replay.gbx
[2012.07.21 22:24:57 | 000,040,270 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (11) the big jump.Replay.gbx
[2012.07.22 12:58:57 | 000,029,345 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (13) night flight.Replay.gbx
[2012.07.22 13:34:38 | 000,028,936 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (18) fast ride.Replay.gbx
[2012.07.21 22:41:45 | 000,030,761 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (23) greenhorns.Replay.gbx
[2012.07.21 22:59:18 | 000,031,865 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (32) give me five.Replay.gbx
[2012.07.24 20:37:17 | 000,033,702 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (34) invisible field.Replay.gbx
[2012.07.21 23:42:44 | 000,033,478 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (39) snow blind.Replay.gbx
[2013.03.03 00:07:24 | 000,114,248 | ---- | M] () -- \Documents and Settings\majer\Plocha\RAW\Salsa crackers.odt
< *keygen* /s >
< *loader* /s >
[2013.01.16 18:18:47 | 000,020,813 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12169\FileLoader.dll
[2013.01.31 16:02:58 | 000,945,655 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12177\ggdownloader.dll
[2013.01.31 15:57:08 | 000,027,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12177\bbtalk\BTalkLoader.exe
[2013.02.07 13:13:02 | 000,020,929 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12184\FileLoader.dll
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.07.11 19:17:46 | 000,009,051 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.11 19:17:46 | 000,016,119 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.11 19:17:46 | 000,018,434 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.11 19:17:46 | 000,009,283 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.11 19:17:46 | 000,001,898 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.11.14 20:34:16 | 000,009,090 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2013.02.17 11:02:25 | 000,169,027 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader.log
[2012.12.29 17:12:44 | 000,153,103 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_install.txt
[2013.02.17 11:00:06 | 000,145,420 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2012.12.05 16:41:10 | 000,000,920 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).err
[2012.12.05 18:44:58 | 000,001,224 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).nast
[2012.07.22 18:35:03 | 000,009,694 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.err
[2012.07.21 13:55:01 | 000,001,000 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.nast
[2010.09.19 15:18:28 | 000,004,000 | ---- | M] () -- \Documents and Settings\majer\Plocha\minecraft\.minecraft server\src\PluginLoader.java
[2012.07.01 22:36:30 | 000,792,704 | ---- | M] () -- \Nová složka\amddriverdownloader.exe
[2012.11.30 17:31:20 | 000,933,536 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\lib\DVSVideoDownloader.dll
[2012.11.22 16:10:28 | 000,035,070 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\chrome\content\dvsyoutubedownloader.js
[2012.11.20 17:13:06 | 000,002,431 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\chrome\content\dvsyoutubedownloader.xul
[2012.11.20 17:13:06 | 000,000,931 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\dvsmenuext-ytvdownloader.png
[2012.11.20 17:13:06 | 000,001,757 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\dvsyoutubedownloader.css
[2012.11.20 17:13:06 | 000,002,796 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\youtube_mp3_downloader_32_32.png
[2012.11.20 17:13:06 | 000,002,641 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\youtube_video_downloader_32_32.png
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2012.11.30 15:33:30 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2012.11.30 15:33:30 | 002,439,816 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2012.11.16 02:15:32 | 000,000,974 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2012.11.14 20:34:16 | 000,009,090 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2012.11.14 20:34:16 | 000,006,210 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\hu-HU\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,005,120 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2013.02.07 11:11:17 | 000,051,504 | ---- | M] () -- \Program Files\Garena Plus\FileLoader.dll
[2013.01.30 10:26:41 | 002,941,232 | ---- | M] () -- \Program Files\Garena Plus\ggdownloader.dll
[2013.04.05 10:07:35 | 000,257,840 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2013.01.30 12:09:14 | 000,082,224 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\update\temp\restore\10094\BTalkLoader.exe
[2013.04.05 10:07:19 | 000,082,224 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\update\temp\restore\10095\BTalkLoader.exe
[2013.04.05 10:07:25 | 000,256,816 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\update\temp\restore\10097\GarenaTalkLoader.exe
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2012.08.13 11:52:58 | 000,006,081 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.11.20 16:30:26 | 000,005,437 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2012.12.18 19:03:53 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 12:04:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.12.18 19:04:03 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 11:12:36 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.0\deploy\assets\storeImages\layout\small_loader.gif
[2013.02.19 18:58:39 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.02.14 15:47:55 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.10 16:14:19 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 16:28:34 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 16:26:39 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\majer\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,08% Memory free
4,84 Gb Paging File | 3,88 Gb Available in Paging File | 80,08% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 123,27 Gb Free Space | 52,93% Space Free | Partition Type: NTFS
Computer Name: MAJER-96FD7797B | User Name: majer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.10 17:30:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\majer\Plocha\OTL.exe
PRC - [2013.03.09 14:08:43 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.02.16 00:31:18 | 001,430,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010.06.01 12:03:32 | 000,566,680 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\dlupdr.exe
PRC - [2010.06.01 12:03:24 | 000,226,696 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe
PRC - [2010.06.01 12:03:18 | 000,886,152 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpsp.exe
PRC - [2009.10.16 12:58:52 | 000,116,016 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe
PRC - [2009.03.09 12:45:22 | 001,662,976 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaUI.exe
PRC - [2008.09.05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.09 14:08:04 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.02.05 22:27:17 | 000,043,520 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_weblink.CZE
MOD - [2013.02.02 20:20:07 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_Updater.CZE
MOD - [2013.02.02 20:19:56 | 002,642,432 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_Annots.CZE
MOD - [2013.02.02 20:19:54 | 000,097,792 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_EScript.CZE
MOD - [2013.01.27 11:30:50 | 009,294,848 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
MOD - [2012.12.18 16:28:12 | 000,305,880 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012.10.08 21:45:24 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.07.01 20:34:04 | 000,344,064 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.07.07 23:52:44 | 000,555,624 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.11.28 04:32:00 | 001,163,264 | ---- | M] () -- C:\Program Files\Ralink\Common\acAuth.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.09 14:08:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.01 12:03:24 | 000,226,696 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
SRV - [2009.10.16 12:58:52 | 000,116,016 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
SRV - [2008.09.05 10:23:20 | 000,075,040 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Garena Plus\Room\safedrv.sys -- (GGSAFERDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2012.07.03 08:51:00 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.11.01 10:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.11.01 10:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.11.01 10:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.11.01 10:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.11.01 10:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2009.06.29 13:59:14 | 000,142,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.06.25 08:07:44 | 005,095,936 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.06.25 08:07:40 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.06.25 08:07:40 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.03.04 17:30:14 | 000,709,248 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.07 14:42:36 | 000,016,512 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RAPIProtocol.sys -- (RAPIProtocol)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f ... 1391513730
IE - HKLM\..\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}: "URL" = http://websearch.ask.com/redirect?clien ... 6EF2331DDE
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.09 14:08:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.07.02 14:46:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\majer\Data aplikací\Mozilla\Extensions
[2013.03.09 14:05:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\majer\Data aplikací\Mozilla\Firefox\Profiles\k2wekq08.default\extensions
[2013.02.21 01:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.09 14:08:44 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.21 01:04:26 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.21 01:04:26 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.21 01:04:26 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.21 01:04:26 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.21 01:04:26 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2013.04.05 22:09:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [DLPSP] C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
O4 - HKLM..\Run: [DLQLU] C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE (Dell Inc.)
O4 - HKLM..\Run: [DLUPDR] C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE (Dell Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\majer\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 1173373177 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 1175608281 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.21.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00604E01-D5B6-461A-B44A-B5F6DB22ACD0}: DhcpNameServer = 10.10.21.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\majer\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\majer\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.04.10 17:30:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\majer\Plocha\OTL.exe
[2013.04.10 13:48:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013.04.06 15:03:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Defraggler
[2013.04.06 15:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2013.04.06 14:53:42 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\majer\Recent
[2013.04.06 12:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2013.04.06 12:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
[2013.04.02 19:28:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\majer\Plocha\skola jirik
[2013.03.29 23:23:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\majer\Nabídka Start\Programy\Savage 2 A Tortured Soul
[2013.03.29 23:20:35 | 000,000,000 | ---D | C] -- C:\Program Files\Savage 2 - A Tortured Soul
[2013.03.28 21:06:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\majer\Plocha\foukačka
[2013.03.27 22:44:40 | 000,459,700 | ---- | C] (GamePark ) -- C:\Documents and Settings\majer\Plocha\GameParkSetup_v2090.exe
[2013.03.27 22:41:52 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2013.03.14 15:22:18 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
========== Files - Modified Within 30 Days ==========
[2013.04.10 17:34:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.04.10 17:30:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\majer\Plocha\OTL.exe
[2013.04.10 17:19:20 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.04.10 14:52:21 | 003,195,301 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\SkyBlock.zip
[2013.04.10 13:47:52 | 006,813,447 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\čtvrtletka.zip
[2013.04.08 15:07:16 | 000,473,005 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\Adventure-MAPA.zip
[2013.04.08 14:49:58 | 045,383,910 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\YT07.zip
[2013.04.07 16:54:46 | 000,021,525 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\OSN.odt
[2013.04.06 15:03:47 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2013.04.06 14:58:22 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.04.06 14:57:20 | 000,105,238 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\Cleaner zaloha.reg
[2013.04.06 14:51:51 | 000,435,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.04.06 14:51:51 | 000,432,402 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.04.06 14:51:51 | 000,079,370 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.04.06 14:51:51 | 000,068,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.04.06 14:47:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.06 14:41:32 | 000,296,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.04.06 12:04:32 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\HD Tune.lnk
[2013.04.05 22:09:09 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013.04.05 17:59:19 | 000,045,194 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\room_v3.dat
[2013.04.05 09:46:54 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.04 16:56:05 | 000,013,179 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\beatles.odt
[2013.04.04 11:09:30 | 000,033,280 | ---- | M] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.04 10:01:38 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\RSIT(1).exe
[2013.04.04 09:28:56 | 000,014,420 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\tahak.odt
[2013.04.02 19:29:51 | 001,761,945 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\WP_000175.jpg.zip
[2013.04.02 19:29:39 | 002,108,315 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\WP_000161.jpg.zip
[2013.04.02 12:33:22 | 000,237,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013.03.31 12:11:50 | 000,019,497 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\nohavica.odt
[2013.03.28 20:57:03 | 047,685,916 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\škola-hry-na-foukačku.rar
[2013.03.28 13:54:53 | 003,363,238 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\1.rar
[2013.03.27 22:44:45 | 000,459,700 | ---- | M] (GamePark ) -- C:\Documents and Settings\majer\Plocha\GameParkSetup_v2090.exe
[2013.03.27 11:13:40 | 000,013,392 | ---- | M] () -- C:\Documents and Settings\majer\Dokumenty\tahak1.odt
[2013.03.26 22:29:15 | 000,013,392 | ---- | M] () -- C:\Documents and Settings\majer\Dokumenty\tahak.odt
[2013.03.26 19:21:01 | 000,001,068 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Order Printer Supplies.lnk
[2013.03.22 16:19:19 | 015,073,146 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\ja-pisnicka-2.pdf
[2013.03.16 15:09:51 | 000,006,475 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\pinecc.jpeg
[2013.03.16 14:25:33 | 005,328,407 | ---- | M] () -- C:\Documents and Settings\majer\Plocha\fyzika(1).zip
========== Files Created - No Company Name ==========
[2013.04.10 17:34:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.04.10 14:52:03 | 003,195,301 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\SkyBlock.zip
[2013.04.10 13:42:10 | 006,813,447 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\čtvrtletka.zip
[2013.04.08 15:07:15 | 000,473,005 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\Adventure-MAPA.zip
[2013.04.08 14:45:33 | 045,383,910 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\YT07.zip
[2013.04.07 16:52:48 | 000,021,525 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\OSN.odt
[2013.04.06 15:03:47 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2013.04.06 14:57:01 | 000,105,238 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\Cleaner zaloha.reg
[2013.04.06 12:04:32 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\HD Tune.lnk
[2013.04.04 10:01:36 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\RSIT(1).exe
[2013.04.03 21:11:15 | 000,014,420 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\tahak.odt
[2013.04.02 19:29:50 | 001,761,945 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\WP_000175.jpg.zip
[2013.04.02 19:29:34 | 002,108,315 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\WP_000161.jpg.zip
[2013.03.28 20:54:24 | 047,685,916 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\škola-hry-na-foukačku.rar
[2013.03.28 13:54:50 | 003,363,238 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\1.rar
[2013.03.27 11:13:40 | 000,013,392 | ---- | C] () -- C:\Documents and Settings\majer\Dokumenty\tahak1.odt
[2013.03.26 22:29:15 | 000,013,392 | ---- | C] () -- C:\Documents and Settings\majer\Dokumenty\tahak.odt
[2013.03.22 16:13:05 | 015,073,146 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\ja-pisnicka-2.pdf
[2013.03.16 15:09:51 | 000,006,475 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\pinecc.jpeg
[2013.03.16 14:25:17 | 005,328,407 | ---- | C] () -- C:\Documents and Settings\majer\Plocha\fyzika(1).zip
[2013.01.04 15:48:43 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.12.23 10:10:26 | 000,045,194 | ---- | C] () -- C:\Documents and Settings\majer\Data aplikací\room_v3.dat
[2012.12.04 15:15:40 | 000,000,920 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).err
[2012.12.02 18:28:12 | 000,001,224 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).nast
[2012.11.03 21:19:43 | 000,000,871 | ---- | C] () -- C:\WINDOWS\QIII.INI
[2012.10.05 09:51:44 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012.07.19 22:15:22 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 08:30:32 | 000,009,694 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.err
[2012.07.03 08:27:11 | 000,001,000 | ---- | C] () -- C:\Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.nast
[2012.07.02 14:33:58 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2012.07.02 14:33:45 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012.07.01 23:51:48 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.07.01 23:49:04 | 000,296,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.07.01 22:44:07 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.07.01 22:44:05 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.07.01 22:44:05 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.07.01 22:14:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.07.01 22:08:08 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012.07.01 22:07:02 | 000,207,400 | R--- | C] () -- C:\WINDOWS\GSetup.exe
[2012.07.01 22:07:02 | 000,000,010 | ---- | C] () -- C:\WINDOWS\GSetup.ini
[2012.07.01 22:04:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.07.01 22:00:45 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012.07.14 17:26:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.04.20 21:30:25 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.07.03 10:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.07.16 18:19:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2013.04.05 17:48:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
[2012.07.11 22:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.07.11 22:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.09.23 16:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Prometheus
[2012.07.02 14:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ralink Driver
[2012.09.27 13:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.04.07 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TrackMania
[2013.04.10 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\.minecraft
[2013.04.06 14:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DAEMON Tools Lite
[2012.12.29 17:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DVDVideoSoft
[2012.11.03 19:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\FlexSave
[2013.04.05 17:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\GarenaPlus
[2012.07.14 17:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Leadertech
[2013.02.09 01:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\LolClient
[2012.07.11 22:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Nokia
[2012.08.09 19:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\OpenOffice.org
[2012.07.11 22:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\PC Suite
[2012.12.09 12:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Xilisoft
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012.07.01 22:01:32 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.07.01 22:06:01 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.02.16 11:05:35 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.02.16 11:05:43 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
< >
< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.04.10 16:18:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\.minecraft
[2012.08.10 09:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Adobe
[2013.04.06 14:53:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DAEMON Tools Lite
[2012.12.29 17:04:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\DVDVideoSoft
[2012.11.03 19:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\FlexSave
[2013.04.05 17:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\GarenaPlus
[2012.07.01 22:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Identities
[2012.07.02 14:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\InstallShield
[2012.07.14 17:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Leadertech
[2013.02.09 01:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\LolClient
[2012.07.01 22:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Macromedia
[2013.02.26 22:29:20 | 000,000,000 | --SD | M] -- C:\Documents and Settings\majer\Data aplikací\Microsoft
[2012.07.02 14:46:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Mozilla
[2012.07.11 22:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Nokia
[2012.08.09 19:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\OpenOffice.org
[2012.07.11 22:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\PC Suite
[2013.01.22 22:36:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\PSpad
[2012.07.16 18:19:47 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\majer\Data aplikací\SecuROM
[2013.03.06 00:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Skype
[2012.12.08 15:32:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Sun
[2013.04.05 22:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\vlc
[2012.07.03 10:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\WinRAR
[2012.12.09 12:45:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\majer\Data aplikací\Xilisoft
< %APPDATA%\*.exe /s >
[2012.11.03 19:31:27 | 001,897,024 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\FlexSave\CloseMsgAP.exe
[2012.11.03 19:31:26 | 003,299,904 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\FlexSave\FlexSave.exe
[2012.11.03 19:31:27 | 001,706,048 | ---- | M] () -- C:\Documents and Settings\majer\Data aplikací\FlexSave\Setup.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_21F3885A18D238E15AAE81.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_5820AE36D624D2041047F0.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_6FEFF9B68218417F98F549.exe
[2012.11.15 20:10:41 | 000,017,014 | R--- | M] () -- C:\Documents and Settings\majer\Data aplikací\Microsoft\Installer\{35A99221-DAF4-4769-880F-ECC57548FBCC}\_C31A92D1BB281EC8512D60.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.07.01 23:48:09 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.07.01 23:48:09 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.07.01 23:48:09 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.04.10 17:34:11 | 000,000,512 | ---- | M] () MD5=8A6970D0F0DB52AAEA311EC489642DF9 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.07.22 00:32:04 | 001,893,234 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\TrackMania\Cache\9DEC16AA03C05037C63F053C20CCE0E2_noppinator.45+crack+%2834%29+invisible+field.Day.LightMap.zip
[2012.07.22 14:00:21 | 001,635,656 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\TrackMania\Cache\C636F7B9A6B5A11605E7B0C4111E82FC_noppinator.45+crack+%2818%29+fast+ride.Day.LightMap.zip
[2012.07.21 22:30:24 | 000,031,568 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (04) check your limit.Replay.gbx
[2012.07.22 12:37:06 | 000,032,836 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (05) a taste of speed.Replay.gbx
[2012.07.22 12:24:38 | 000,032,442 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (08) deep falling.Replay.gbx
[2012.07.21 22:24:57 | 000,040,270 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (11) the big jump.Replay.gbx
[2012.07.22 12:58:57 | 000,029,345 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (13) night flight.Replay.gbx
[2012.07.22 13:34:38 | 000,028,936 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (18) fast ride.Replay.gbx
[2012.07.21 22:41:45 | 000,030,761 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (23) greenhorns.Replay.gbx
[2012.07.21 22:59:18 | 000,031,865 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (32) give me five.Replay.gbx
[2012.07.24 20:37:17 | 000,033,702 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (34) invisible field.Replay.gbx
[2012.07.21 23:42:44 | 000,033,478 | ---- | M] () -- \Documents and Settings\majer\Dokumenty\TrackMania\Tracks\Replays\Autosaves\majer_45 crack (39) snow blind.Replay.gbx
[2013.03.03 00:07:24 | 000,114,248 | ---- | M] () -- \Documents and Settings\majer\Plocha\RAW\Salsa crackers.odt
< *keygen* /s >
< *loader* /s >
[2013.01.16 18:18:47 | 000,020,813 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12169\FileLoader.dll
[2013.01.31 16:02:58 | 000,945,655 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12177\ggdownloader.dll
[2013.01.31 15:57:08 | 000,027,494 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12177\bbtalk\BTalkLoader.exe
[2013.02.07 13:13:02 | 000,020,929 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\GarenaMessenger\update\12184\FileLoader.dll
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.07.11 19:17:46 | 000,009,051 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.07.11 19:17:46 | 000,016,119 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.07.11 19:17:46 | 000,018,434 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.07.11 19:17:46 | 000,009,283 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.07.11 19:17:46 | 000,001,898 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.11.14 20:34:16 | 000,009,090 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2013.02.17 11:02:25 | 000,169,027 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader.log
[2012.12.29 17:12:44 | 000,153,103 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_install.txt
[2013.02.17 11:00:06 | 000,145,420 | ---- | M] () -- \Documents and Settings\majer\Data aplikací\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2012.12.05 16:41:10 | 000,000,920 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).err
[2012.12.05 18:44:58 | 000,001,224 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader(1).nast
[2012.07.22 18:35:03 | 000,009,694 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.err
[2012.07.21 13:55:01 | 000,001,000 | ---- | M] () -- \Documents and Settings\majer\Local Settings\Data aplikací\SRDownloader.nast
[2010.09.19 15:18:28 | 000,004,000 | ---- | M] () -- \Documents and Settings\majer\Plocha\minecraft\.minecraft server\src\PluginLoader.java
[2012.07.01 22:36:30 | 000,792,704 | ---- | M] () -- \Nová složka\amddriverdownloader.exe
[2012.11.30 17:31:20 | 000,933,536 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\lib\DVSVideoDownloader.dll
[2012.11.22 16:10:28 | 000,035,070 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\chrome\content\dvsyoutubedownloader.js
[2012.11.20 17:13:06 | 000,002,431 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\chrome\content\dvsyoutubedownloader.xul
[2012.11.20 17:13:06 | 000,000,931 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\dvsmenuext-ytvdownloader.png
[2012.11.20 17:13:06 | 000,001,757 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\dvsyoutubedownloader.css
[2012.11.20 17:13:06 | 000,002,796 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\youtube_mp3_downloader_32_32.png
[2012.11.20 17:13:06 | 000,002,641 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\youtube_video_downloader_32_32.png
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2012.11.30 15:33:30 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2012.11.30 15:33:30 | 002,439,816 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2012.11.16 02:15:32 | 000,000,974 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2012.11.14 20:34:16 | 000,009,090 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2012.11.14 20:34:16 | 000,006,210 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\hu-HU\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,005,120 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2012.11.30 15:33:20 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2013.02.07 11:11:17 | 000,051,504 | ---- | M] () -- \Program Files\Garena Plus\FileLoader.dll
[2013.01.30 10:26:41 | 002,941,232 | ---- | M] () -- \Program Files\Garena Plus\ggdownloader.dll
[2013.04.05 10:07:35 | 000,257,840 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\GarenaTalkLoader.exe
[2013.01.30 12:09:14 | 000,082,224 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\update\temp\restore\10094\BTalkLoader.exe
[2013.04.05 10:07:19 | 000,082,224 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\update\temp\restore\10095\BTalkLoader.exe
[2013.04.05 10:07:25 | 000,256,816 | ---- | M] () -- \Program Files\Garena Plus\bbtalk\update\temp\restore\10097\GarenaTalkLoader.exe
[2012.03.26 10:53:30 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2012.08.13 11:52:58 | 000,006,081 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2012.11.20 16:30:26 | 000,005,437 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2012.12.18 19:03:53 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 12:04:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012.12.18 19:04:03 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 11:12:36 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2003.09.26 09:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 15:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 15:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 15:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2012.02.16 15:44:38 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.0\deploy\assets\storeImages\layout\small_loader.gif
[2013.02.19 18:58:39 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.02.14 15:47:55 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.10 16:14:19 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 16:28:34 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.10 16:26:39 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
< End of report >
Re: Zasekaný PC
Znovu spustte OTLDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:otl
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzutAtN2Y1L1QzutDtDtC0F0DtDtD0ByE0FyC0E0Fzy0BtBtN0D0TzutBtDtCtBtDyBtDtA&cr=1391513730
IE - HKLM\..\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1659004503-1284227242-1417001333-1004\..\SearchScopes\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=^FV&apn_dtid=^YYYYYY^YY^CZ&apn_uid=864a6fb1-0316-408b-9f8c-636be8c3dafc&apn_sauid=4C00703F-313B-4225-8A24-BE6EF2331DDE
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Zasekaný PC
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: majer
->Temp folder emptied: 4805783 bytes
->Temporary Internet Files folder emptied: 7311758 bytes
->FireFox cache emptied: 389197508 bytes
->Flash cache emptied: 2718 bytes
User: NetworkService
->Temp folder emptied: 11168 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 293376 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7729022 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 47654615 bytes
Total Files Cleaned = 436,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: majer
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
C:\WINDOWS\system32\_000005_.tmp.dll moved successfully.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ not found.
HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 04112013_145112
Files\Folders moved on Reboot...
C:\WINDOWS\temp\MPENGINE.DLL moved successfully.
C:\WINDOWS\temp\offreg.dll moved successfully.
C:\WINDOWS\temp\TMP00000001EA050CF11B02780E moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: majer
->Temp folder emptied: 4805783 bytes
->Temporary Internet Files folder emptied: 7311758 bytes
->FireFox cache emptied: 389197508 bytes
->Flash cache emptied: 2718 bytes
User: NetworkService
->Temp folder emptied: 11168 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 293376 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7729022 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 47654615 bytes
Total Files Cleaned = 436,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: majer
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
C:\WINDOWS\system32\_000005_.tmp.dll moved successfully.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ not found.
HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27D3ED52-2034-C514-E59E-4A7B03F013EE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1659004503-1284227242-1417001333-1004\Software\Microsoft\Internet Explorer\SearchScopes\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC77AFCA-D689-4299-BD8E-38DAFA5D4414}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 04112013_145112
Files\Folders moved on Reboot...
C:\WINDOWS\temp\MPENGINE.DLL moved successfully.
C:\WINDOWS\temp\offreg.dll moved successfully.
C:\WINDOWS\temp\TMP00000001EA050CF11B02780E moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Zasekaný PC
Znovu spustte OTL a kliknete na napis Vycisti. Program po sobe uklidi.
Nastala nejaka zmena?Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Zasekaný PC
No psal jsem, že se mi PC zdá být v pořádku až na krátké občasné zpomalení internetu, takže těžko můžu zpozorovat nějakou změnu.
Re: Zasekaný PC
No ono zalezi, co to znamena "obcasne". Tak pc pozorujte a az budete vedet, ozvete se.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Zasekaný PC
Zdravím. Objevil se problém. Před pár dny ( problém trvá i teď ) se mi přestal otevírat Open Office. Nějak jsem to neřešil a pracoval v programu Microsoft Office ( který jsem měl od té doby zaplý až do dneška ), ale dnes se mi nechtěly spouštět i obyčejné složky a internet nechtěl načítat žádné stránky jako by vypadl a celkově se mi PC zdál nějaký zpomalenější. Tak mě napadlo PC restartovat, ale ještě před tím jsem Microsoft Office vypnul. Po vypnutí programu se všechny složky spustily i internet okamžitě naběhnul, ale Open Office se stále ne a ne spustit.
Přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by majer at 2013-05-07 19:02:00
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 119 GB (50%) free of 238 GB
Total RAM: 3070 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:09, on 7.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\majer\Plocha\RSIT(1).exe
C:\Program Files\trend micro\majer.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE"
O4 - HKLM\..\Run: [DLQLU] "C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE" /S
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\majer\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1173373177
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1175608281
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8463 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\majer\Data aplikací\Mozilla\Firefox\Profiles\k2wekq08.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-11 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-11 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-06-25 17887232]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"DLPSP"=C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [2010-06-01 886152]
"DLUPDR"=C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE [2010-06-01 566680]
"DLQLU"=C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [2010-06-01 1127744]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe [2012-10-08 692152]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Ralink Wireless Utility.lnk - C:\Program Files\Ralink\Common\RaUI.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Garena Plus\Room\garena_room.exe"="C:\Program Files\Garena Plus\Room\garena_room.exe:*:Disabled:Garena"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Riot Games\League of Legends\lol.launcher.exe"="C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:Play League of Legends"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2013-05-07 19:02:00 ----D---- C:\rsit
2013-04-19 22:27:58 ----D---- C:\Program Files\Firefly Studios
2013-04-17 18:42:16 ----D---- C:\Program Files\Common Files\Adobe
2013-04-17 18:42:16 ----D---- C:\Program Files\Adobe
2013-04-13 11:23:16 ----D---- C:\Program Files\Mozilla Firefox
2013-04-11 14:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2808735$
2013-04-11 14:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-04-11 14:50:35 ----D---- C:\30eee4d0f864b9dd12
2013-04-11 14:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-04-11 14:50:25 ----A---- C:\WINDOWS\imsins.BAK
2013-04-11 14:50:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2813170$
======List of files/folders modified in the last 1 month======
2013-05-07 19:02:09 ----D---- C:\WINDOWS\Prefetch
2013-05-07 19:02:09 ----D---- C:\Program Files\trend micro
2013-05-07 18:25:01 ----D---- C:\WINDOWS\system32
2013-05-07 18:25:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-07 18:23:41 ----D---- C:\WINDOWS\Temp
2013-05-07 16:34:12 ----D---- C:\Documents and Settings\majer\Data aplikací\vlc
2013-05-06 16:03:23 ----D---- C:\Documents and Settings\majer\Data aplikací\.minecraft
2013-05-04 21:56:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-04 19:15:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2013-05-02 17:28:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-05-01 18:40:19 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-01 17:38:08 ----SD---- C:\WINDOWS\Tasks
2013-04-24 22:03:08 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-19 22:27:58 ----RD---- C:\Program Files
2013-04-19 22:27:57 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-19 22:27:43 ----D---- C:\Program Files\Common Files\InstallShield
2013-04-19 18:09:34 ----SHD---- C:\WINDOWS\Installer
2013-04-19 18:09:34 ----SHD---- C:\Config.Msi
2013-04-17 18:44:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-04-17 18:42:16 ----D---- C:\Program Files\Common Files
2013-04-12 13:45:43 ----D---- C:\WINDOWS
2013-04-12 13:43:40 ----HD---- C:\WINDOWS\inf
2013-04-12 13:43:40 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-11 14:53:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-04-11 14:53:35 ----D---- C:\Program Files\Internet Explorer
2013-04-11 14:53:10 ----D---- C:\WINDOWS\system32\drivers\etc
2013-04-11 14:53:08 ----HD---- C:\WINDOWS\$hf_mig$
2013-04-11 14:53:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-04-11 14:50:44 ----D---- C:\WINDOWS\Debug
2013-04-11 14:50:37 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-07-03 242240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2012-07-02 21361]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-25 5095936]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-07-01 10604128]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2009-03-04 709248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-06-25 1684736]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-06-25 1389056]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-11-01 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-11-01 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RAPIProtocol;Ralink RAPI Protocol Driver; C:\WINDOWS\system32\DRIVERS\RAPIProtocol.sys [2008-08-07 16512]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DLPWD;Dell Printer Status Watcher; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [2009-10-16 116016]
R2 DLSDB;Dell Printer Status Database; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [2010-06-01 226696]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [2008-09-05 75040]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-13 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by majer at 2013-05-07 19:02:00
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 119 GB (50%) free of 238 GB
Total RAM: 3070 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:02:09, on 7.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\majer\Plocha\RSIT(1).exe
C:\Program Files\trend micro\majer.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE"
O4 - HKLM\..\Run: [DLQLU] "C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE" /S
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\majer\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 1173373177
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1175608281
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8463 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\majer\Data aplikací\Mozilla\Firefox\Profiles\k2wekq08.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-11 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-11 157672]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-06-25 17887232]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"DLPSP"=C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE [2010-06-01 886152]
"DLUPDR"=C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE [2010-06-01 566680]
"DLQLU"=C:\Program Files\Dell Printers\Additional Color Laser Software\Launcher\DLQLU.EXE [2010-06-01 1127744]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe [2012-10-08 692152]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Ralink Wireless Utility.lnk - C:\Program Files\Ralink\Common\RaUI.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Garena Plus\Room\garena_room.exe"="C:\Program Files\Garena Plus\Room\garena_room.exe:*:Disabled:Garena"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Riot Games\League of Legends\lol.launcher.exe"="C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:Play League of Legends"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======List of files/folders created in the last 1 month======
2013-05-07 19:02:00 ----D---- C:\rsit
2013-04-19 22:27:58 ----D---- C:\Program Files\Firefly Studios
2013-04-17 18:42:16 ----D---- C:\Program Files\Common Files\Adobe
2013-04-17 18:42:16 ----D---- C:\Program Files\Adobe
2013-04-13 11:23:16 ----D---- C:\Program Files\Mozilla Firefox
2013-04-11 14:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2808735$
2013-04-11 14:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-04-11 14:50:35 ----D---- C:\30eee4d0f864b9dd12
2013-04-11 14:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-04-11 14:50:25 ----A---- C:\WINDOWS\imsins.BAK
2013-04-11 14:50:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2813170$
======List of files/folders modified in the last 1 month======
2013-05-07 19:02:09 ----D---- C:\WINDOWS\Prefetch
2013-05-07 19:02:09 ----D---- C:\Program Files\trend micro
2013-05-07 18:25:01 ----D---- C:\WINDOWS\system32
2013-05-07 18:25:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-07 18:23:41 ----D---- C:\WINDOWS\Temp
2013-05-07 16:34:12 ----D---- C:\Documents and Settings\majer\Data aplikací\vlc
2013-05-06 16:03:23 ----D---- C:\Documents and Settings\majer\Data aplikací\.minecraft
2013-05-04 21:56:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-04 19:15:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2013-05-02 17:28:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-05-01 18:40:19 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-01 17:38:08 ----SD---- C:\WINDOWS\Tasks
2013-04-24 22:03:08 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-19 22:27:58 ----RD---- C:\Program Files
2013-04-19 22:27:57 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-19 22:27:43 ----D---- C:\Program Files\Common Files\InstallShield
2013-04-19 18:09:34 ----SHD---- C:\WINDOWS\Installer
2013-04-19 18:09:34 ----SHD---- C:\Config.Msi
2013-04-17 18:44:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-04-17 18:42:16 ----D---- C:\Program Files\Common Files
2013-04-12 13:45:43 ----D---- C:\WINDOWS
2013-04-12 13:43:40 ----HD---- C:\WINDOWS\inf
2013-04-12 13:43:40 ----D---- C:\WINDOWS\system32\CatRoot
2013-04-11 14:53:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-04-11 14:53:35 ----D---- C:\Program Files\Internet Explorer
2013-04-11 14:53:10 ----D---- C:\WINDOWS\system32\drivers\etc
2013-04-11 14:53:08 ----HD---- C:\WINDOWS\$hf_mig$
2013-04-11 14:53:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-04-11 14:50:44 ----D---- C:\WINDOWS\Debug
2013-04-11 14:50:37 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-07-03 242240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2012-07-02 21361]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-06-25 5095936]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-07-01 10604128]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2009-03-04 709248]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-06-25 1684736]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-06-25 1389056]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-11-01 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-11-01 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RAPIProtocol;Ralink RAPI Protocol Driver; C:\WINDOWS\system32\DRIVERS\RAPIProtocol.sys [2008-08-07 16512]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DLPWD;Dell Printer Status Watcher; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE [2009-10-16 116016]
R2 DLSDB;Dell Printer Status Database; C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [2010-06-01 226696]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe [2008-09-05 75040]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-13 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Zasekaný PC
Zdravím,
tvůj dosavadní poradce hlásí poruchu připojení, tak to chvíli zkusím já.
v logu pod Running processes: je s OpenOffice nějaký chaos, jsou zřejmě nabořené.
zkusil bych reinstal - přijdeš sice o všechna nastavení programu, ale pravděpodobně ti budou chodit
tvůj dosavadní poradce hlásí poruchu připojení, tak to chvíli zkusím já.
v logu pod Running processes: je s OpenOffice nějaký chaos, jsou zřejmě nabořené.zkusil bych reinstal - přijdeš sice o všechna nastavení programu, ale pravděpodobně ti budou chodit
Stáhni a nainstaluj
http://www.stahuj.centrum.cz/utility_a_ ... staller/?g
Odinstaluj program - C:\Program Files\OpenOffice.org 3
označ vše co najde a dej smazat (postupně přes "Další").
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Přispějete na provoz fóra?
