Po nějaké době jsem tu opět s prosbou o radu, PC je hrozně pomalé, neustále mi svítí kontrolka že disk pracuje, vše se otvírá pomalu a navíc poslední dobou začalo docházet místo na disku C, nic jsem však nestahoval. Poradíte ? Díky....
Log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by johanik at 2013-05-22 09:28:18
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 1 GB (3%) free of 50 GB
Total RAM: 1791 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:30:11, on 22.5.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
E:\PROGRA~1\AVG\AVG2013\avgrsx.exe
E:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
E:\Program Files\AVG\AVG2013\avgfws.exe
E:\Program Files\AVG\AVG2013\avgidsagent.exe
E:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
C:\WINDOWS\system32\HPSIsvc.exe
E:\Program Files\AVG\AVG2013\avgnsx.exe
E:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\Program Files\QipGuard\QipGuard.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\Synology\Assistant\UsbClientService.exe
C:\WINDOWS\system32\SearchIndexer.exe
E:\Program Files\AVG\AVG2013\avgcsrvx.exe
c:\program files\teamviewer\version8\TeamViewer.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Samsung\AllShare\AllShareAgent.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Synology Data Replicator 3\Backup.exe
C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\QIP 2010\qip.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
C:\Program Files\AVG Secure Search\vprot.exe
\Server\pohoda\Pohoda.exe
\Server\pohoda\StwPh.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
E:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
Z:\Dokumenty\Johanik\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\johanik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={8B038F24- ... 2012-10-08 09:08:36&v=12.2.5.34&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [Kerio VPN Client] "C:\Program Files\Kerio\VPN Client\kvpnclient.exe" /tryauto
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "E:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [Data Replicator 3] "C:\Program Files\Synology Data Replicator 3\Backup.exe" /MIN
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2010\qip.exe" /autorun
O4 - HKUS\S-1-5-21-515967899-1606980848-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: netuse.bat
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1526732593
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP LaserJet Professional M1210 MFP Series Receive Fax Service (HPM1210RcvFaxSrvc) - HP - C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: QipGuard - QIP.ru - C:\Program Files\QipGuard\QipGuard.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
O23 - Service: UsbClientService - Unknown owner - C:\Program Files\Synology\Assistant\UsbClientService.exe
O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
--
End of file - 16104 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\Synology Data Replicator 3-JOHANIK-johanik.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default
prefs.js - "browser.startup.homepage" - "http://www.johanik.cz/homep.htm"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\15.2.0.5
"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
stahuj@centrum.cz
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\searchplugins\
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-01-09 92232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2012-03-23 142288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll [2013-05-21 1991344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-05-30 4014280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll [2013-05-21 1991344]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-01-09 609864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"HPUsageTrackingLEDM"=C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"Kerio VPN Client"=C:\Program Files\Kerio\VPN Client\kvpnclient.exe [2008-01-16 2646016]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AllShareAgent"=C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-05-21 1226928]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"AVG_UI"=E:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-11-28 577536]
"Data Replicator 3"=C:\Program Files\Synology Data Replicator 3\Backup.exe [2011-02-22 11587584]
"QIP Internet Guardian"=C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe [2012-03-23 191440]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]
"Infium"=C:\Program Files\QIP 2010\qip.exe [2012-03-23 7351760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-11-02 59240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2008-08-26 536576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Whitney2_S2P]
C:\Program Files\Samsung\Samsung SCX-4725 Series\SPanel\RCP\Scan2pc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Backup Manager.lnk]
C:\PROGRA~1\BACKUP~1\BkupMgr.exe [2009-04-15 3697824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
C:\PROGRA~1\EDIMAX\Common\RaUI.exe [2007-12-14 716800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2
"CobianBackup10"=2
"cbVSCService"=2
"602XML Updater"=2
"WMPNetworkSvc"=3
"TeamViewer6"=2
"TeamViewer5"=2
"StarWindServiceAE"=2
"NVSvc"=2
"nSvcIp"=2
"NMIndexingService"=3
"NBService"=3
"MsMpSvc"=2
"McComponentHostService"=3
"LightScribeService"=2
"JavaQuickStarterService"=2
"idsvc"=3
"gupdatem"=3
"gupdate"=2
"ForceWare Intelligent Application Manager (IAM)"=2
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe
netuse.bat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe"="C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe:*:Enabled:Easy Wireless Net"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\NutsAboutNets\NetStress\NetStress.exe"="C:\Program Files\NutsAboutNets\NetStress\NetStress.exe:*:Enabled:NetStress"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\QIP 2010\qip.exe"="C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Printer Spooler"
"D:\ProductInst.exe"="D:\ProductInst.exe:*:Enabled:Advanced TCP/IP Port Installer"
"C:\Program Files\MiPony\MiPony.exe"="C:\Program Files\MiPony\MiPony.exe:*:Enabled:Mipony"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe:*:Enabled:Samsung AllShare Service"
"C:\Program Files\Samsung\AllShare\AllShare.exe"="C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:Samsung AllShare Player"
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe"="C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:Samsung AllShare Agent"
"C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Synology\Assistant\DSAssistant.exe"="C:\Program Files\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant"
"C:\Program Files\Synology Data Replicator 3\Backup.exe"="C:\Program Files\Synology Data Replicator 3\Backup.exe:*:Enabled:Data Replicator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"E:\Program Files\AVG\AVG2013\avgnsx.exe"="E:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Webový štít"
"E:\Program Files\AVG\AVG2013\avgdiagex.exe"="E:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostika 2013"
"E:\Program Files\AVG\AVG2013\avgmfapx.exe"="E:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG"
"E:\Program Files\AVG\AVG2013\avgemcx.exe"="E:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
======List of files/folders created in the last 1 month======
2013-05-22 09:28:18 ----D---- C:\rsit
2013-05-21 12:30:46 ----N---- C:\WINDOWS\system32\TURegOpt.exe
2013-05-21 12:29:32 ----D---- C:\Documents and Settings\johanik\Data aplikací\AVG
2013-05-21 12:27:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG
2013-05-21 12:26:46 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-05-21 08:22:39 ----D---- C:\AllShare
2013-05-21 08:18:15 ----D---- C:\Documents and Settings\johanik\Data aplikací\AVG2013
2013-05-21 08:15:28 ----D---- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
2013-05-21 08:13:32 ----HD---- C:\$AVG
2013-05-21 08:13:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG2013
2013-05-21 08:06:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2013-05-16 09:17:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-16 09:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-09 08:12:30 ----D---- C:\Documents and Settings\johanik\Data aplikací\WDC
2013-05-07 08:01:49 ----D---- C:\Program Files\Common Files\Java
2013-05-07 08:00:36 ----N---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-05-07 08:00:36 ----N---- C:\WINDOWS\system32\javaw.exe
2013-05-07 08:00:36 ----N---- C:\WINDOWS\system32\java.exe
2013-04-30 15:47:03 ----N---- C:\WINDOWS\system32\d3d9caps.dat
======List of files/folders modified in the last 1 month======
2013-05-22 09:28:52 ----D---- C:\Documents and Settings\johanik\Data aplikací\Skype
2013-05-22 09:28:37 ----D---- C:\WINDOWS\Prefetch
2013-05-22 09:28:29 ----D---- C:\Program Files\trend micro
2013-05-22 09:05:53 ----SHD---- C:\Config.Msi
2013-05-22 09:05:49 ----SHD---- C:\WINDOWS\Installer
2013-05-22 09:05:48 ----D---- C:\WINDOWS\system32
2013-05-22 09:01:33 ----D---- C:\WINDOWS\temp
2013-05-22 08:24:30 ----D---- C:\Documents and Settings\johanik\Data aplikací\Dropbox
2013-05-22 08:23:28 ----D---- C:\Temp
2013-05-22 08:17:24 ----SD---- C:\WINDOWS\Tasks
2013-05-21 19:19:49 ----D---- C:\WINDOWS\system32\cache
2013-05-21 19:19:28 ----D---- C:\Program Files\AVG Secure Search
2013-05-21 16:25:14 ----D---- C:\WINDOWS\repair
2013-05-21 16:04:47 ----D---- C:\WINDOWS\Registration
2013-05-21 14:22:51 ----N---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-21 14:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-21 14:17:51 ----D---- C:\WINDOWS
2013-05-21 14:16:47 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-05-21 13:54:00 ----D---- C:\WINDOWS\Debug
2013-05-21 12:30:53 ----D---- C:\WINDOWS\system32\config
2013-05-21 12:28:12 ----D---- C:\Program Files\AVG
2013-05-21 08:15:15 ----HD---- C:\WINDOWS\inf
2013-05-21 08:15:15 ----D---- C:\WINDOWS\system32\drivers
2013-05-21 08:14:14 ----D---- C:\WINDOWS\system32\CatRoot
2013-05-21 08:12:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-05-21 08:03:31 ----N---- C:\WINDOWS\wincmd.ini
2013-05-21 07:58:26 ----D---- C:\Qoobox
2013-05-16 09:46:54 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-16 09:46:53 ----RSD---- C:\WINDOWS\assembly
2013-05-16 09:27:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-05-16 09:25:30 ----D---- C:\Program Files\Internet Explorer
2013-05-16 09:24:55 ----D---- C:\WINDOWS\ie8updates
2013-05-16 09:22:35 ----D---- C:\WINDOWS\WinSxS
2013-05-16 09:17:32 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-16 09:02:08 ----N---- C:\WINDOWS\system32\MRT.exe
2013-05-15 11:26:53 ----N---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-07 09:46:01 ----D---- C:\Program Files\Samsung
2013-05-07 09:45:12 ----D---- C:\WINDOWS\twain_32
2013-05-07 08:01:49 ----D---- C:\Program Files\Common Files
2013-05-07 08:00:35 ----D---- C:\Program Files\Java
2013-05-07 06:22:16 ----N---- C:\WINDOWS\system32\mshtml.dll
2013-05-02 17:28:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-04-30 08:24:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2013-04-30 08:24:14 ----HD---- C:\Program Files\InstallShield Installation Information
2013-04-30 08:04:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-04-24 06:56:56 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2012-09-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2012-11-15 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-11-02 443448]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2012-10-02 159712]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2012-09-21 164832]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-05-05 21361]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 busenum;Synology Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\busenum.sys [2011-02-18 46304]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HP1210FAX;HP1210MFP FAX; C:\WINDOWS\System32\Drivers\HPM1210FAX.sys [2010-04-29 13824]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-01-16 65024]
R3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2010-04-29 17408]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-11-17 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-11-17 22016]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 aknit2iq;aknit2iq; C:\WINDOWS\system32\drivers\aknit2iq.sys []
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 catchme;catchme; \??\C:\DOCUME~1\johanik\LOCALS~1\Temp\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\WINDOWS\system32\DRIVERS\netaapl.sys [2011-08-02 18432]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2006-11-28 52800]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2008-01-15 459520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-08-02 42496]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avgfws;AVG Firewall; E:\Program Files\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; E:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; E:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe [2007-12-12 1347675]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2010-05-11 247352]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2010-04-30 99896]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2012-03-23 191440]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-05-30 3048136]
R2 SynoDrService;SynoDrService; C:\Program Files\Synology Data Replicator 3\SynoDrService.exe [2010-01-12 245760]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2012-08-23 1532280]
R2 UsbClientService;UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [2011-02-18 245760]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-04 181664]
S2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 821608]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S4 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-01-29 598016]
S4 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S4 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-01-29 163840]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Hrozně pomalý PC, úbytek místa na disku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Hrozně pomalý PC, úbytek místa na disku
Zdravim 
Odinstalujte AVG, jelikoz je v kolizi s MSE
Tohle C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění\netuse.bat znate 
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Odinstalujte AVG, jelikoz je v kolizi s MSE Tohle C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění\netuse.bat znate Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
- Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Prohledat
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Hrozně pomalý PC, úbytek místa na disku
AVG je pryč
Netuse.bat znám. to je v pořádku - nastavení LPT portu pro tískárnu
Log z Roguekiller
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : johanik [Práva správce]
Mód : Kontrola -- Datum : 05/22/2013 11:17:17
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
[SUSP PATH] QipGuard.exe -- C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe [-] -> SMAZÁNO [TermProc]
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-515967899-1606980848-682003330-1004[...]\Run : QIP Internet Guardian (C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p) [-] -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725025GLA380 +++++
--- User ---
[MBR] a27bb7c2750209a5930a2f416fca0627
[BSP] 8681f2178c3404f5ebda7c069c945a74 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 188465 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_05222013_02d1117.txt >>
RKreport[1]_S_05222013_02d1117.txt
ADWcleaner log
# AdwCleaner v2.301 - Log vytvooen 22/05/2013 v 11:18:03
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : johanik - JOHANIK
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\jetpack
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\OpenCandy
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\pdfforge
Složka Nalezeno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\APN
Složka Nalezeno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\AskToolbar
Složka Nalezeno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Babylon
Složka Nalezeno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Složka Nalezeno : C:\WINDOWS\TempDir
Soubor Nalezeno : C:\DOCUME~1\johanik\LOCALS~1\Temp\Uninstall.exe
Soubor Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
Soubor Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\searchplugins\qip-search.xml
Soubor Nalezeno : C:\user.js
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\pdfforge
Klíe Nalezeno : HKCU\Software\Search Settings
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\Software\pdfforge
Klíe Nalezeno : HKLM\Software\Search Settings
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={8B038F24-5CAC-4D99-9E19-D1685AC54955}&mid=346a0f04072d47d0851fd1502055033f-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=pd011&pr=sa&d=2012-10-08 09:08:36&v=12.2.5.34&sap=hp
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=nt_ss&affid=100489&mntrid=1c1f3662000000000000001966b1eacc
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\prefs.js
Nalezeno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
Nalezeno : user_pref("extensions.BabylonToolbar_i.hardId", "1c1f3662000000000000001966b1eacc");
Nalezeno : user_pref("extensions.BabylonToolbar_i.id", "1c1f3662000000000000001966b1eacc");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlDay", "15308");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.178:15:35");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Soubor : C:\Documents and Settings\venca\Data aplikací\Mozilla\Firefox\Profiles\q1yia8qb.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v16.0.912.75
Soubor : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [14911 octets] - [22/05/2013 11:18:03]
########## EOF - C:\AdwCleaner[R1].txt - [14972 octets] ##########
Netuse.bat znám. to je v pořádku - nastavení LPT portu pro tískárnu
Log z Roguekiller
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : johanik [Práva správce]
Mód : Kontrola -- Datum : 05/22/2013 11:17:17
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
[SUSP PATH] QipGuard.exe -- C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe [-] -> SMAZÁNO [TermProc]
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-515967899-1606980848-682003330-1004[...]\Run : QIP Internet Guardian (C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p) [-] -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725025GLA380 +++++
--- User ---
[MBR] a27bb7c2750209a5930a2f416fca0627
[BSP] 8681f2178c3404f5ebda7c069c945a74 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 188465 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_05222013_02d1117.txt >>
RKreport[1]_S_05222013_02d1117.txt
ADWcleaner log
# AdwCleaner v2.301 - Log vytvooen 22/05/2013 v 11:18:03
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : johanik - JOHANIK
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\jetpack
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\OpenCandy
Složka Nalezeno : C:\Documents and Settings\johanik\Data aplikací\pdfforge
Složka Nalezeno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\APN
Složka Nalezeno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\AskToolbar
Složka Nalezeno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Babylon
Složka Nalezeno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Složka Nalezeno : C:\WINDOWS\TempDir
Soubor Nalezeno : C:\DOCUME~1\johanik\LOCALS~1\Temp\Uninstall.exe
Soubor Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
Soubor Nalezeno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\searchplugins\qip-search.xml
Soubor Nalezeno : C:\user.js
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\pdfforge
Klíe Nalezeno : HKCU\Software\Search Settings
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\Software\pdfforge
Klíe Nalezeno : HKLM\Software\Search Settings
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={8B038F24-5CAC-4D99-9E19-D1685AC54955}&mid=346a0f04072d47d0851fd1502055033f-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=pd011&pr=sa&d=2012-10-08 09:08:36&v=12.2.5.34&sap=hp
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=nt_ss&affid=100489&mntrid=1c1f3662000000000000001966b1eacc
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\prefs.js
Nalezeno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
Nalezeno : user_pref("extensions.BabylonToolbar_i.hardId", "1c1f3662000000000000001966b1eacc");
Nalezeno : user_pref("extensions.BabylonToolbar_i.id", "1c1f3662000000000000001966b1eacc");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlDay", "15308");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.178:15:35");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Soubor : C:\Documents and Settings\venca\Data aplikací\Mozilla\Firefox\Profiles\q1yia8qb.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v16.0.912.75
Soubor : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [14911 octets] - [22/05/2013 11:18:03]
########## EOF - C:\AdwCleaner[R1].txt - [14972 octets] ##########
Re: Hrozně pomalý PC, úbytek místa na disku
Spustte znovu RogueKiller
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Smazat
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Hrozně pomalý PC, úbytek místa na disku
Takže provedeno...
První log - RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : johanik [Práva správce]
Mód : Odebrat -- Datum : 05/22/2013 19:30:15
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p) [-] -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725025GLA380 +++++
--- User ---
[MBR] a27bb7c2750209a5930a2f416fca0627
[BSP] 8681f2178c3404f5ebda7c069c945a74 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 188465 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_05222013_02d1930.txt >>
RKreport[1]_S_05222013_02d1117.txt ; RKreport[2]_S_05222013_02d1928.txt ; RKreport[3]_D_05222013_02d1930.txt
Druhý log...
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : johanik [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/22/2013 19:31:54
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[4]_H_05222013_02d1931.txt >>
RKreport[1]_S_05222013_02d1117.txt ; RKreport[2]_S_05222013_02d1928.txt ; RKreport[3]_D_05222013_02d1930.txt ; RKreport[4]_H_05222013_02d1931.txt
A ADWCLEANER
# AdwCleaner v2.301 - Log vytvooen 22/05/2013 v 19:43:38
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : johanik - JOHANIK
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Babylon
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\jetpack
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\OpenCandy
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\pdfforge
Složka Vymazáno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\APN
Složka Vymazáno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\AskToolbar
Složka Vymazáno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Babylon
Složka Vymazáno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Složka Vymazáno : C:\WINDOWS\TempDir
Soubor Vymazáno : C:\DOCUME~1\johanik\LOCALS~1\Temp\Uninstall.exe
Soubor Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
Soubor Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\searchplugins\qip-search.xml
Soubor Vymazáno : C:\user.js
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Klíe Vymazáno : HKCU\Software\APN
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\AskToolbar
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\pdfforge
Klíe Vymazáno : HKCU\Software\Search Settings
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\Software\APN
Klíe Vymazáno : HKLM\Software\AskToolbar
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\Software\pdfforge
Klíe Vymazáno : HKLM\Software\Search Settings
Klíe Vymazáno : HKLM\SOFTWARE\Software
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={8B038F24-5CAC-4D99-9E19-D1685AC54955}&mid=346a0f04072d47d0851fd1502055033f-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=pd011&pr=sa&d=2012-10-08 09:08:36&v=12.2.5.34&sap=hp --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=nt_ss&affid=100489&mntrid=1c1f3662000000000000001966b1eacc --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\prefs.js
C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\user.js ... Vymazáno !
Vymazáno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Vymazáno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Vymazáno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
Vymazáno : user_pref("extensions.BabylonToolbar_i.hardId", "1c1f3662000000000000001966b1eacc");
Vymazáno : user_pref("extensions.BabylonToolbar_i.id", "1c1f3662000000000000001966b1eacc");
Vymazáno : user_pref("extensions.BabylonToolbar_i.instlDay", "15308");
Vymazáno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Vymazáno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Vymazáno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Vymazáno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Vymazáno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Vymazáno : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.178:15:35");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Soubor : C:\Documents and Settings\venca\Data aplikací\Mozilla\Firefox\Profiles\q1yia8qb.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v16.0.912.75
Soubor : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [15042 octets] - [22/05/2013 11:18:03]
AdwCleaner[S1].txt - [14880 octets] - [22/05/2013 19:43:38]
########## EOF - C:\AdwCleaner[S1].txt - [14941 octets] ##########
První log - RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : johanik [Práva správce]
Mód : Odebrat -- Datum : 05/22/2013 19:30:15
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe /p) [-] -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HDP725025GLA380 +++++
--- User ---
[MBR] a27bb7c2750209a5930a2f416fca0627
[BSP] 8681f2178c3404f5ebda7c069c945a74 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 188465 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_05222013_02d1930.txt >>
RKreport[1]_S_05222013_02d1117.txt ; RKreport[2]_S_05222013_02d1928.txt ; RKreport[3]_D_05222013_02d1930.txt
Druhý log...
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : johanik [Práva správce]
Mód : Oprava HOSTS -- Datum : 05/22/2013 19:31:54
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
[DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll [x] -> ODEBRÁNO
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[4]_H_05222013_02d1931.txt >>
RKreport[1]_S_05222013_02d1117.txt ; RKreport[2]_S_05222013_02d1928.txt ; RKreport[3]_D_05222013_02d1930.txt ; RKreport[4]_H_05222013_02d1931.txt
A ADWCLEANER
# AdwCleaner v2.301 - Log vytvooen 22/05/2013 v 19:43:38
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : johanik - JOHANIK
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Babylon
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\jetpack
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\OpenCandy
Složka Vymazáno : C:\Documents and Settings\johanik\Data aplikací\pdfforge
Složka Vymazáno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\APN
Složka Vymazáno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\AskToolbar
Složka Vymazáno : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Babylon
Složka Vymazáno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Složka Vymazáno : C:\WINDOWS\TempDir
Soubor Vymazáno : C:\DOCUME~1\johanik\LOCALS~1\Temp\Uninstall.exe
Soubor Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
Soubor Vymazáno : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\searchplugins\qip-search.xml
Soubor Vymazáno : C:\user.js
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Klíe Vymazáno : HKCU\Software\APN
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\AskToolbar
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\pdfforge
Klíe Vymazáno : HKCU\Software\Search Settings
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\Software\APN
Klíe Vymazáno : HKLM\Software\AskToolbar
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Vymazáno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\Software\pdfforge
Klíe Vymazáno : HKLM\Software\Search Settings
Klíe Vymazáno : HKLM\SOFTWARE\Software
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v8.0.6001.18702
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={8B038F24-5CAC-4D99-9E19-D1685AC54955}&mid=346a0f04072d47d0851fd1502055033f-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=pd011&pr=sa&d=2012-10-08 09:08:36&v=12.2.5.34&sap=hp --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=nt_ss&affid=100489&mntrid=1c1f3662000000000000001966b1eacc --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\prefs.js
C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\user.js ... Vymazáno !
Vymazáno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Vymazáno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Vymazáno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100489");
Vymazáno : user_pref("extensions.BabylonToolbar_i.hardId", "1c1f3662000000000000001966b1eacc");
Vymazáno : user_pref("extensions.BabylonToolbar_i.id", "1c1f3662000000000000001966b1eacc");
Vymazáno : user_pref("extensions.BabylonToolbar_i.instlDay", "15308");
Vymazáno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Vymazáno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Vymazáno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Vymazáno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Vymazáno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Vymazáno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Vymazáno : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.178:15:35");
Vymazáno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Soubor : C:\Documents and Settings\venca\Data aplikací\Mozilla\Firefox\Profiles\q1yia8qb.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v16.0.912.75
Soubor : C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [15042 octets] - [22/05/2013 11:18:03]
AdwCleaner[S1].txt - [14880 octets] - [22/05/2013 19:43:38]
########## EOF - C:\AdwCleaner[S1].txt - [14941 octets] ##########
Re: Hrozně pomalý PC, úbytek místa na disku
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Hrozně pomalý PC, úbytek místa na disku
Děkuji a zde log z Combofix..
ComboFix 13-05-22.01 - johanik 23.05.2013 10:44:19.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.959 [GMT 2:00]
Spuštěný z: c:\documents and settings\johanik\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\5226e9e7dbf5814b.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\652d03b7edf78ba5.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\97fba100743ffa0a.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\b4bc2c6cd0f39b9f.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c3d7ba70fbae0884.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\SET1DB.tmp
c:\windows\system32\SET1DC.tmp
c:\windows\system32\SET1DD.tmp
c:\windows\system32\SET1E1.tmp
c:\windows\system32\SET1E2.tmp
c:\windows\system32\SET1E3.tmp
c:\windows\system32\SET1E5.tmp
c:\windows\system32\SET1E7.tmp
c:\windows\system32\SET1E9.tmp
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-23 do 2013-05-23 )))))))))))))))))))))))))))))))
.
.
2013-05-23 05:49 . 2013-05-23 05:49 60872 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\offreg.dll
2013-05-23 05:49 . 2013-05-23 05:49 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\MpKslc5d20a91.sys
2013-05-22 17:57 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\mpengine.dll
2013-05-22 07:28 . 2013-05-22 07:30 -------- d-----w- C:\rsit
2013-05-22 06:17 . 2013-05-22 06:17 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\McAfee
2013-05-21 12:32 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-21 10:29 . 2013-05-21 10:29 -------- d-----w- c:\documents and settings\johanik\Data aplikací\AVG
2013-05-21 10:27 . 2013-05-21 10:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2013-05-21 10:26 . 2013-05-21 10:26 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-05-21 06:22 . 2013-05-21 06:22 -------- d-----w- C:\AllShare
2013-05-21 06:15 . 2013-05-21 06:15 -------- d-----w- c:\documents and settings\johanik\Data aplikací\TuneUp Software
2013-05-21 06:06 . 2013-05-22 09:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-05-21 06:06 . 2013-05-22 09:06 -------- d-----w- c:\documents and settings\johanik\Local Settings\Data aplikací\Avg2013
2013-05-21 06:06 . 2013-05-21 06:06 -------- d-----w- c:\documents and settings\johanik\Local Settings\Data aplikací\MFAData
2013-05-10 07:57 . 2013-05-10 07:57 187456 ------w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-10 07:57 . 2013-05-10 07:57 187456 ------w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-05-09 06:12 . 2013-05-09 06:12 -------- d-----w- c:\documents and settings\johanik\Data aplikací\WDC
2013-05-07 06:01 . 2013-05-07 06:01 -------- d-----w- c:\program files\Common Files\Java
2013-05-07 06:00 . 2013-04-04 03:35 94112 ------w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 09:26 . 2012-04-16 05:51 692104 ------w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 09:26 . 2011-05-18 05:52 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 15:28 . 2010-11-16 07:43 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:26 . 2008-04-14 12:00 920064 ------w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2008-04-14 12:00 1876352 ------w- c:\windows\system32\win32k.sys
2013-03-11 06:49 . 2012-05-09 09:44 861088 ------w- c:\windows\system32\npDeployJava1.dll
2013-03-11 06:49 . 2010-05-04 05:53 782240 ------w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2008-04-14 12:00 293376 ------w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2008-04-14 12:00 2151936 ------w- c:\windows\system32\ntoskrnl.exe
2013-03-07 15:56 . 2008-04-14 08:06 2030592 ------w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:58 . 2009-05-05 07:21 2067456 ------w- c:\windows\system32\mstscax.dll
2013-04-12 06:43 . 2013-04-12 06:42 263064 ------w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2012-09-25 09:04 1875968 ------w- c:\documents and settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2012-09-25 09:04 1875968 ------w- c:\documents and settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2012-09-25 09:04 1875968 ------w- c:\documents and settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2012-11-28 577536]
"Data Replicator 3"="c:\program files\Synology Data Replicator 3\Backup.exe" [2011-02-22 11587584]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"Infium"="c:\program files\QIP 2010\qip.exe" [2012-03-23 7351760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"HPUsageTrackingLEDM"="c:\program files\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"Kerio VPN Client"="c:\program files\Kerio\VPN Client\kvpnclient.exe" [2008-01-16 2646016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AllShareAgent"="c:\program files\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2011-04-12 222776]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\johanik\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
netuse.bat [2009-5-6 30]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Backup Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Backup Manager.lnk
backup=c:\windows\pss\Backup Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-11-02 06:51 59240 ------w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-06-10 06:28 13758464 ------w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-11-22 08:40 16858112 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2008-08-26 18:40 536576 ------w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
"CobianBackup10"=2 (0x2)
"cbVSCService"=2 (0x2)
"602XML Updater"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"TeamViewer6"=2 (0x2)
"TeamViewer5"=2 (0x2)
"StarWindServiceAE"=2 (0x2)
"NVSvc"=2 (0x2)
"nSvcIp"=2 (0x2)
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"MsMpSvc"=2 (0x2)
"McComponentHostService"=3 (0x3)
"LightScribeService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"ForceWare Intelligent Application Manager (IAM)"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AnyDATA\\EasyWirelessNet\\EasyWirelessNet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\NutsAboutNets\\NetStress\\NetStress.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\QIP 2010\\qip.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\MiPony\\MiPony.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShareDMS\\AllShareDMS.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShare.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShareAgent.exe"=
"c:\\Documents and Settings\\johanik\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Synology\\Assistant\\DSAssistant.exe"=
"c:\\Program Files\\Synology Data Replicator 3\\Backup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9100:TCP"= 9100:TCP:Advanced TCP/IP Printer Port
"427:TCP"= 427:TCP:Advanced TCP/IP SLP Port
"161:TCP"= 161:TCP:Advanced TCP/IP SNMP Port
"808:TCP"= 808:TCP:Mipony
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 MpKslc5d20a91;MpKslc5d20a91;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\MpKslc5d20a91.sys [23.5.2013 7:49 29904]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fb_inet_server.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fb_inet_server.exe -s [?]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [15.10.2009 12:13 136192]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [11.5.2010 16:58 247352]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [3.11.2011 13:53 99896]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [9.1.2013 18:34 1324104]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [9.1.2013 18:36 795208]
R2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [30.11.2010 8:53 191440]
R2 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [12.1.2010 4:45 245760]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [5.2.2013 8:49 3574624]
R2 UsbClientService;UsbClientService;c:\program files\Synology\Assistant\UsbClientService.exe [18.2.2011 8:18 245760]
R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [18.2.2011 8:20 46304]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\drivers\HPM1210FAX.sys [8.11.2011 9:49 13824]
R3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [16.1.2008 10:58 65024]
R3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [8.11.2011 9:48 17408]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2.3.2012 17:00 25504]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30.5.2012 13:56 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [6.5.2009 12:08 93440]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [14.12.2012 12:58 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [21.3.2012 9:11 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [21.3.2012 9:11 100736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [5.2.2013 17:48 235216]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [10.3.2011 9:07 18432]
S3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\Samsung\AllShare\AllShareSlideShowService.exe [2.3.2012 17:00 27584]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [14.12.2012 12:58 181344]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLC5D20A91
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 09:26]
.
2013-05-23 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 10:11]
.
2013-05-23 c:\windows\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job
- c:\program files\Synology Data Replicator 3\Backup.exe [2011-02-22 02:14]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout s Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
FF - ProfilePath - c:\documents and settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.johanik.cz/homep.htm
FF - ExtSQL: !HIDDEN! 2009-09-02 09:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Badoo Desktop - c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
MSConfigStartUp-Whitney2_S2P - c:\program files\Samsung\Samsung SCX-4725 Series\SPanel\RCP\Scan2pc.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-23 10:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(820)
c:\windows\system32\nvLsp.dll
.
Celkový čas: 2013-05-23 10:51:56
ComboFix-quarantined-files.txt 2013-05-23 08:51
ComboFix2.txt 2011-09-14 14:12
.
Před spuštěním: 1 043 091 456
Po spuštění: 4 937 637 888
.
- - End Of File - - 1EF0E1309187107145FB1557D2068D44
ComboFix 13-05-22.01 - johanik 23.05.2013 10:44:19.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.959 [GMT 2:00]
Spuštěný z: c:\documents and settings\johanik\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\5226e9e7dbf5814b.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\652d03b7edf78ba5.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\97fba100743ffa0a.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\b4bc2c6cd0f39b9f.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c3d7ba70fbae0884.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\SET1DB.tmp
c:\windows\system32\SET1DC.tmp
c:\windows\system32\SET1DD.tmp
c:\windows\system32\SET1E1.tmp
c:\windows\system32\SET1E2.tmp
c:\windows\system32\SET1E3.tmp
c:\windows\system32\SET1E5.tmp
c:\windows\system32\SET1E7.tmp
c:\windows\system32\SET1E9.tmp
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-23 do 2013-05-23 )))))))))))))))))))))))))))))))
.
.
2013-05-23 05:49 . 2013-05-23 05:49 60872 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\offreg.dll
2013-05-23 05:49 . 2013-05-23 05:49 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\MpKslc5d20a91.sys
2013-05-22 17:57 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\mpengine.dll
2013-05-22 07:28 . 2013-05-22 07:30 -------- d-----w- C:\rsit
2013-05-22 06:17 . 2013-05-22 06:17 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\McAfee
2013-05-21 12:32 . 2013-05-13 06:19 7016152 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-21 10:29 . 2013-05-21 10:29 -------- d-----w- c:\documents and settings\johanik\Data aplikací\AVG
2013-05-21 10:27 . 2013-05-21 10:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG
2013-05-21 10:26 . 2013-05-21 10:26 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-05-21 06:22 . 2013-05-21 06:22 -------- d-----w- C:\AllShare
2013-05-21 06:15 . 2013-05-21 06:15 -------- d-----w- c:\documents and settings\johanik\Data aplikací\TuneUp Software
2013-05-21 06:06 . 2013-05-22 09:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-05-21 06:06 . 2013-05-22 09:06 -------- d-----w- c:\documents and settings\johanik\Local Settings\Data aplikací\Avg2013
2013-05-21 06:06 . 2013-05-21 06:06 -------- d-----w- c:\documents and settings\johanik\Local Settings\Data aplikací\MFAData
2013-05-10 07:57 . 2013-05-10 07:57 187456 ------w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-10 07:57 . 2013-05-10 07:57 187456 ------w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2013-05-09 06:12 . 2013-05-09 06:12 -------- d-----w- c:\documents and settings\johanik\Data aplikací\WDC
2013-05-07 06:01 . 2013-05-07 06:01 -------- d-----w- c:\program files\Common Files\Java
2013-05-07 06:00 . 2013-04-04 03:35 94112 ------w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 09:26 . 2012-04-16 05:51 692104 ------w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 09:26 . 2011-05-18 05:52 71048 ------w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-02 15:28 . 2010-11-16 07:43 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-16 22:26 . 2008-04-14 12:00 920064 ------w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2008-04-14 12:00 1876352 ------w- c:\windows\system32\win32k.sys
2013-03-11 06:49 . 2012-05-09 09:44 861088 ------w- c:\windows\system32\npDeployJava1.dll
2013-03-11 06:49 . 2010-05-04 05:53 782240 ------w- c:\windows\system32\deployJava1.dll
2013-03-08 08:36 . 2008-04-14 12:00 293376 ------w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2008-04-14 12:00 2151936 ------w- c:\windows\system32\ntoskrnl.exe
2013-03-07 15:56 . 2008-04-14 08:06 2030592 ------w- c:\windows\system32\ntkrnlpa.exe
2013-02-27 07:58 . 2009-05-05 07:21 2067456 ------w- c:\windows\system32\mstscax.dll
2013-04-12 06:43 . 2013-04-12 06:42 263064 ------w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2012-09-25 09:04 1875968 ------w- c:\documents and settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2012-09-25 09:04 1875968 ------w- c:\documents and settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2012-09-25 09:04 1875968 ------w- c:\documents and settings\johanik\Local Settings\Data aplikací\CloudStation\iconoverlay\IconOverlayDLLs\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ------w- c:\documents and settings\johanik\Data aplikací\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2012-11-28 577536]
"Data Replicator 3"="c:\program files\Synology Data Replicator 3\Backup.exe" [2011-02-22 11587584]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"Infium"="c:\program files\QIP 2010\qip.exe" [2012-03-23 7351760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2009-06-10 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"HPUsageTrackingLEDM"="c:\program files\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"Kerio VPN Client"="c:\program files\Kerio\VPN Client\kvpnclient.exe" [2008-01-16 2646016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AllShareAgent"="c:\program files\Samsung\AllShare\AllShareAgent.exe" [2012-03-01 285072]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2011-04-12 222776]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\johanik\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
netuse.bat [2009-5-6 30]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Backup Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Backup Manager.lnk
backup=c:\windows\pss\Backup Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-11-02 06:51 59240 ------w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-06-10 06:28 13758464 ------w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-11-22 08:40 16858112 ------r- c:\windows\RTHDCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2008-08-26 18:40 536576 ------w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
"CobianBackup10"=2 (0x2)
"cbVSCService"=2 (0x2)
"602XML Updater"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"TeamViewer6"=2 (0x2)
"TeamViewer5"=2 (0x2)
"StarWindServiceAE"=2 (0x2)
"NVSvc"=2 (0x2)
"nSvcIp"=2 (0x2)
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"MsMpSvc"=2 (0x2)
"McComponentHostService"=3 (0x3)
"LightScribeService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"ForceWare Intelligent Application Manager (IAM)"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AnyDATA\\EasyWirelessNet\\EasyWirelessNet.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\NutsAboutNets\\NetStress\\NetStress.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\QIP 2010\\qip.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\MiPony\\MiPony.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShareDMS\\AllShareDMS.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShare.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShareAgent.exe"=
"c:\\Documents and Settings\\johanik\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Synology\\Assistant\\DSAssistant.exe"=
"c:\\Program Files\\Synology Data Replicator 3\\Backup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9100:TCP"= 9100:TCP:Advanced TCP/IP Printer Port
"427:TCP"= 427:TCP:Advanced TCP/IP SLP Port
"161:TCP"= 161:TCP:Advanced TCP/IP SNMP Port
"808:TCP"= 808:TCP:Mipony
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 MpKslc5d20a91;MpKslc5d20a91;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{50747309-DFF1-47EF-AD75-8076112B0CB7}\MpKslc5d20a91.sys [23.5.2013 7:49 29904]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fb_inet_server.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fb_inet_server.exe -s [?]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [15.10.2009 12:13 136192]
R2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [11.5.2010 16:58 247352]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [3.11.2011 13:53 99896]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [9.1.2013 18:34 1324104]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [9.1.2013 18:36 795208]
R2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [30.11.2010 8:53 191440]
R2 SynoDrService;SynoDrService;c:\program files\Synology Data Replicator 3\SynoDrService.exe [12.1.2010 4:45 245760]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [5.2.2013 8:49 3574624]
R2 UsbClientService;UsbClientService;c:\program files\Synology\Assistant\UsbClientService.exe [18.2.2011 8:18 245760]
R3 busenum;Synology Virtual USB Hub;c:\windows\system32\drivers\busenum.sys [18.2.2011 8:20 46304]
R3 HP1210FAX;HP1210MFP FAX;c:\windows\system32\drivers\HPM1210FAX.sys [8.11.2011 9:49 13824]
R3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [16.1.2008 10:58 65024]
R3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [8.11.2011 9:48 17408]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2.3.2012 17:00 25504]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [30.5.2012 13:56 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [6.5.2009 12:08 93440]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [14.12.2012 12:58 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [21.3.2012 9:11 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [21.3.2012 9:11 100736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [5.2.2013 17:48 235216]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [10.3.2011 9:07 18432]
S3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\Samsung\AllShare\AllShareSlideShowService.exe [2.3.2012 17:00 27584]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [14.12.2012 12:58 181344]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLC5D20A91
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 09:26]
.
2013-05-23 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 10:11]
.
2013-05-23 c:\windows\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job
- c:\program files\Synology Data Replicator 3\Backup.exe [2011-02-22 02:14]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout s Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
FF - ProfilePath - c:\documents and settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.johanik.cz/homep.htm
FF - ExtSQL: !HIDDEN! 2009-09-02 09:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Badoo Desktop - c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.38.1042\Badoo.Desktop.exe
MSConfigStartUp-Whitney2_S2P - c:\program files\Samsung\Samsung SCX-4725 Series\SPanel\RCP\Scan2pc.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-23 10:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(820)
c:\windows\system32\nvLsp.dll
.
Celkový čas: 2013-05-23 10:51:56
ComboFix-quarantined-files.txt 2013-05-23 08:51
ComboFix2.txt 2011-09-14 14:12
.
Před spuštěním: 1 043 091 456
Po spuštění: 4 937 637 888
.
- - End Of File - - 1EF0E1309187107145FB1557D2068D44
Re: Hrozně pomalý PC, úbytek místa na disku
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Hrozně pomalý PC, úbytek místa na disku
log otl.txt
OTL logfile created on: 23.5.2013 11:45:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\johanik\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 0,42 Gb Available Physical Memory | 23,93% Memory free
3,60 Gb Paging File | 2,49 Gb Available in Paging File | 69,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 4,52 Gb Free Space | 9,25% Space Free | Partition Type: NTFS
Drive E: | 184,05 Gb Total Space | 94,30 Gb Free Space | 51,24% Space Free | Partition Type: NTFS
Drive Y: | 122,06 Gb Total Space | 76,09 Gb Free Space | 62,34% Space Free | Partition Type: NTFS
Drive Z: | 343,70 Gb Total Space | 298,89 Gb Free Space | 86,96% Space Free | Partition Type: NTFS
Computer Name: JOHANIK | User Name: johanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.05.23 11:41:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\johanik\Plocha\OTL.exe
PRC - [2013.05.17 08:46:04 | 017,178,384 | ---- | M] (STORMWARE s.r.o.) -- \\Server\pohoda\StwPh.exe
PRC - [2013.05.17 08:45:58 | 000,129,296 | ---- | M] (STORMWARE s.r.o.) -- \\Server\pohoda\Pohoda.exe
PRC - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.12 08:43:36 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012.11.28 07:24:24 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
PRC - [2012.03.23 17:55:44 | 007,351,760 | ---- | M] (QIP) -- C:\Program Files\QIP 2010\qip.exe
PRC - [2012.03.23 17:55:34 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files\QipGuard\QipGuard.exe
PRC - [2012.03.01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareAgent.exe
PRC - [2011.04.12 10:58:04 | 000,222,776 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\Print2PDF.exe
PRC - [2011.02.22 04:14:21 | 011,587,584 | ---- | M] (Synology Inc.) -- C:\Program Files\Synology Data Replicator 3\Backup.exe
PRC - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe
PRC - [2010.05.11 16:58:04 | 000,247,352 | ---- | M] (HP) -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
PRC - [2010.04.30 03:11:48 | 000,099,896 | R--- | M] (HP) -- C:\WINDOWS\system32\HPSIsvc.exe
PRC - [2010.01.12 04:45:36 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
PRC - [2009.10.15 12:13:50 | 000,136,192 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.12 01:05:04 | 001,347,675 | ---- | M] (The Firebird Project) -- C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.16 09:45:03 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013.05.16 09:26:52 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll
MOD - [2013.05.16 09:24:50 | 012,218,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f25e6d2eddfd5fc0bf0b8d0664a4a7d5\PresentationCore.ni.dll
MOD - [2013.05.16 09:24:31 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\7a988be08a38e064d76f9a6decdc4ed7\WindowsBase.ni.dll
MOD - [2013.05.16 09:22:37 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.05.15 11:26:50 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013.05.13 09:18:38 | 000,285,968 | R--- | M] () -- \\Server\pohoda\StwXML.dll
MOD - [2013.05.13 09:18:38 | 000,167,696 | R--- | M] () -- \\Server\pohoda\StwDataBox.dll
MOD - [2013.04.12 08:43:00 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.02.14 10:39:04 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013.02.14 10:38:53 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013.01.09 11:44:56 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2013.01.09 10:23:16 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.01.09 10:22:56 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013.01.09 10:21:34 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.01.09 10:21:20 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012.03.23 17:56:04 | 000,957,392 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\Social\Social.dll
MOD - [2012.03.23 17:56:00 | 001,641,936 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\MRA\mra.dll
MOD - [2012.03.23 17:56:00 | 000,049,104 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\MRA\pics.dll
MOD - [2012.03.23 17:55:56 | 002,524,112 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\InfICQ\inficq.dll
MOD - [2012.03.23 17:55:54 | 000,130,000 | ---- | M] () -- C:\Program Files\QIP 2010\Plugins\Win7Helper\Win7Helper.dll
MOD - [2012.03.23 17:55:52 | 000,175,056 | ---- | M] () -- C:\Program Files\QIP 2010\Plugins\ogorod\ogorod.dll
MOD - [2012.03.23 17:55:52 | 000,140,240 | ---- | M] () -- C:\Program Files\QIP 2010\Plugins\cards\cards.dll
MOD - [2012.03.23 17:55:46 | 004,660,176 | ---- | M] () -- C:\Program Files\QIP 2010\Core\voip.dll
MOD - [2011.10.05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.06.22 12:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe
MOD - [2010.12.02 02:13:18 | 000,214,528 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\Software602.dll
MOD - [2010.04.29 01:49:50 | 000,176,128 | R--- | M] () -- C:\WINDOWS\system32\m1210nwia.dll
MOD - [2010.04.29 01:49:50 | 000,167,936 | R--- | M] () -- C:\WINDOWS\system32\m1210wia.dll
MOD - [2010.04.29 01:49:50 | 000,081,920 | R--- | M] () -- C:\WINDOWS\system32\mvusbews.dll
MOD - [2010.03.31 13:17:54 | 000,794,624 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPM1210GC.DLL
MOD - [2010.03.31 12:50:34 | 002,363,392 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpm1210su.dll
MOD - [2010.03.31 12:50:14 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HPM1210PP.dll
MOD - [2010.03.31 12:50:12 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\HPM1210LM.DLL
MOD - [2010.01.12 04:45:36 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
MOD - [2009.10.15 12:13:48 | 000,964,096 | ---- | M] () -- C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
MOD - [2009.10.15 12:13:46 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\HPLaserJetService\HPTools.dll
MOD - [2009.06.10 08:29:34 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2009.05.05 15:02:10 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2009.05.05 15:02:07 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.26 14:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2008.09.29 14:09:36 | 000,532,480 | ---- | M] () -- C:\Program Files\Software602\Print2PDF\wc.dll
MOD - [2008.09.29 14:09:36 | 000,073,728 | ---- | M] () -- C:\Program Files\Software602\Print2PDF\wcs.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.01.22 12:07:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\SamFaxPort.dll
MOD - [2006.12.06 18:13:54 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.12.03 14:53:06 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2013.05.15 11:26:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.04.12 08:43:35 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.03.23 17:55:34 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2012.03.02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2010.05.11 16:58:04 | 000,247,352 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe -- (HPM1210RcvFaxSrvc)
SRV - [2010.04.30 03:11:48 | 000,099,896 | R--- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPSIsvc.exe -- (HPSIService)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.12 04:45:36 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Synology Data Replicator 3\SynoDrService.exe -- (SynoDrService)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Disabled | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.10.15 12:13:50 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008.01.29 12:25:10 | 000,598,016 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2008.01.29 12:24:46 | 000,163,840 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2007.12.12 01:05:04 | 001,347,675 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe -- (FirebirdServerDefaultInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\johanik\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag76psv6)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.11.02 09:59:27 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011.08.02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.02.18 08:20:08 | 000,046,304 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\busenum.sys -- (busenum)
DRV - [2010.04.29 01:49:50 | 000,017,408 | R--- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mvusbews.sys -- (mvusbews)
DRV - [2010.04.29 01:49:50 | 000,013,824 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPM1210FAX.sys -- (HP1210FAX)
DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.01.16 10:58:58 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2008.01.15 21:50:50 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007.11.27 14:06:42 | 004,630,016 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.11.17 09:43:56 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.11.17 09:43:46 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.10.12 09:53:10 | 000,013,312 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.11.28 22:46:28 | 000,052,800 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006.10.23 03:36:38 | 000,093,440 | ---- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adusbser.sys -- (adusbser)
DRV - [2006.08.16 18:45:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\InprocServer32 File not found
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{0D09B36E-FC6E-43AF-8C89-592E439B817D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.johanik.cz/homep.htm"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.07 08:58:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.04.15 13:10:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.02.19 09:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.12 08:43:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.17 07:50:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.04.15 13:10:59 | 000,000,000 | ---D | M]
[2009.05.06 12:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Extensions
[2013.05.22 19:44:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions
[2010.06.30 08:05:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.02.27 09:34:57 | 000,350,538 | ---- | M] () (No name found) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\coupon.checker@kodyrabatowe.pl.xpi
[2013.04.12 08:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.05.23 10:59:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 08:42:38 | 000,000,000 | ---D | M] (Stahuj.cz) -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2013.05.23 10:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.23 10:59:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 08:43:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.20 10:13:16 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.20 10:13:16 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.14 08:45:11 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2013.02.20 10:13:16 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.20 10:13:16 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.20 10:13:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\johanik\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\johanik\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.13.2.0_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 602XML Filler (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npfiller.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
O1 HOSTS File: ([2013.05.23 10:49:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Kerio VPN Client] C:\Program Files\Kerio\VPN Client\kvpnclient.exe (Kerio Technologies)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKU\S-1-5-21-515967899-1606980848-682003330-1004..\Run: [Data Replicator 3] C:\Program Files\Synology Data Replicator 3\Backup.exe (Synology Inc.)
O4 - HKU\S-1-5-21-515967899-1606980848-682003330-1004..\Run: [Infium] C:\Program Files\QIP 2010\qip.exe (QIP)
O4 - HKU\S-1-5-21-515967899-1606980848-682003330-1004..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění\Dropbox.lnk = C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění\netuse.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Stáhnout s Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1526732593 (WUWebControl Class)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0 (Active602XMLFiller Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D81FBE31-4DB9-4A41-B2CD-EDD1FC61FA78}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.05 09:24:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.05.23 11:44:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\johanik\Plocha\OTL.exe
[2013.05.23 10:41:54 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.05.23 10:39:48 | 005,069,782 | R--- | C] (Swearware) -- C:\Documents and Settings\johanik\Plocha\ComboFix.exe
[2013.05.22 11:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Plocha\RK_Quarantine
[2013.05.22 09:28:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.22 08:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\McAfee
[2013.05.21 14:10:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\johanik\Recent
[2013.05.21 12:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Data aplikací\AVG
[2013.05.21 12:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.05.21 12:26:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.05.21 08:22:39 | 000,000,000 | ---D | C] -- C:\AllShare
[2013.05.21 08:15:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
[2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData
[2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013
[2013.05.20 08:00:21 | 000,000,000 | ---D | C] -- Z:\Dokumenty\Johanik\stazeno
[2013.05.20 07:59:22 | 000,000,000 | ---D | C] -- Z:\Dokumenty\Johanik\Skeny
[2 Z:\Dokumenty\Johanik\*.tmp files -> Z:\Dokumenty\Johanik\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.05.23 11:48:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.23 11:41:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\johanik\Plocha\OTL.exe
[2013.05.23 11:26:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.23 11:07:30 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.05.23 11:01:44 | 000,461,932 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.05.23 11:01:44 | 000,444,108 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.23 11:01:44 | 000,092,630 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.05.23 11:01:44 | 000,072,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.23 10:57:59 | 000,160,101 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.05.23 10:57:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.23 10:49:45 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.05.23 10:37:30 | 005,069,782 | R--- | M] (Swearware) -- C:\Documents and Settings\johanik\Plocha\ComboFix.exe
[2013.05.23 08:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Synology Data Replicator 3-JOHANIK-johanik.job
[2013.05.23 08:10:25 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ekonomický systém POHODA 2013 (síťový klient) Komplet.lnk
[2013.05.22 11:07:14 | 000,632,031 | ---- | M] () -- C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
[2013.05.21 14:10:30 | 000,022,024 | ---- | M] () -- Z:\Dokumenty\Johanik\cc_20130521_141046.reg
[2013.05.21 11:06:41 | 000,031,014 | ---- | M] () -- C:\Documents and Settings\johanik\Plocha\Faktura Deepak.pdf
[2013.05.21 08:03:31 | 000,003,283 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.05.20 11:33:57 | 000,066,403 | ---- | M] () -- C:\Documents and Settings\johanik\Plocha\daryl.JPG
[2013.05.20 07:51:50 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.16 12:21:14 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2 Z:\Dokumenty\Johanik\*.tmp files -> Z:\Dokumenty\Johanik\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.23 08:10:25 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ekonomický systém POHODA 2013 (síťový klient) Komplet.lnk
[2013.05.22 11:16:40 | 000,632,031 | ---- | C] () -- C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
[2013.05.21 14:15:07 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\Synology Data Replicator 3-JOHANIK-johanik.job
[2013.05.21 14:10:20 | 000,022,024 | ---- | C] () -- Z:\Dokumenty\Johanik\cc_20130521_141046.reg
[2013.05.21 11:05:12 | 000,031,014 | ---- | C] () -- C:\Documents and Settings\johanik\Plocha\Faktura Deepak.pdf
[2013.05.20 11:33:57 | 000,066,403 | ---- | C] () -- C:\Documents and Settings\johanik\Plocha\daryl.JPG
[2013.04.30 15:47:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.01.10 13:38:28 | 000,418,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.02.16 08:48:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.11.08 09:49:00 | 000,013,824 | R--- | C] () -- C:\WINDOWS\System32\drivers\HPM1210FAX.sys
[2011.11.08 09:48:56 | 000,167,936 | R--- | C] () -- C:\WINDOWS\System32\m1210wia.dll
[2011.11.08 09:48:51 | 000,081,920 | R--- | C] () -- C:\WINDOWS\System32\mvusbews.dll
[2011.11.03 14:00:35 | 000,048,128 | R--- | C] () -- C:\WINDOWS\System32\HPM1210SMs.dll
[2011.11.03 14:00:34 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\HPM1210SM.exe
[2011.11.03 14:00:33 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\HPM1210LM.DLL
[2011.11.03 14:00:27 | 000,176,128 | R--- | C] () -- C:\WINDOWS\System32\m1210nwia.dll
[2011.11.03 13:52:34 | 000,284,672 | ---- | C] () -- C:\WINDOWS\System32\mvhlewsi.DLL
[2011.09.14 16:03:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.09.14 16:03:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.11 10:13:50 | 000,010,354 | ---- | C] () -- C:\Documents and Settings\johanik\Data aplikací\SmarThruOptions.xml
[2011.07.11 10:13:29 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\SamFaxPort.dll
[2011.06.08 11:39:13 | 000,317,952 | R--- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2011.06.08 11:39:13 | 000,145,920 | R--- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2010.08.19 10:22:29 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\johanik\jansretr.pfx
[2009.05.22 11:12:46 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.05 15:17:29 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\fusioncache.dat
[2009.05.05 10:50:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\johanik\Data aplikací\AVSDVDPlayer.m3u
========== ZeroAccess Check ==========
[2009.05.05 10:00:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.03.03 01:11:23 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.01.27 14:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Atlas consulting
[2013.05.21 12:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.03.11 11:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Badoo
[2012.10.08 09:07:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.11.02 10:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.07 08:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.01.26 09:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
[2013.05.22 11:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.04.15 15:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.04.15 13:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2010.01.07 09:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.11.05 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2013.04.30 08:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2010.11.05 11:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SITEguard
[2010.11.05 13:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\STOPzilla!
[2012.10.29 09:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.07.27 11:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tyre
[2013.02.19 09:07:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.05.21 12:26:46 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012.07.11 09:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602Installer
[2012.10.09 09:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602XML
[2012.01.27 14:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Atlas consulting
[2013.05.21 12:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\AVG
[2012.02.20 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\BOM
[2011.11.10 11:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DAEMON Tools Lite
[2011.10.06 08:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Daňová kancelář
[2011.10.06 08:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\dkabscnv
[2013.05.23 10:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Dropbox
[2012.11.30 09:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DTEG
[2012.06.01 08:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\ElevatedDiagnostics
[2012.01.26 09:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kastner software
[2011.12.15 09:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kerio
[2011.11.03 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Marvell
[2011.12.05 13:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Mipony
[2010.04.15 15:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia
[2010.04.15 15:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia Ovi Suite
[2012.05.09 11:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Oracle
[2010.06.08 08:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PC Suite
[2013.03.11 10:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Architect
[2012.06.04 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Writer
[2011.12.20 08:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QIP
[2012.10.30 09:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QipGuard
[2012.09.03 10:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Samsung
[2011.07.11 10:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\SmarThru4
[2013.03.01 09:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Software602
[2011.10.06 09:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TeamViewer
[2012.03.21 09:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Telefónica Móviles
[2013.05.21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
[2011.08.03 07:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Tyre
[2013.05.09 08:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\WDC
[2012.01.23 11:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Desktop Search
[2012.01.25 10:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Search
[2009.10.21 12:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\XnView
[2012.08.09 11:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Samsung
[2012.10.31 11:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\venca\Data aplikací\Kerio
[2012.10.31 11:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\venca\Data aplikací\Windows Desktop Search
[2013.04.16 11:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Věra\Data aplikací\Kerio
[2013.04.16 11:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Věra\Data aplikací\Windows Desktop Search
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.05.05 09:23:18 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.05.05 09:29:26 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.04.16 07:51:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.02.27 09:53:49 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.05.21 14:15:07 | 000,000,290 | ---- | C] () -- C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.12.03 09:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GenesysLogic
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.07.11 09:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602Installer
[2012.10.09 09:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602XML
[2011.03.30 08:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Adobe
[2009.06.12 09:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Ahead
[2011.11.16 11:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Apple Computer
[2012.01.27 14:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Atlas consulting
[2013.05.21 12:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\AVG
[2012.02.20 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\BOM
[2011.11.10 11:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DAEMON Tools Lite
[2011.10.06 08:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Daňová kancelář
[2011.10.06 08:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\dkabscnv
[2013.05.23 10:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Dropbox
[2012.11.30 09:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DTEG
[2010.05.21 12:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\dvdcss
[2012.06.01 08:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\ElevatedDiagnostics
[2011.07.27 11:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Google
[2010.04.15 15:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Help
[2011.11.03 13:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\HP
[2009.05.05 09:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Identities
[2009.05.05 09:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\InstallShield
[2012.01.26 09:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kastner software
[2011.12.15 09:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kerio
[2009.05.06 14:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Macromedia
[2010.11.10 09:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Malwarebytes
[2011.11.03 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Marvell
[2013.01.10 09:49:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\johanik\Data aplikací\Microsoft
[2011.12.05 13:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Mipony
[2009.12.05 17:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Motive
[2009.05.06 12:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Mozilla
[2010.04.15 15:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia
[2010.04.15 15:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia Ovi Suite
[2012.05.09 11:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Oracle
[2010.06.08 08:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PC Suite
[2013.03.11 10:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Architect
[2012.06.04 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Writer
[2011.12.20 08:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QIP
[2012.10.30 09:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QipGuard
[2012.09.03 10:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Samsung
[2013.05.23 12:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Skype
[2011.07.13 12:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\skypePM
[2011.07.11 10:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\SmarThru4
[2013.03.01 09:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Software602
[2009.05.05 09:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Sun
[2011.10.06 09:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TeamViewer
[2012.03.21 09:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Telefónica Móviles
[2013.05.21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
[2011.08.03 07:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Tyre
[2013.05.09 08:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\WDC
[2012.01.23 11:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Desktop Search
[2012.01.25 10:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Search
[2009.10.21 12:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\XnView
< %APPDATA%\*.exe /s >
[2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe
[2013.03.12 09:06:32 | 000,206,904 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2012.08.27 06:21:14 | 000,874,384 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe
[2012.08.27 06:21:24 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Uninstall.exe
[2013.03.26 10:00:16 | 016,929,432 | ---- | M] (KASTNER software s.r.o. ) -- C:\Documents and Settings\johanik\Data aplikací\Kastner software\Form Studio CZ\Update\Prg03\fsupd.exe
[2010.09.03 12:36:31 | 068,725,024 | ---- | M] () -- C:\Documents and Settings\johanik\Data aplikací\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
[2012.03.23 17:55:34 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe
[2012.10.22 09:22:09 | 000,060,888 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AdminDelegator.exe
[2012.10.22 09:22:10 | 000,088,024 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.10.22 09:22:19 | 000,077,264 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.10.22 09:22:28 | 000,843,208 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.12.03 16:35:20 | 000,601,528 | ---- | M] (ml) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.12.20 11:44:36 | 000,602,120 | ---- | M] (ml) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2006.12.01 10:13:48 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\johanik\Data aplikací\Tyre\appstop.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.05.23 11:26:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.05.23 11:07:30 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.05.23 08:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.11.02 09:59:27 | 000,443,448 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.05.05 11:13:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.05.05 11:13:04 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.05.05 11:13:04 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.05.23 10:57:59 | 000,160,101 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.05.23 11:01:44 | 000,092,630 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.05.23 11:01:44 | 000,072,366 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.05.23 11:01:44 | 000,461,932 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.05.23 11:01:44 | 000,444,108 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.05.23 11:01:44 | 001,087,392 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"KiesAirMessage" = C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup -- [2012.11.28 07:24:24 | 000,577,536 | ---- | M] (Samsung Electronics)
"Data Replicator 3" = "C:\Program Files\Synology Data Replicator 3\Backup.exe" /MIN -- [2011.02.22 04:14:21 | 011,587,584 | ---- | M] (Synology Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"Infium" = "C:\Program Files\QIP 2010\qip.exe" /autorun -- [2012.03.23 17:55:44 | 007,351,760 | ---- | M] (QIP)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.04.12 08:43:36 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=6F5386A655598F71BAAB2D6B63A69D6A -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.01.05 11:48:46 | 001,047,024 | ---- | M] (Google Inc.) MD5=E5C93E2CF6C7B903799CF99F71286E1A -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.23 11:48:55 | 000,000,512 | ---- | M] () MD5=A27BB7C2750209A5930A2F416FCA0627 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
OTL logfile created on: 23.5.2013 11:45:42 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\johanik\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,75 Gb Total Physical Memory | 0,42 Gb Available Physical Memory | 23,93% Memory free
3,60 Gb Paging File | 2,49 Gb Available in Paging File | 69,09% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 4,52 Gb Free Space | 9,25% Space Free | Partition Type: NTFS
Drive E: | 184,05 Gb Total Space | 94,30 Gb Free Space | 51,24% Space Free | Partition Type: NTFS
Drive Y: | 122,06 Gb Total Space | 76,09 Gb Free Space | 62,34% Space Free | Partition Type: NTFS
Drive Z: | 343,70 Gb Total Space | 298,89 Gb Free Space | 86,96% Space Free | Partition Type: NTFS
Computer Name: JOHANIK | User Name: johanik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.05.23 11:41:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\johanik\Plocha\OTL.exe
PRC - [2013.05.17 08:46:04 | 017,178,384 | ---- | M] (STORMWARE s.r.o.) -- \\Server\pohoda\StwPh.exe
PRC - [2013.05.17 08:45:58 | 000,129,296 | ---- | M] (STORMWARE s.r.o.) -- \\Server\pohoda\Pohoda.exe
PRC - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.12 08:43:36 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2012.11.28 07:24:24 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
PRC - [2012.03.23 17:55:44 | 007,351,760 | ---- | M] (QIP) -- C:\Program Files\QIP 2010\qip.exe
PRC - [2012.03.23 17:55:34 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Program Files\QipGuard\QipGuard.exe
PRC - [2012.03.01 23:59:26 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareAgent.exe
PRC - [2011.04.12 10:58:04 | 000,222,776 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\Print2PDF.exe
PRC - [2011.02.22 04:14:21 | 011,587,584 | ---- | M] (Synology Inc.) -- C:\Program Files\Synology Data Replicator 3\Backup.exe
PRC - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe
PRC - [2010.05.11 16:58:04 | 000,247,352 | ---- | M] (HP) -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
PRC - [2010.04.30 03:11:48 | 000,099,896 | R--- | M] (HP) -- C:\WINDOWS\system32\HPSIsvc.exe
PRC - [2010.01.12 04:45:36 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
PRC - [2009.10.15 12:13:50 | 000,136,192 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.12 01:05:04 | 001,347,675 | ---- | M] (The Firebird Project) -- C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.16 09:45:03 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013.05.16 09:26:52 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll
MOD - [2013.05.16 09:24:50 | 012,218,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f25e6d2eddfd5fc0bf0b8d0664a4a7d5\PresentationCore.ni.dll
MOD - [2013.05.16 09:24:31 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\7a988be08a38e064d76f9a6decdc4ed7\WindowsBase.ni.dll
MOD - [2013.05.16 09:22:37 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.05.15 11:26:50 | 016,033,160 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013.05.13 09:18:38 | 000,285,968 | R--- | M] () -- \\Server\pohoda\StwXML.dll
MOD - [2013.05.13 09:18:38 | 000,167,696 | R--- | M] () -- \\Server\pohoda\StwDataBox.dll
MOD - [2013.04.12 08:43:00 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.02.14 10:39:04 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013.02.14 10:38:53 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013.01.09 11:44:56 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2013.01.09 10:23:16 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.01.09 10:22:56 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013.01.09 10:21:34 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.01.09 10:21:20 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012.03.23 17:56:04 | 000,957,392 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\Social\Social.dll
MOD - [2012.03.23 17:56:00 | 001,641,936 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\MRA\mra.dll
MOD - [2012.03.23 17:56:00 | 000,049,104 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\MRA\pics.dll
MOD - [2012.03.23 17:55:56 | 002,524,112 | ---- | M] () -- C:\Program Files\QIP 2010\Protos\InfICQ\inficq.dll
MOD - [2012.03.23 17:55:54 | 000,130,000 | ---- | M] () -- C:\Program Files\QIP 2010\Plugins\Win7Helper\Win7Helper.dll
MOD - [2012.03.23 17:55:52 | 000,175,056 | ---- | M] () -- C:\Program Files\QIP 2010\Plugins\ogorod\ogorod.dll
MOD - [2012.03.23 17:55:52 | 000,140,240 | ---- | M] () -- C:\Program Files\QIP 2010\Plugins\cards\cards.dll
MOD - [2012.03.23 17:55:46 | 004,660,176 | ---- | M] () -- C:\Program Files\QIP 2010\Core\voip.dll
MOD - [2011.10.05 04:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.06.22 12:46:12 | 000,434,016 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
MOD - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology\Assistant\UsbClientService.exe
MOD - [2010.12.02 02:13:18 | 000,214,528 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\Software602.dll
MOD - [2010.04.29 01:49:50 | 000,176,128 | R--- | M] () -- C:\WINDOWS\system32\m1210nwia.dll
MOD - [2010.04.29 01:49:50 | 000,167,936 | R--- | M] () -- C:\WINDOWS\system32\m1210wia.dll
MOD - [2010.04.29 01:49:50 | 000,081,920 | R--- | M] () -- C:\WINDOWS\system32\mvusbews.dll
MOD - [2010.03.31 13:17:54 | 000,794,624 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HPM1210GC.DLL
MOD - [2010.03.31 12:50:34 | 002,363,392 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpm1210su.dll
MOD - [2010.03.31 12:50:14 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HPM1210PP.dll
MOD - [2010.03.31 12:50:12 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\HPM1210LM.DLL
MOD - [2010.01.12 04:45:36 | 000,245,760 | ---- | M] () -- C:\Program Files\Synology Data Replicator 3\SynoDrService.exe
MOD - [2009.10.15 12:13:48 | 000,964,096 | ---- | M] () -- C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
MOD - [2009.10.15 12:13:46 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\HPLaserJetService\HPTools.dll
MOD - [2009.06.10 08:29:34 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2009.05.05 15:02:10 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2009.05.05 15:02:07 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.26 14:46:56 | 000,064,344 | ---- | M] () -- C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
MOD - [2008.09.29 14:09:36 | 000,532,480 | ---- | M] () -- C:\Program Files\Software602\Print2PDF\wc.dll
MOD - [2008.09.29 14:09:36 | 000,073,728 | ---- | M] () -- C:\Program Files\Software602\Print2PDF\wcs.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.01.22 12:07:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\SamFaxPort.dll
MOD - [2006.12.06 18:13:54 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.12.03 14:53:06 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2013.05.15 11:26:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.14 13:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.04.12 08:43:35 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.03.23 17:55:34 | 000,191,440 | ---- | M] (QIP.ru) [Auto | Running] -- C:\Program Files\QipGuard\QipGuard.exe -- (QipGuard)
SRV - [2012.03.02 17:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 17:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2010.05.11 16:58:04 | 000,247,352 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe -- (HPM1210RcvFaxSrvc)
SRV - [2010.04.30 03:11:48 | 000,099,896 | R--- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPSIsvc.exe -- (HPSIService)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.12 04:45:36 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Synology Data Replicator 3\SynoDrService.exe -- (SynoDrService)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Disabled | Stopped] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.10.15 12:13:50 | 000,136,192 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2008.01.29 12:25:10 | 000,598,016 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2008.01.29 12:24:46 | 000,163,840 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2007.12.12 01:05:04 | 001,347,675 | ---- | M] (The Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_1_5\bin\fb_inet_server.exe -- (FirebirdServerDefaultInstance)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\johanik\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag76psv6)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.11.02 09:59:27 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011.08.02 17:38:44 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2011.02.18 08:20:08 | 000,046,304 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\busenum.sys -- (busenum)
DRV - [2010.04.29 01:49:50 | 000,017,408 | R--- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mvusbews.sys -- (mvusbews)
DRV - [2010.04.29 01:49:50 | 000,013,824 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPM1210FAX.sys -- (HP1210FAX)
DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.01.16 10:58:58 | 000,065,024 | ---- | M] (Kerio Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kvpndrv.sys -- (kvpndev)
DRV - [2008.01.15 21:50:50 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007.11.27 14:06:42 | 004,630,016 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.11.17 09:43:56 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.11.17 09:43:46 | 000,054,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007.10.12 09:53:10 | 000,013,312 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.11.28 22:46:28 | 000,052,800 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2006.10.23 03:36:38 | 000,093,440 | ---- | M] (AnyDATA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\adusbser.sys -- (adusbser)
DRV - [2006.08.16 18:45:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2001.08.17 23:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\InprocServer32 File not found
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{0D09B36E-FC6E-43AF-8C89-592E439B817D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms}
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.johanik.cz/homep.htm"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.07 08:58:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.04.15 13:10:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.02.19 09:06:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.12 08:43:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.17 07:50:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.04.15 13:10:59 | 000,000,000 | ---D | M]
[2009.05.06 12:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Extensions
[2013.05.22 19:44:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions
[2010.06.30 08:05:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.02.27 09:34:57 | 000,350,538 | ---- | M] () (No name found) -- C:\Documents and Settings\johanik\Data aplikací\Mozilla\Firefox\Profiles\0clh7blw.default\extensions\coupon.checker@kodyrabatowe.pl.xpi
[2013.04.12 08:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.05.23 10:59:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 08:42:38 | 000,000,000 | ---D | M] (Stahuj.cz) -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2013.05.23 10:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.23 10:59:23 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 08:43:36 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.20 10:13:16 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.20 10:13:16 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.14 08:45:11 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2013.02.20 10:13:16 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.20 10:13:16 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.20 10:13:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\johanik\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: registryAccess (Enabled) = C:\Documents and Settings\johanik\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\aaaaoggiphohkihibdkcnhnokmkfmhnj\7.13.2.0_0\background/registryAccess.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 602XML Filler (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npfiller.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.0.0.10201_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
O1 HOSTS File: ([2013.05.23 10:49:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QIPBHO Class) - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\johanik\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Kerio VPN Client] C:\Program Files\Kerio\VPN Client\kvpnclient.exe (Kerio Technologies)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKU\S-1-5-21-515967899-1606980848-682003330-1004..\Run: [Data Replicator 3] C:\Program Files\Synology Data Replicator 3\Backup.exe (Synology Inc.)
O4 - HKU\S-1-5-21-515967899-1606980848-682003330-1004..\Run: [Infium] C:\Program Files\QIP 2010\qip.exe (QIP)
O4 - HKU\S-1-5-21-515967899-1606980848-682003330-1004..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění\Dropbox.lnk = C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\johanik\Nabídka Start\Programy\Po spuštění\netuse.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-515967899-1606980848-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Stáhnout s Mipony - C:\Program Files\MiPony\Browser\IEContext.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 1526732593 (WUWebControl Class)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0 (Active602XMLFiller Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D81FBE31-4DB9-4A41-B2CD-EDD1FC61FA78}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.05 09:24:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\AC3ACM.acm (fccHandler)
Drivers32: msacm.alf2cd - C:\WINDOWS\System32\alf2cd.acm (NCT Company)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.scg726 - C:\WINDOWS\System32\Scg726.acm (SHARP Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.voxacm160 - C:\WINDOWS\System32\vct3216.acm (Voxware, Inc.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\divx.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.05.23 11:44:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\johanik\Plocha\OTL.exe
[2013.05.23 10:41:54 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.05.23 10:39:48 | 005,069,782 | R--- | C] (Swearware) -- C:\Documents and Settings\johanik\Plocha\ComboFix.exe
[2013.05.22 11:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Plocha\RK_Quarantine
[2013.05.22 09:28:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.22 08:17:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Data aplikací\McAfee
[2013.05.21 14:10:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\johanik\Recent
[2013.05.21 12:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Data aplikací\AVG
[2013.05.21 12:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.05.21 12:26:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013.05.21 08:22:39 | 000,000,000 | ---D | C] -- C:\AllShare
[2013.05.21 08:15:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
[2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData
[2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013
[2013.05.20 08:00:21 | 000,000,000 | ---D | C] -- Z:\Dokumenty\Johanik\stazeno
[2013.05.20 07:59:22 | 000,000,000 | ---D | C] -- Z:\Dokumenty\Johanik\Skeny
[2 Z:\Dokumenty\Johanik\*.tmp files -> Z:\Dokumenty\Johanik\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.05.23 11:48:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.23 11:41:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\johanik\Plocha\OTL.exe
[2013.05.23 11:26:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.23 11:07:30 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.05.23 11:01:44 | 000,461,932 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.05.23 11:01:44 | 000,444,108 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.23 11:01:44 | 000,092,630 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.05.23 11:01:44 | 000,072,366 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.23 10:57:59 | 000,160,101 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.05.23 10:57:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.23 10:49:45 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.05.23 10:37:30 | 005,069,782 | R--- | M] (Swearware) -- C:\Documents and Settings\johanik\Plocha\ComboFix.exe
[2013.05.23 08:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Synology Data Replicator 3-JOHANIK-johanik.job
[2013.05.23 08:10:25 | 000,001,629 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Ekonomický systém POHODA 2013 (síťový klient) Komplet.lnk
[2013.05.22 11:07:14 | 000,632,031 | ---- | M] () -- C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
[2013.05.21 14:10:30 | 000,022,024 | ---- | M] () -- Z:\Dokumenty\Johanik\cc_20130521_141046.reg
[2013.05.21 11:06:41 | 000,031,014 | ---- | M] () -- C:\Documents and Settings\johanik\Plocha\Faktura Deepak.pdf
[2013.05.21 08:03:31 | 000,003,283 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.05.20 11:33:57 | 000,066,403 | ---- | M] () -- C:\Documents and Settings\johanik\Plocha\daryl.JPG
[2013.05.20 07:51:50 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.16 12:21:14 | 000,274,168 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2 Z:\Dokumenty\Johanik\*.tmp files -> Z:\Dokumenty\Johanik\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.23 08:10:25 | 000,001,629 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Ekonomický systém POHODA 2013 (síťový klient) Komplet.lnk
[2013.05.22 11:16:40 | 000,632,031 | ---- | C] () -- C:\Documents and Settings\johanik\Plocha\adwcleaner.exe
[2013.05.21 14:15:07 | 000,000,290 | ---- | C] () -- C:\WINDOWS\tasks\Synology Data Replicator 3-JOHANIK-johanik.job
[2013.05.21 14:10:20 | 000,022,024 | ---- | C] () -- Z:\Dokumenty\Johanik\cc_20130521_141046.reg
[2013.05.21 11:05:12 | 000,031,014 | ---- | C] () -- C:\Documents and Settings\johanik\Plocha\Faktura Deepak.pdf
[2013.05.20 11:33:57 | 000,066,403 | ---- | C] () -- C:\Documents and Settings\johanik\Plocha\daryl.JPG
[2013.04.30 15:47:03 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.01.10 13:38:28 | 000,418,448 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.02.16 08:48:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.11.08 09:49:00 | 000,013,824 | R--- | C] () -- C:\WINDOWS\System32\drivers\HPM1210FAX.sys
[2011.11.08 09:48:56 | 000,167,936 | R--- | C] () -- C:\WINDOWS\System32\m1210wia.dll
[2011.11.08 09:48:51 | 000,081,920 | R--- | C] () -- C:\WINDOWS\System32\mvusbews.dll
[2011.11.03 14:00:35 | 000,048,128 | R--- | C] () -- C:\WINDOWS\System32\HPM1210SMs.dll
[2011.11.03 14:00:34 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\HPM1210SM.exe
[2011.11.03 14:00:33 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\HPM1210LM.DLL
[2011.11.03 14:00:27 | 000,176,128 | R--- | C] () -- C:\WINDOWS\System32\m1210nwia.dll
[2011.11.03 13:52:34 | 000,284,672 | ---- | C] () -- C:\WINDOWS\System32\mvhlewsi.DLL
[2011.09.14 16:03:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.09.14 16:03:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.11 10:13:50 | 000,010,354 | ---- | C] () -- C:\Documents and Settings\johanik\Data aplikací\SmarThruOptions.xml
[2011.07.11 10:13:29 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\SamFaxPort.dll
[2011.06.08 11:39:13 | 000,317,952 | R--- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2011.06.08 11:39:13 | 000,145,920 | R--- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2010.08.19 10:22:29 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\johanik\jansretr.pfx
[2009.05.22 11:12:46 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.05 15:17:29 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\fusioncache.dat
[2009.05.05 10:50:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\johanik\Data aplikací\AVSDVDPlayer.m3u
========== ZeroAccess Check ==========
[2009.05.05 10:00:27 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.03.03 01:11:23 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.01.27 14:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Atlas consulting
[2013.05.21 12:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.03.11 11:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Badoo
[2012.10.08 09:07:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.11.02 10:03:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.01.07 08:57:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2012.01.26 09:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
[2013.05.22 11:07:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.04.15 15:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.04.15 13:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2010.01.07 09:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.11.05 10:58:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2013.04.30 08:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2010.11.05 11:04:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SITEguard
[2010.11.05 13:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\STOPzilla!
[2012.10.29 09:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.07.27 11:50:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tyre
[2013.02.19 09:07:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.05.21 12:26:46 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012.07.11 09:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602Installer
[2012.10.09 09:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602XML
[2012.01.27 14:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Atlas consulting
[2013.05.21 12:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\AVG
[2012.02.20 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\BOM
[2011.11.10 11:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DAEMON Tools Lite
[2011.10.06 08:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Daňová kancelář
[2011.10.06 08:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\dkabscnv
[2013.05.23 10:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Dropbox
[2012.11.30 09:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DTEG
[2012.06.01 08:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\ElevatedDiagnostics
[2012.01.26 09:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kastner software
[2011.12.15 09:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kerio
[2011.11.03 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Marvell
[2011.12.05 13:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Mipony
[2010.04.15 15:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia
[2010.04.15 15:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia Ovi Suite
[2012.05.09 11:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Oracle
[2010.06.08 08:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PC Suite
[2013.03.11 10:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Architect
[2012.06.04 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Writer
[2011.12.20 08:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QIP
[2012.10.30 09:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QipGuard
[2012.09.03 10:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Samsung
[2011.07.11 10:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\SmarThru4
[2013.03.01 09:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Software602
[2011.10.06 09:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TeamViewer
[2012.03.21 09:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Telefónica Móviles
[2013.05.21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
[2011.08.03 07:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Tyre
[2013.05.09 08:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\WDC
[2012.01.23 11:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Desktop Search
[2012.01.25 10:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Search
[2009.10.21 12:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\XnView
[2012.08.09 11:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Samsung
[2012.10.31 11:13:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\venca\Data aplikací\Kerio
[2012.10.31 11:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\venca\Data aplikací\Windows Desktop Search
[2013.04.16 11:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Věra\Data aplikací\Kerio
[2013.04.16 11:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Věra\Data aplikací\Windows Desktop Search
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.05.05 09:23:18 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.05.05 09:29:26 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.04.16 07:51:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.02.27 09:53:49 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.05.21 14:15:07 | 000,000,290 | ---- | C] () -- C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.12.03 09:18:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GenesysLogic
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.07.11 09:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602Installer
[2012.10.09 09:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\602XML
[2011.03.30 08:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Adobe
[2009.06.12 09:55:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Ahead
[2011.11.16 11:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Apple Computer
[2012.01.27 14:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Atlas consulting
[2013.05.21 12:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\AVG
[2012.02.20 13:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\BOM
[2011.11.10 11:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DAEMON Tools Lite
[2011.10.06 08:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Daňová kancelář
[2011.10.06 08:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\dkabscnv
[2013.05.23 10:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Dropbox
[2012.11.30 09:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\DTEG
[2010.05.21 12:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\dvdcss
[2012.06.01 08:56:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\ElevatedDiagnostics
[2011.07.27 11:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Google
[2010.04.15 15:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Help
[2011.11.03 13:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\HP
[2009.05.05 09:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Identities
[2009.05.05 09:41:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\InstallShield
[2012.01.26 09:45:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kastner software
[2011.12.15 09:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Kerio
[2009.05.06 14:21:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Macromedia
[2010.11.10 09:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Malwarebytes
[2011.11.03 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Marvell
[2013.01.10 09:49:21 | 000,000,000 | --SD | M] -- C:\Documents and Settings\johanik\Data aplikací\Microsoft
[2011.12.05 13:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Mipony
[2009.12.05 17:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Motive
[2009.05.06 12:14:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Mozilla
[2010.04.15 15:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia
[2010.04.15 15:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Nokia Ovi Suite
[2012.05.09 11:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Oracle
[2010.06.08 08:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PC Suite
[2013.03.11 10:31:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Architect
[2012.06.04 11:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\PDF Writer
[2011.12.20 08:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QIP
[2012.10.30 09:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\QipGuard
[2012.09.03 10:30:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Samsung
[2013.05.23 12:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Skype
[2011.07.13 12:32:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\skypePM
[2011.07.11 10:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\SmarThru4
[2013.03.01 09:30:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Software602
[2009.05.05 09:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Sun
[2011.10.06 09:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TeamViewer
[2012.03.21 09:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Telefónica Móviles
[2013.05.21 08:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\TuneUp Software
[2011.08.03 07:26:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Tyre
[2013.05.09 08:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\WDC
[2012.01.23 11:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Desktop Search
[2012.01.25 10:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\Windows Search
[2009.10.21 12:12:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\XnView
< %APPDATA%\*.exe /s >
[2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Dropbox.exe
[2013.03.12 09:06:32 | 000,206,904 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2012.08.27 06:21:14 | 000,874,384 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe
[2012.08.27 06:21:24 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\johanik\Data aplikací\Dropbox\bin\Uninstall.exe
[2013.03.26 10:00:16 | 016,929,432 | ---- | M] (KASTNER software s.r.o. ) -- C:\Documents and Settings\johanik\Data aplikací\Kastner software\Form Studio CZ\Update\Prg03\fsupd.exe
[2010.09.03 12:36:31 | 068,725,024 | ---- | M] () -- C:\Documents and Settings\johanik\Data aplikací\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
[2012.03.23 17:55:34 | 000,191,440 | ---- | M] (QIP.ru) -- C:\Documents and Settings\johanik\Data aplikací\QipGuard\QipGuard.exe
[2012.10.22 09:22:09 | 000,060,888 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AdminDelegator.exe
[2012.10.22 09:22:10 | 000,088,024 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.10.22 09:22:19 | 000,077,264 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.10.22 09:22:28 | 000,843,208 | ---- | M] (Samsung) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.12.03 16:35:20 | 000,601,528 | ---- | M] (ml) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.12.20 11:44:36 | 000,602,120 | ---- | M] (ml) -- C:\Documents and Settings\johanik\Data aplikací\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2006.12.01 10:13:48 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\johanik\Data aplikací\Tyre\appstop.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.05.23 11:26:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.05.23 11:07:30 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.05.23 08:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.11.02 09:59:27 | 000,443,448 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.05.05 11:13:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.05.05 11:13:04 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.05.05 11:13:04 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.05.23 10:57:59 | 000,160,101 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.05.23 11:01:44 | 000,092,630 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.05.23 11:01:44 | 000,072,366 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.05.23 11:01:44 | 000,461,932 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.05.23 11:01:44 | 000,444,108 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.05.23 11:01:44 | 001,087,392 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"KiesAirMessage" = C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup -- [2012.11.28 07:24:24 | 000,577,536 | ---- | M] (Samsung Electronics)
"Data Replicator 3" = "C:\Program Files\Synology Data Replicator 3\Backup.exe" /MIN -- [2011.02.22 04:14:21 | 011,587,584 | ---- | M] (Synology Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.02.28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)
"Infium" = "C:\Program Files\QIP 2010\qip.exe" /autorun -- [2012.03.23 17:55:44 | 007,351,760 | ---- | M] (QIP)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.04.12 08:43:36 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=6F5386A655598F71BAAB2D6B63A69D6A -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.01.05 11:48:46 | 001,047,024 | ---- | M] (Google Inc.) MD5=E5C93E2CF6C7B903799CF99F71286E1A -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.23 11:48:55 | 000,000,512 | ---- | M] () MD5=A27BB7C2750209A5930A2F416FCA0627 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
Re: Hrozně pomalý PC, úbytek místa na disku
< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2010.02.12 14:17:06 | 000,331,776 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2010.02.04 13:23:54 | 000,131,072 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.01.21 16:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2007.01.22 11:56:38 | 000,110,592 | ---- | M] () -- \Program Files\SmarThru 4\WebUploaderLib.dll
[2007.01.22 11:47:16 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\English\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:18 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\French\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:20 | 000,000,196 | ---- | M] () -- \Program Files\SmarThru 4\German\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:36 | 000,000,189 | ---- | M] () -- \Program Files\SmarThru 4\Hungarian\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:34 | 000,000,184 | ---- | M] () -- \Program Files\SmarThru 4\Chinese (Traditional)\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:14 | 000,000,178 | ---- | M] () -- \Program Files\SmarThru 4\Chinese\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:22 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Italian\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:24 | 000,000,191 | ---- | M] () -- \Program Files\SmarThru 4\Korean\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:40 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Polish\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:30 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese (Brazilian)\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:32 | 000,000,192 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:26 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\Russian\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:28 | 000,000,193 | ---- | M] () -- \Program Files\SmarThru 4\Spanish\SmarThruRes-WebUploaderLib.xml
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.01.11 09:17:13 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:86CDD0A7
< End of report >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2006.11.09 22:31:32 | 000,163,840 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2010.02.12 14:17:06 | 000,331,776 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2010.02.04 13:23:54 | 000,131,072 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.01.21 16:30:04 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2007.01.22 11:56:38 | 000,110,592 | ---- | M] () -- \Program Files\SmarThru 4\WebUploaderLib.dll
[2007.01.22 11:47:16 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\English\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:18 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\French\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:20 | 000,000,196 | ---- | M] () -- \Program Files\SmarThru 4\German\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:36 | 000,000,189 | ---- | M] () -- \Program Files\SmarThru 4\Hungarian\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:34 | 000,000,184 | ---- | M] () -- \Program Files\SmarThru 4\Chinese (Traditional)\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:14 | 000,000,178 | ---- | M] () -- \Program Files\SmarThru 4\Chinese\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:22 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Italian\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:24 | 000,000,191 | ---- | M] () -- \Program Files\SmarThru 4\Korean\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:40 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Polish\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:30 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese (Brazilian)\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:32 | 000,000,192 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:26 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\Russian\SmarThruRes-WebUploaderLib.xml
[2007.01.22 11:47:28 | 000,000,193 | ---- | M] () -- \Program Files\SmarThru 4\Spanish\SmarThruRes-WebUploaderLib.xml
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2012.01.11 09:17:13 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:86CDD0A7
< End of report >
Re: Hrozně pomalý PC, úbytek místa na disku
Ten druhý log extras.txt mi bohužel nevyjel a nevím ani kde hledat....
Re: Hrozně pomalý PC, úbytek místa na disku
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\johanik\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ag76psv6) IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms} IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\InprocServer32 File not found IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{0D09B36E-FC6E-43AF-8C89-592E439B817D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =971163&p={searchTerms} IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}: "URL" = http://badoo.com/startpage/?source=bsb&q={searchTerms} IE - HKU\S-1-5-21-515967899-1606980848-682003330-1004\..\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}: "URL" = http://search.qip.ru/?query={searchTerms} CHR - Extension: AVG Secure Search = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: AVG Secure Search = C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present [2013.05.21 12:29:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Data aplikací\AVG [2013.05.21 12:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG [2013.05.21 12:26:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData [2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\MFAData [2013.05.21 08:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013 [2013.05.21 12:30:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG [2013.02.19 09:07:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.05.21 12:26:46 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013.05.21 12:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\johanik\Data aplikací\AVG [2013.05.23 11:26:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [2013.05.23 11:07:30 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [2013.05.23 08:17:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:86CDD0A7 :services QipGuard :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"=- "KernelFaultCheck"=- "Adobe ARM"=- "AllShareAgent"=- "vProt"=- "SunJavaUpdateSched"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "KiesAirMessage"=- "QIP Internet Guardian"=- "Skype"=- "Infium"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Whitney2_S2P] :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Hrozně pomalý PC, úbytek místa na disku
Log po opravě
All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service SSPORT stopped successfully!
Service SSPORT deleted successfully!
File C:\WINDOWS\system32\Drivers\SSPORT.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service MRESP50a64 stopped successfully!
Service MRESP50a64 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS not found.
Service MRESP50 stopped successfully!
Service MRESP50 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS not found.
Service MRENDIS5 stopped successfully!
Service MRENDIS5 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS not found.
Service MREMPR5 stopped successfully!
Service MREMPR5 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS not found.
Service MREMP50a64 stopped successfully!
Service MREMP50a64 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS not found.
Service MREMP50 stopped successfully!
Service MREMP50 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service dgderdrv stopped successfully!
Service dgderdrv deleted successfully!
File System32\drivers\dgderdrv.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\johanik\LOCALS~1\Temp\catchme.sys not found.
Error: No service named ag76psv6 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ag76psv6 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0D09B36E-FC6E-43AF-8C89-592E439B817D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D09B36E-FC6E-43AF-8C89-592E439B817D}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\zh_TW folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\zh_CN folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\tr folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\sr folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\sk folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\ru folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\pt_PT folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\pt_BR folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\pl folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\nl folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\ko folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\ja folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\it folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\id folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\hu folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\fr folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\es_419 folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\es folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\en folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\de folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\da folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\cs folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\lib folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\js folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\icons folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\css folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0 folder moved successfully.
File C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\TuningIndex folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\StartUp Manager folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\Dashboard folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\Backups folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012 folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2012 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData\logs folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MFAData\avibackup folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MFAData folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013\log folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013 folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\AVG\ not found.
C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}\ not found.
Folder C:\Documents and Settings\johanik\Data aplikací\AVG\ not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.
C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:86CDD0A7 deleted successfully.
========== SERVICES/DRIVERS ==========
Service QipGuard stopped successfully!
Service QipGuard deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AllShareAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QIP Internet Guardian not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Whitney2_S2P\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: johanik
->Temp folder emptied: 6262274 bytes
->Temporary Internet Files folder emptied: 47350089 bytes
->Java cache emptied: 579146 bytes
->FireFox cache emptied: 282015235 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 4520 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 5318 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: venca
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 16555349 bytes
->Flash cache emptied: 492 bytes
User: Věra
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10506296 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 347,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: johanik
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: venca
->Flash cache emptied: 0 bytes
User: Věra
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: johanik
->Java cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: venca
User: Věra
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05232013_152654
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service SSPORT stopped successfully!
Service SSPORT deleted successfully!
File C:\WINDOWS\system32\Drivers\SSPORT.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service MRESP50a64 stopped successfully!
Service MRESP50a64 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS not found.
Service MRESP50 stopped successfully!
Service MRESP50 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS not found.
Service MRENDIS5 stopped successfully!
Service MRENDIS5 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS not found.
Service MREMPR5 stopped successfully!
Service MREMPR5 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS not found.
Service MREMP50a64 stopped successfully!
Service MREMP50a64 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS not found.
Service MREMP50 stopped successfully!
Service MREMP50 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service dgderdrv stopped successfully!
Service dgderdrv deleted successfully!
File System32\drivers\dgderdrv.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\johanik\LOCALS~1\Temp\catchme.sys not found.
Error: No service named ag76psv6 was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ag76psv6 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0D09B36E-FC6E-43AF-8C89-592E439B817D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D09B36E-FC6E-43AF-8C89-592E439B817D}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-1606980848-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\zh_TW folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\zh_CN folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\tr folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\sr folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\sk folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\ru folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\pt_PT folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\pt_BR folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\pl folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\nl folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\ko folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\ja folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\it folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\id folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\hu folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\fr folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\es_419 folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\es folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\en folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\de folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\da folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales\cs folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\_locales folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\lib folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\js folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\icons folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content\css folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\content folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0 folder moved successfully.
File C:\Documents and Settings\johanik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\TuningIndex folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\StartUp Manager folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\Dashboard folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012\Backups folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG\AWL2012 folder moved successfully.
C:\Documents and Settings\johanik\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2012 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData\logs folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\MFAData folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MFAData\avibackup folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\MFAData folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013\log folder moved successfully.
C:\Documents and Settings\johanik\Local Settings\Data aplikací\Avg2013 folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\AVG\ not found.
C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} folder moved successfully.
Folder C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}\ not found.
Folder C:\Documents and Settings\johanik\Data aplikací\AVG\ not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.
C:\WINDOWS\Tasks\Synology Data Replicator 3-JOHANIK-johanik.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:86CDD0A7 deleted successfully.
========== SERVICES/DRIVERS ==========
Service QipGuard stopped successfully!
Service QipGuard deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AllShareAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\QIP Internet Guardian not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Infium deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Whitney2_S2P\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: johanik
->Temp folder emptied: 6262274 bytes
->Temporary Internet Files folder emptied: 47350089 bytes
->Java cache emptied: 579146 bytes
->FireFox cache emptied: 282015235 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 4520 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 5318 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: venca
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 16555349 bytes
->Flash cache emptied: 492 bytes
User: Věra
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10506296 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 347,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: johanik
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: venca
->Flash cache emptied: 0 bytes
User: Věra
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: johanik
->Java cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: venca
User: Věra
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05232013_152654
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Hrozně pomalý PC, úbytek místa na disku
Fajn, jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Hrozně pomalý PC, úbytek místa na disku
Moc děkuji za pomoc, PC vypadá dobře, neseká se a vše funguje docela svižně, na disku je dokonce i místo
Ještě jednou děkuji
Ještě jednou děkuji
Přispějete na provoz fóra?
