Dobrý den,
můj PC byl bohužel napaden jedním již dříve známým adware, kdy se zablokuje celý systém a na obrazovku zobrazí znaky Policie ČR a hlášku o zablokování počítače z důvodu porušení autorského práva atd.
Systém jsem si uvolnil tak, že jsem se v nouzovém režimu vrátil na bod obnovy vytvořený před dvěma dny, takže nyní mi system funguje. Prosím ale o kontrolu jeho stavu. Přikládám zde log z RSIT.
Děkuji.
RSIT:
¨¨¨¨¨
Logfile of random's system information tool 1.06 (written by random/random)
Run by Václav Zíka at 2013-06-06 15:43:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 181 GB (59%) free of 305 GB
Total RAM: 2046 MB (74% free)
HijackThis download failed
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-08-31 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-30 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-30 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.3.dll [2011-05-25 1145888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-08-31 491520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2008-06-27 16875008]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-04-17 98616]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2009-04-07 673616]
"MacrokeyManager"=C:\windows\system32\WTMKM.exe [2011-06-01 7144448]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2012-05-15 15504192]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-05-07 345312]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Microsoft Office Outlook 2003.lnk - C:\WINDOWS\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IronWare Communication\IW FTPort Client\Cftp32.exe"="C:\Program Files\IronWare Communication\IW FTPort Client\Cftp32.exe:*:Enabled:IW FTPort Client"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application"
"C:\Program Files\Firestorm-Release\SLVoice.exe"="C:\Program Files\Firestorm-Release\SLVoice.exe:*:Enabled:SLVoice"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2013-06-06 15:43:18 ----D---- C:\rsit
2013-06-06 14:39:35 ----A---- C:\windows\ntbtlog.txt
2013-06-06 14:32:39 ----A---- C:\Documents and Settings\All Users\Data aplikací\olb13.js
2013-06-06 14:32:39 ----A---- C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt
2013-05-20 20:44:23 ----D---- C:\Program Files\Mozilla Firefox
2013-05-16 13:20:02 ----D---- C:\Program Files\AWicons Lite
2013-05-16 08:10:51 ----HDC---- C:\windows\$NtUninstallKB2829530$
2013-05-16 08:10:45 ----HDC---- C:\windows\$NtUninstallKB2820197$
2013-05-16 08:08:34 ----A---- C:\windows\imsins.BAK
2013-05-16 08:08:31 ----HDC---- C:\windows\$NtUninstallKB2829361$
2013-05-15 03:19:05 ----A---- C:\windows\IE4 Error Log.txt
2013-05-11 08:16:53 ----SHD---- C:\RECYCLER
2013-05-10 10:00:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-05-09 11:41:46 ----AD---- C:\Qoobox
======List of files/folders modified in the last 1 months======
2013-06-06 15:43:20 ----D---- C:\Program Files\trend micro
2013-06-06 15:42:46 ----D---- C:\windows\temp
2013-06-06 15:34:41 ----D---- C:\windows\Prefetch
2013-06-06 15:20:30 ----D---- C:\windows\system32\NtmsData
2013-06-06 15:02:11 ----D---- C:\windows\Registration
2013-06-06 15:00:05 ----A---- C:\windows\win.ini
2013-06-06 14:58:19 ----D---- C:\windows\system32\config
2013-06-06 14:57:28 ----D---- C:\windows\system32\wbem
2013-06-06 14:56:24 ----D---- C:\WINDOWS
2013-06-06 12:56:41 ----D---- C:\Program Files\Paint Shop Pro 6
2013-06-06 12:49:29 ----A---- C:\windows\SchedLgU.Txt
2013-06-05 02:09:14 ----D---- C:\windows\system32\CatRoot2
2013-06-04 18:47:12 ----A---- C:\windows\WDICT32.INI
2013-06-04 18:39:27 ----A---- C:\windows\TRNCOM.INI
2013-06-04 18:26:23 ----A---- C:\windows\MAILTRAN.INI
2013-06-04 14:13:05 ----AD---- C:\Program Files\Servant Salamander 2.0
2013-05-27 08:06:18 ----D---- C:\windows\system32
2013-05-26 02:19:08 ----A---- C:\windows\WTRAN32.INI
2013-05-24 14:58:07 ----RD---- C:\Program Files
2013-05-22 14:56:48 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-20 09:40:12 ----D---- C:\Documents and Settings\Václav Zíka\Data aplikací\gtk-2.0
2013-05-19 14:14:43 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-05-19 14:14:40 ----A---- C:\windows\system32\FlashPlayerInstaller.exe
2013-05-19 14:09:17 ----SD---- C:\windows\Tasks
2013-05-18 16:42:56 ----A---- C:\windows\NeroDigital.ini
2013-05-18 16:42:23 ----D---- C:\Documents and Settings\Václav Zíka\Data aplikací\Media Player Classic
2013-05-16 08:38:35 ----D---- C:\windows\Microsoft.NET
2013-05-16 08:38:34 ----RSD---- C:\windows\assembly
2013-05-16 08:13:26 ----SHD---- C:\windows\Installer
2013-05-16 08:13:14 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-05-16 08:12:56 ----D---- C:\windows\WinSxS
2013-05-16 08:11:03 ----HD---- C:\windows\inf
2013-05-16 08:11:02 ----RSHDC---- C:\windows\system32\dllcache
2013-05-16 08:10:44 ----HD---- C:\windows\$hf_mig$
2013-05-16 08:08:46 ----D---- C:\windows\Debug
2013-05-16 08:08:43 ----A---- C:\windows\system32\MRT.exe
2013-05-12 18:00:00 ----D---- C:\Documents and Settings\Václav Zíka\Data aplikací\Skype
2013-05-12 11:49:44 ----A---- C:\windows\AviSplitter.INI
2013-05-11 22:45:31 ----D---- C:\Program Files\CCleaner
2013-05-11 22:31:33 ----SHD---- C:\System Volume Information
2013-05-11 22:31:33 ----D---- C:\windows\system32\Restore
2013-05-11 22:27:31 ----D---- C:\windows\Minidump
2013-05-11 08:20:19 ----D---- C:\windows\system32\drivers
2013-05-11 08:15:53 ----SD---- C:\windows\Downloaded Program Files
2013-05-09 11:56:42 ----A---- C:\windows\system.ini
2013-05-09 11:51:12 ----D---- C:\windows\AppPatch
2013-05-09 11:51:09 ----D---- C:\Program Files\Common Files
2013-05-09 01:03:22 ----SD---- C:\Documents and Settings\Václav Zíka\Data aplikací\Microsoft
2013-05-09 00:54:42 ----D---- C:\Program Files\DAZ 3D
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2013-04-06 135136]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2013-04-06 37352]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\windows\system32\DRIVERS\ssmdrv.sys [2013-04-06 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2013-04-06 84744]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 moufiltr;Tablet Mouse Filter Driver; C:\windows\system32\DRIVERS\moufiltr.sys [2009-03-08 6144]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 pfc;Padus ASPI Shell; C:\windows\system32\drivers\pfc.sys [2003-12-05 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vhidmini;Generic Virtual HID Driver; C:\windows\system32\DRIVERS\walvhid.sys [2009-08-20 6144]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\windows\system32\DRIVERS\k750bus.sys [2005-07-07 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\windows\system32\DRIVERS\k750mdfl.sys [2005-07-07 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\windows\system32\DRIVERS\k750mdm.sys [2005-07-07 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\windows\system32\DRIVERS\k750mgmt.sys [2005-07-07 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\windows\system32\DRIVERS\k750obex.sys [2005-07-07 79488]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-04-17 102712]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-04-06 110816]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-04-06 86752]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-30 170912]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 WTService;WTService; C:\windows\system32\atwtusb.exe [2011-04-27 871936]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-12 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-19 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-12 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-20 117144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu.
Zdravim 
Kde jste se nakazil, co jste stahoval 
Vzdyt cca pred mesicem jsme PC lecili 
Nejaky crack\keygen, co, nic takoveho?
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
Kde jste se nakazil, co jste stahoval Vzdyt cca pred mesicem jsme PC lecili Nejaky crack\keygen, co, nic takoveho? Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
Takže zde jsou ony logy:
OTL.Txt:
¨¨¨¨¨¨¨¨
OTL logfile created on: 6.6.2013 17:37:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Václav Zíka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,71% Memory free
3,85 Gb Paging File | 3,40 Gb Available in Paging File | 88,50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 176,44 Gb Free Space | 59,19% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 364,89 Gb Free Space | 39,17% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 636,52 Gb Free Space | 68,33% Space Free | Partition Type: NTFS
Drive J: | 465,65 Gb Total Space | 167,17 Gb Free Space | 35,90% Space Free | Partition Type: FAT32
Computer Name: ERIN | User Name: Václav Zíka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.06.06 17:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Václav Zíka\Plocha\OTL.exe
PRC - [2013.05.07 14:55:13 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.06 15:25:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.06 15:24:10 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.06 15:23:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.30 09:10:10 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.05.25 10:00:02 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
PRC - [2011.04.27 09:23:10 | 000,871,936 | ---- | M] () -- C:\WINDOWS\system32\atwtusb.exe
PRC - [2009.04.07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008.04.17 15:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.04.17 15:14:00 | 000,098,616 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.06 15:25:44 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.05.25 10:00:02 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
MOD - [2011.05.25 09:59:56 | 000,821,792 | ---- | M] () -- C:\Program Files\Seznam.cz\email.3.dll
MOD - [2011.05.25 09:59:40 | 001,145,888 | ---- | M] () -- C:\Program Files\Seznam.cz\core.3.dll
MOD - [2011.04.27 09:23:10 | 000,871,936 | ---- | M] () -- C:\WINDOWS\system32\atwtusb.exe
MOD - [2009.03.12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008.11.21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
========== Services (SafeList) ==========
SRV - [2013.05.20 20:44:35 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.19 14:14:44 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.06 15:25:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.06 15:23:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.30 09:10:10 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.27 09:23:10 | 000,871,936 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\atwtusb.exe -- (WTService)
SRV - [2008.04.17 15:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
========== Driver Services (SafeList) ==========
DRV - [2013.04.06 15:26:18 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.06 15:26:18 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.06 15:26:18 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.06 15:26:18 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.20 12:38:24 | 000,006,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\walvhid.sys -- (vhidmini)
DRV - [2009.03.08 13:15:14 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2008.08.28 00:39:42 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.06.27 11:24:56 | 004,742,656 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.01.03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.07.07 16:26:04 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005.07.07 16:26:00 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.07.07 16:25:58 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.07.07 16:25:52 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.07.07 16:25:50 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.7
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.20 20:44:25 | 000,000,000 | ---D | M]
[2010.06.15 15:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Extensions
[2013.05.09 10:33:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions
[2010.09.12 17:09:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.10 00:31:07 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.01.03 11:15:03 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.05.09 10:33:57 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.06 15:34:56 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\searchplugins\askcom.xml
[2013.05.20 20:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.05.20 20:44:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.20 20:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.20 20:44:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VáCLAV ZĂKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\F7H9FK5Z.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
O1 HOSTS File: ([2013.05.09 11:56:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MacrokeyManager] C:\windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\postak.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2008.08.31 01:45:17 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office Outlook 2003.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.13.80.80 85.13.80.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA6B6FAD-9F46-4B0C-B5D8-394887872646}: DhcpNameServer = 85.13.80.80 85.13.80.90
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.04.28 18:44:28 | 000,000,000 | ---D | M] - F:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:)
O34 - HKLM BootExecute: (autocheck autochk /p \??\K:)
O34 - HKLM BootExecute: (autocheck autochk /p \??\L:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.divxa32 - C:\windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.06.06 17:34:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Václav Zíka\Plocha\OTL.exe
[2013.06.06 15:43:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.06.06 14:32:34 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\31blo.dat
========== Files - Modified Within 7 Days ==========
[2013.06.06 17:39:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.06.06 17:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Václav Zíka\Plocha\OTL.exe
[2013.06.06 17:23:00 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.06 17:14:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.06.06 15:42:56 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Plocha\RSIT.exe
[2013.06.06 15:00:34 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013.06.06 14:59:51 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.06 14:59:38 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.06 14:59:36 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.06 14:37:21 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.pad
[2013.06.06 14:32:39 | 000,003,078 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.js
[2013.06.06 14:32:34 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\31blo.dat
[2013.06.04 21:00:41 | 001,075,544 | ---- | M] () -- C:\windows\System32\nvdrsdb0.bin
[2013.06.04 21:00:41 | 000,000,001 | ---- | M] () -- C:\windows\System32\nvdrssel.bin
[2013.06.04 18:47:12 | 000,005,374 | ---- | M] () -- C:\windows\WDICT32.INI
[2013.06.04 18:39:27 | 000,002,840 | ---- | M] () -- C:\windows\TRNCOM.INI
[2013.06.04 18:26:23 | 000,001,680 | ---- | M] () -- C:\windows\MAILTRAN.INI
[2013.06.03 22:22:21 | 001,075,544 | ---- | M] () -- C:\windows\System32\nvdrsdb1.bin
========== Files Created - No Company Name ==========
[2013.06.06 17:39:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.06.06 15:42:56 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\Plocha\RSIT.exe
[2013.06.06 14:59:36 | 2145,898,496 | -HS- | C] () -- C:\hiberfil.sys
[2013.06.06 14:32:39 | 000,003,078 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.js
[2013.06.06 14:32:37 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.pad
[2013.05.20 09:40:12 | 000,005,662 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\.recently-used.xbel
[2013.02.26 02:55:20 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
[2012.07.06 11:57:43 | 001,075,544 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin
[2012.07.06 11:57:43 | 001,075,544 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin
[2012.07.06 11:57:43 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin
[2012.07.06 11:57:20 | 002,807,708 | ---- | C] () -- C:\windows\System32\nvdata.data
[2012.07.06 11:55:02 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2012.04.12 16:52:48 | 000,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2012.02.15 17:28:41 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2011.12.25 16:17:49 | 000,010,513 | ---- | C] () -- C:\windows\System32\Windows7.ini
[2011.12.25 16:17:49 | 000,010,251 | ---- | C] () -- C:\windows\System32\Vista.ini
[2011.12.25 16:17:49 | 000,009,868 | ---- | C] () -- C:\windows\System32\XP_2000.ini
[2011.12.25 16:17:48 | 000,022,856 | ---- | C] () -- C:\windows\System32\Photoshop Elements.ini
[2011.12.25 16:17:48 | 000,015,605 | ---- | C] () -- C:\windows\System32\PhotoImpact XL SE.ini
[2011.12.25 16:17:48 | 000,000,969 | ---- | C] () -- C:\windows\System32\Corel Draw Essential X5.ini
[2011.12.25 16:17:48 | 000,000,963 | ---- | C] () -- C:\windows\System32\Corel Draw Essential 4.ini
[2011.12.25 16:17:48 | 000,000,833 | ---- | C] () -- C:\windows\System32\MKProfile.ini
[2011.12.25 16:17:46 | 000,871,936 | ---- | C] () -- C:\windows\System32\atwtusb.exe
[2011.12.25 16:17:45 | 007,144,448 | ---- | C] () -- C:\windows\System32\WTMKM.exe
[2011.12.25 16:17:41 | 000,045,056 | ---- | C] () -- C:\windows\System32\InstallService.exe
[2011.12.25 16:17:40 | 004,109,824 | ---- | C] () -- C:\windows\System32\Control Panel_Betteryless.exe
[2011.12.25 16:17:39 | 000,147,456 | ---- | C] () -- C:\windows\System32\Calibration.exe
[2011.12.25 16:17:37 | 000,835,072 | ---- | C] () -- C:\windows\RmTablet.exe
[2011.12.25 16:17:36 | 000,010,708 | ---- | C] () -- C:\windows\System32\aiptbl.ini
[2008.12.09 00:42:20 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.31 13:59:03 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\FASTWiz.html
[2008.08.30 23:12:03 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
========== ZeroAccess Check ==========
[2009.02.14 18:07:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.16 23:18:20 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.04.24 23:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAZ 3D
[2011.10.30 23:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GoldWaveCDDB
[2012.12.25 00:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2013.04.13 09:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
[2011.12.25 16:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tablet
[2012.12.12 18:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.03.24 21:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\AMPSoft
[2008.12.31 15:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Blender Foundation
[2013.03.04 09:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\calibre
[2013.04.06 15:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\CallingID
[2013.04.24 23:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DAZ 3D
[2009.12.07 00:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Docx2Rtf
[2013.03.03 11:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft
[2013.03.03 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoftIEHelpers
[2011.02.22 21:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Epson
[2013.04.24 17:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Firestorm
[2013.04.24 20:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FirestormBack
[2010.02.08 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FLV Extract
[2011.10.30 23:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\GoldWaveCDDB
[2013.05.20 09:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\gtk-2.0
[2012.12.25 00:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\IsolatedStorage
[2010.09.25 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Jpeg Resampler
[2013.04.13 09:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Kastner software
[2011.06.21 11:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\MyPhoneExplorer
[2009.12.07 00:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NwDocx
[2009.12.08 02:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\OpenOffice.org
[2010.10.25 16:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Opera
[2012.04.12 20:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Tomas Varaneckas
[2011.01.14 01:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\WeGame
[2012.10.18 20:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\YCanPDF
[2012.12.24 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Zena+Cornie
========== Purity Check ==========
========== Custom Scans ==========
< >
[2008.08.27 22:56:13 | 000,000,065 | RH-- | C] () -- C:\windows\Tasks\desktop.ini
[2008.08.27 23:00:06 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2013.05.12 14:18:52 | 000,000,936 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.12 14:18:53 | 000,000,940 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.19 14:09:17 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.09.20 15:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Adobe
[2008.08.30 23:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\AdobeUM
[2010.03.24 21:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\AMPSoft
[2008.10.11 18:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Apple Computer
[2011.10.05 15:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\ArcSoft
[2013.04.06 15:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Avira
[2008.12.31 15:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Blender Foundation
[2013.03.04 09:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\calibre
[2013.04.06 15:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\CallingID
[2008.09.10 00:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\CyberLink
[2013.04.24 23:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DAZ 3D
[2009.12.07 00:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Docx2Rtf
[2013.03.03 11:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft
[2013.03.03 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoftIEHelpers
[2011.02.22 21:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Epson
[2013.04.24 17:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Firestorm
[2013.04.24 20:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FirestormBack
[2010.02.08 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FLV Extract
[2011.10.30 23:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\GoldWaveCDDB
[2008.08.30 23:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\GRETECH
[2013.05.20 09:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\gtk-2.0
[2008.09.07 20:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Help
[2008.08.27 23:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Identities
[2008.08.27 23:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\InstallShield
[2012.12.25 00:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\IsolatedStorage
[2010.09.25 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Jpeg Resampler
[2013.04.13 09:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Kastner software
[2011.10.21 20:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Lavasoft
[2008.08.31 16:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Macromedia
[2013.05.18 16:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Media Player Classic
[2013.05.09 01:03:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Microsoft
[2010.06.15 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla
[2011.06.21 11:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\MyPhoneExplorer
[2011.11.13 11:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NCH Software
[2012.07.06 12:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NVIDIA
[2009.12.07 00:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NwDocx
[2009.12.08 02:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\OpenOffice.org
[2009.12.08 02:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\OpenOffice.org2
[2010.10.25 16:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Opera
[2009.01.30 00:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\PSpad
[2008.10.28 13:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Real
[2013.05.12 18:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Skype
[2011.04.09 08:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\skypePM
[2009.06.05 15:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Sun
[2012.04.12 20:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Tomas Varaneckas
[2011.01.14 01:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\WeGame
[2012.10.18 20:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\YCanPDF
[2012.12.24 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Zena+Cornie
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2010.04.26 15:32:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010.04.02 15:37:51 | 000,094,208 | R--- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\Microsoft\Installer\{4723F199-FA64-4233-8E6E-9FCCC95A18EE}\python_icon.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.06.06 17:14:00 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.06.06 14:59:51 | 000,000,936 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.06 17:23:00 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.08.28 00:43:30 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2008.08.28 00:43:30 | 000,663,552 | ---- | M] () -- C:\windows\System32\config\software.sav
[2008.08.28 00:43:30 | 000,491,520 | ---- | M] () -- C:\windows\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.06.04 21:00:41 | 001,075,544 | ---- | M] () -- C:\windows\system32\nvdrsdb0.bin
[2013.06.03 22:22:21 | 001,075,544 | ---- | M] () -- C:\windows\system32\nvdrsdb1.bin
[2013.06.04 21:00:41 | 000,000,001 | ---- | M] () -- C:\windows\system32\nvdrssel.bin
[2013.06.06 15:00:34 | 000,002,206 | ---- | M] () -- C:\windows\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\windows\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Program Files\Seznam.cz\postak.exe" -s -- [2011.05.25 10:00:02 | 000,491,040 | ---- | M] ()
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.05.20 20:44:36 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=95110A1C5A1D228AC1DDF6AB67D00BEB -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.04.14 08:52:28 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=414AFE6E8CCDE984E16D5ED08624CEC6 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.11.28 12:35:29 | 000,878,480 | ---- | M] (Opera Software) MD5=E96462DD021F65D61D3F97056C3EF236 -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.06.06 17:39:27 | 000,000,512 | ---- | M] () MD5=0D3061C6BB8F34CDB6EC4189203F5ADE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.02.11 08:29:24 | 000,120,054 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\- Záloha Flash (4 GB) [7.] -\Covers\Patterns\Cracked Emerald.pat
[2003.02.11 08:29:30 | 000,011,078 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\- Záloha Flash (4 GB) [7.] -\Covers\Textures\Cracked Cement.tex
[2012.12.18 01:05:37 | 000,103,223 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\Obrázky\Google\120th_anniversary_of_the_nutcracker_ballet-992006-hp.jpg
[2008.11.22 23:37:10 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[1999.08.13 06:00:00 | 000,120,054 | ---- | M] () -- \Program Files\Paint Shop Pro 6\Patterns\Cracked Emerald.pat
[1999.08.13 06:00:00 | 000,011,078 | ---- | M] () -- \Program Files\Paint Shop Pro 6\Textures\Cracked Cement.tex
< *keygen* /s >
< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2012.07.06 12:24:36 | 000,008,386 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\backup\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2013.01.25 19:45:02 | 000,003,704 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2013.03.03 11:54:51 | 000,059,788 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader.log
[2013.03.03 11:37:31 | 000,143,346 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_install.txt
[2013.03.03 11:34:38 | 002,264,724 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_v1.log
[2013.03.03 11:38:42 | 000,105,682 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2011.03.26 16:16:32 | 003,258,368 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\Install\YoutubeDownloaderSetup_1.1.msi
[2012.10.17 15:57:39 | 000,000,214 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fstep.yourfiledownloader.com%2Fstatic%2Fa%2Fimages%2Ffavicon.png
[2013.05.11 23:41:43 | 000,006,820 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\temp\Temporary Internet Files\Content.IE5\6PUIFZFI\ajax-loader.bt[1].gif
[2013.05.11 23:41:43 | 000,001,603 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\temp\Temporary Internet Files\Content.IE5\6PUIFZFI\ajax-loader.s[1].gif
[2013.06.04 20:37:24 | 000,002,038 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\4DYVCTQB\vbulletin_post_loader[1].js
[2013.06.01 22:42:20 | 000,001,603 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\4TYNWL6F\ajax-loader.s[1].gif
[2013.06.01 01:05:25 | 000,001,631 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\DP604BB6\loader[1].gif
[2013.05.24 01:40:46 | 000,010,014 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\MH6PQXGH\ajax-loader[1].gif
[2013.06.01 22:32:26 | 000,000,385 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\MH6PQXGH\ajax-loader[2].gif
[2013.05.15 09:31:25 | 000,001,849 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\NB5XP9X2\ajax-loader[1].gif
[2013.06.01 00:07:12 | 000,000,723 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\NB5XP9X2\ajax-loader[2].gif
[2013.05.15 09:31:25 | 000,001,737 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\TS1GHB6I\loader_img.gif.pagespeed.ce.HmdC9cVMF-[1].gif
[2013.06.01 22:42:21 | 000,006,820 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\WDUB8DUB\ajax-loader.bt[1].gif
[2013.05.15 09:31:38 | 000,000,723 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\XS77V180\ajax-loader[1].gif
[2013.05.15 10:08:15 | 000,003,488 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\XS77V180\vbulletin_post_loader[1].js
[2013.04.06 15:24:13 | 000,052,960 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.04.06 15:24:14 | 000,232,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.05.07 14:55:15 | 001,711,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2 \Program Files\Avira\AntiVir Desktop\*.tmp files -> \Program Files\Avira\AntiVir Desktop\*.tmp -> ]
[2013.02.28 21:30:20 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2013.03.01 17:10:18 | 000,940,192 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\lib\DVSVideoDownloader.dll
[2013.01.28 13:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.31 22:28:30 | 002,348,544 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2012.12.27 18:03:02 | 000,001,020 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2013.01.25 19:45:02 | 000,003,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2013.01.22 21:39:36 | 000,006,223 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,045,056 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\hu-HU\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,045,056 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2008.11.07 19:06:24 | 000,000,042 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2009.09.28 21:48:33 | 000,006,639 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.pyc
[2010.06.07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.09.25 11:10:31 | 000,005,437 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2010.10.03 10:09:02 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 21:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.10.03 10:09:15 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
< End of report >
OTL.Txt:
¨¨¨¨¨¨¨¨
OTL logfile created on: 6.6.2013 17:37:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Václav Zíka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,71% Memory free
3,85 Gb Paging File | 3,40 Gb Available in Paging File | 88,50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 176,44 Gb Free Space | 59,19% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 364,89 Gb Free Space | 39,17% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 636,52 Gb Free Space | 68,33% Space Free | Partition Type: NTFS
Drive J: | 465,65 Gb Total Space | 167,17 Gb Free Space | 35,90% Space Free | Partition Type: FAT32
Computer Name: ERIN | User Name: Václav Zíka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.06.06 17:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Václav Zíka\Plocha\OTL.exe
PRC - [2013.05.07 14:55:13 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.06 15:25:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.06 15:24:10 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.06 15:23:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.30 09:10:10 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2011.05.25 10:00:02 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
PRC - [2011.04.27 09:23:10 | 000,871,936 | ---- | M] () -- C:\WINDOWS\system32\atwtusb.exe
PRC - [2009.04.07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008.04.17 15:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008.04.17 15:14:00 | 000,098,616 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.06 15:25:44 | 000,397,704 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.05.25 10:00:02 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\postak.exe
MOD - [2011.05.25 09:59:56 | 000,821,792 | ---- | M] () -- C:\Program Files\Seznam.cz\email.3.dll
MOD - [2011.05.25 09:59:40 | 001,145,888 | ---- | M] () -- C:\Program Files\Seznam.cz\core.3.dll
MOD - [2011.04.27 09:23:10 | 000,871,936 | ---- | M] () -- C:\WINDOWS\system32\atwtusb.exe
MOD - [2009.03.12 16:45:32 | 000,135,168 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
MOD - [2008.11.21 14:58:42 | 000,057,344 | ---- | M] () -- C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
========== Services (SafeList) ==========
SRV - [2013.05.20 20:44:35 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.19 14:14:44 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.06 15:25:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.06 15:23:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.30 09:10:10 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.27 09:23:10 | 000,871,936 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\atwtusb.exe -- (WTService)
SRV - [2008.04.17 15:14:00 | 000,102,712 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
========== Driver Services (SafeList) ==========
DRV - [2013.04.06 15:26:18 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.06 15:26:18 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.06 15:26:18 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.04.06 15:26:18 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.20 12:38:24 | 000,006,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\walvhid.sys -- (vhidmini)
DRV - [2009.03.08 13:15:14 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2008.08.28 00:39:42 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.06.27 11:24:56 | 004,742,656 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.01.03 16:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005.07.07 16:26:04 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005.07.07 16:26:00 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.07.07 16:25:58 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.07.07 16:25:52 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.07.07 16:25:50 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.7
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.20 20:44:25 | 000,000,000 | ---D | M]
[2010.06.15 15:39:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Extensions
[2013.05.09 10:33:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions
[2010.09.12 17:09:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.10 00:31:07 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013.01.03 11:15:03 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.05.09 10:33:57 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.06 15:34:56 | 000,002,344 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla\Firefox\Profiles\f7h9fk5z.default\searchplugins\askcom.xml
[2013.05.20 20:44:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.05.20 20:44:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.20 20:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.20 20:44:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VáCLAV ZĂKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\F7H9FK5Z.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
O1 HOSTS File: ([2013.05.09 11:56:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.3.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MacrokeyManager] C:\windows\System32\WTMKM.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\windows\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\postak.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2008.08.31 01:45:17 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office Outlook 2003.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-2052111302-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.13.80.80 85.13.80.90
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA6B6FAD-9F46-4B0C-B5D8-394887872646}: DhcpNameServer = 85.13.80.80 85.13.80.90
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.04.28 18:44:28 | 000,000,000 | ---D | M] - F:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk /p \??\F:)
O34 - HKLM BootExecute: (autocheck autochk /p \??\K:)
O34 - HKLM BootExecute: (autocheck autochk /p \??\L:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.divxa32 - C:\windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.06.06 17:34:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Václav Zíka\Plocha\OTL.exe
[2013.06.06 15:43:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.06.06 14:32:34 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\31blo.dat
========== Files - Modified Within 7 Days ==========
[2013.06.06 17:39:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.06.06 17:34:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Václav Zíka\Plocha\OTL.exe
[2013.06.06 17:23:00 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.06 17:14:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.06.06 15:42:56 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Plocha\RSIT.exe
[2013.06.06 15:00:34 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013.06.06 14:59:51 | 000,000,936 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.06 14:59:38 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.06 14:59:36 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.06 14:37:21 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.pad
[2013.06.06 14:32:39 | 000,003,078 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.js
[2013.06.06 14:32:34 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\31blo.dat
[2013.06.04 21:00:41 | 001,075,544 | ---- | M] () -- C:\windows\System32\nvdrsdb0.bin
[2013.06.04 21:00:41 | 000,000,001 | ---- | M] () -- C:\windows\System32\nvdrssel.bin
[2013.06.04 18:47:12 | 000,005,374 | ---- | M] () -- C:\windows\WDICT32.INI
[2013.06.04 18:39:27 | 000,002,840 | ---- | M] () -- C:\windows\TRNCOM.INI
[2013.06.04 18:26:23 | 000,001,680 | ---- | M] () -- C:\windows\MAILTRAN.INI
[2013.06.03 22:22:21 | 001,075,544 | ---- | M] () -- C:\windows\System32\nvdrsdb1.bin
========== Files Created - No Company Name ==========
[2013.06.06 17:39:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.06.06 15:42:56 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\Plocha\RSIT.exe
[2013.06.06 14:59:36 | 2145,898,496 | -HS- | C] () -- C:\hiberfil.sys
[2013.06.06 14:32:39 | 000,003,078 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.js
[2013.06.06 14:32:37 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\olb13.pad
[2013.05.20 09:40:12 | 000,005,662 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\.recently-used.xbel
[2013.02.26 02:55:20 | 000,000,038 | ---- | C] () -- C:\windows\AviSplitter.INI
[2012.07.06 11:57:43 | 001,075,544 | ---- | C] () -- C:\windows\System32\nvdrsdb1.bin
[2012.07.06 11:57:43 | 001,075,544 | ---- | C] () -- C:\windows\System32\nvdrsdb0.bin
[2012.07.06 11:57:43 | 000,000,001 | ---- | C] () -- C:\windows\System32\nvdrssel.bin
[2012.07.06 11:57:20 | 002,807,708 | ---- | C] () -- C:\windows\System32\nvdata.data
[2012.07.06 11:55:02 | 000,000,664 | ---- | C] () -- C:\windows\System32\d3d9caps.dat
[2012.04.12 16:52:48 | 000,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2012.02.15 17:28:41 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2011.12.25 16:17:49 | 000,010,513 | ---- | C] () -- C:\windows\System32\Windows7.ini
[2011.12.25 16:17:49 | 000,010,251 | ---- | C] () -- C:\windows\System32\Vista.ini
[2011.12.25 16:17:49 | 000,009,868 | ---- | C] () -- C:\windows\System32\XP_2000.ini
[2011.12.25 16:17:48 | 000,022,856 | ---- | C] () -- C:\windows\System32\Photoshop Elements.ini
[2011.12.25 16:17:48 | 000,015,605 | ---- | C] () -- C:\windows\System32\PhotoImpact XL SE.ini
[2011.12.25 16:17:48 | 000,000,969 | ---- | C] () -- C:\windows\System32\Corel Draw Essential X5.ini
[2011.12.25 16:17:48 | 000,000,963 | ---- | C] () -- C:\windows\System32\Corel Draw Essential 4.ini
[2011.12.25 16:17:48 | 000,000,833 | ---- | C] () -- C:\windows\System32\MKProfile.ini
[2011.12.25 16:17:46 | 000,871,936 | ---- | C] () -- C:\windows\System32\atwtusb.exe
[2011.12.25 16:17:45 | 007,144,448 | ---- | C] () -- C:\windows\System32\WTMKM.exe
[2011.12.25 16:17:41 | 000,045,056 | ---- | C] () -- C:\windows\System32\InstallService.exe
[2011.12.25 16:17:40 | 004,109,824 | ---- | C] () -- C:\windows\System32\Control Panel_Betteryless.exe
[2011.12.25 16:17:39 | 000,147,456 | ---- | C] () -- C:\windows\System32\Calibration.exe
[2011.12.25 16:17:37 | 000,835,072 | ---- | C] () -- C:\windows\RmTablet.exe
[2011.12.25 16:17:36 | 000,010,708 | ---- | C] () -- C:\windows\System32\aiptbl.ini
[2008.12.09 00:42:20 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.31 13:59:03 | 000,000,560 | ---- | C] () -- C:\Documents and Settings\Václav Zíka\Local Settings\Data aplikací\FASTWiz.html
[2008.08.30 23:12:03 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
========== ZeroAccess Check ==========
[2009.02.14 18:07:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.16 23:18:20 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.04.24 23:07:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAZ 3D
[2011.10.30 23:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GoldWaveCDDB
[2012.12.25 00:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2013.04.13 09:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KASTNER software
[2011.12.25 16:17:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tablet
[2012.12.12 18:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.03.24 21:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\AMPSoft
[2008.12.31 15:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Blender Foundation
[2013.03.04 09:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\calibre
[2013.04.06 15:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\CallingID
[2013.04.24 23:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DAZ 3D
[2009.12.07 00:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Docx2Rtf
[2013.03.03 11:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft
[2013.03.03 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoftIEHelpers
[2011.02.22 21:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Epson
[2013.04.24 17:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Firestorm
[2013.04.24 20:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FirestormBack
[2010.02.08 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FLV Extract
[2011.10.30 23:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\GoldWaveCDDB
[2013.05.20 09:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\gtk-2.0
[2012.12.25 00:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\IsolatedStorage
[2010.09.25 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Jpeg Resampler
[2013.04.13 09:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Kastner software
[2011.06.21 11:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\MyPhoneExplorer
[2009.12.07 00:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NwDocx
[2009.12.08 02:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\OpenOffice.org
[2010.10.25 16:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Opera
[2012.04.12 20:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Tomas Varaneckas
[2011.01.14 01:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\WeGame
[2012.10.18 20:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\YCanPDF
[2012.12.24 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Zena+Cornie
========== Purity Check ==========
========== Custom Scans ==========
< >
[2008.08.27 22:56:13 | 000,000,065 | RH-- | C] () -- C:\windows\Tasks\desktop.ini
[2008.08.27 23:00:06 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2013.05.12 14:18:52 | 000,000,936 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.12 14:18:53 | 000,000,940 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.19 14:09:17 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.09.20 15:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Adobe
[2008.08.30 23:45:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\AdobeUM
[2010.03.24 21:38:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\AMPSoft
[2008.10.11 18:29:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Apple Computer
[2011.10.05 15:40:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\ArcSoft
[2013.04.06 15:40:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Avira
[2008.12.31 15:01:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Blender Foundation
[2013.03.04 09:45:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\calibre
[2013.04.06 15:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\CallingID
[2008.09.10 00:36:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\CyberLink
[2013.04.24 23:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DAZ 3D
[2009.12.07 00:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Docx2Rtf
[2013.03.03 11:37:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft
[2013.03.03 11:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoftIEHelpers
[2011.02.22 21:24:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Epson
[2013.04.24 17:53:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Firestorm
[2013.04.24 20:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FirestormBack
[2010.02.08 17:42:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\FLV Extract
[2011.10.30 23:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\GoldWaveCDDB
[2008.08.30 23:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\GRETECH
[2013.05.20 09:40:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\gtk-2.0
[2008.09.07 20:21:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Help
[2008.08.27 23:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Identities
[2008.08.27 23:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\InstallShield
[2012.12.25 00:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\IsolatedStorage
[2010.09.25 12:11:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Jpeg Resampler
[2013.04.13 09:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Kastner software
[2011.10.21 20:22:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Lavasoft
[2008.08.31 16:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Macromedia
[2013.05.18 16:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Media Player Classic
[2013.05.09 01:03:22 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Microsoft
[2010.06.15 15:39:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Mozilla
[2011.06.21 11:47:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\MyPhoneExplorer
[2011.11.13 11:47:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NCH Software
[2012.07.06 12:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NVIDIA
[2009.12.07 00:10:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\NwDocx
[2009.12.08 02:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\OpenOffice.org
[2009.12.08 02:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\OpenOffice.org2
[2010.10.25 16:50:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Opera
[2009.01.30 00:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\PSpad
[2008.10.28 13:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Real
[2013.05.12 18:00:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Skype
[2011.04.09 08:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\skypePM
[2009.06.05 15:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Sun
[2012.04.12 20:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Tomas Varaneckas
[2011.01.14 01:30:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\WeGame
[2012.10.18 20:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\YCanPDF
[2012.12.24 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Václav Zíka\Data aplikací\Zena+Cornie
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2010.04.26 15:32:58 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\GRETECH\GomPlayer\GrLauncherTempSetup.exe
[2010.04.02 15:37:51 | 000,094,208 | R--- | M] () -- C:\Documents and Settings\Václav Zíka\Data aplikací\Microsoft\Installer\{4723F199-FA64-4233-8E6E-9FCCC95A18EE}\python_icon.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.06.06 17:14:00 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.06.06 14:59:51 | 000,000,936 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.06.06 17:23:00 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.08.28 00:43:30 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2008.08.28 00:43:30 | 000,663,552 | ---- | M] () -- C:\windows\System32\config\software.sav
[2008.08.28 00:43:30 | 000,491,520 | ---- | M] () -- C:\windows\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.06.04 21:00:41 | 001,075,544 | ---- | M] () -- C:\windows\system32\nvdrsdb0.bin
[2013.06.03 22:22:21 | 001,075,544 | ---- | M] () -- C:\windows\system32\nvdrsdb1.bin
[2013.06.04 21:00:41 | 000,000,001 | ---- | M] () -- C:\windows\system32\nvdrssel.bin
[2013.06.06 15:00:34 | 000,002,206 | ---- | M] () -- C:\windows\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\windows\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Program Files\Seznam.cz\postak.exe" -s -- [2011.05.25 10:00:02 | 000,491,040 | ---- | M] ()
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.05.20 20:44:36 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=95110A1C5A1D228AC1DDF6AB67D00BEB -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.04.14 08:52:28 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=414AFE6E8CCDE984E16D5ED08624CEC6 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.11.28 12:35:29 | 000,878,480 | ---- | M] (Opera Software) MD5=E96462DD021F65D61D3F97056C3EF236 -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.06.06 17:39:27 | 000,000,512 | ---- | M] () MD5=0D3061C6BB8F34CDB6EC4189203F5ADE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2003.02.11 08:29:24 | 000,120,054 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\- Záloha Flash (4 GB) [7.] -\Covers\Patterns\Cracked Emerald.pat
[2003.02.11 08:29:30 | 000,011,078 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\- Záloha Flash (4 GB) [7.] -\Covers\Textures\Cracked Cement.tex
[2012.12.18 01:05:37 | 000,103,223 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\Obrázky\Google\120th_anniversary_of_the_nutcracker_ballet-992006-hp.jpg
[2008.11.22 23:37:10 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[1999.08.13 06:00:00 | 000,120,054 | ---- | M] () -- \Program Files\Paint Shop Pro 6\Patterns\Cracked Emerald.pat
[1999.08.13 06:00:00 | 000,011,078 | ---- | M] () -- \Program Files\Paint Shop Pro 6\Textures\Cracked Cement.tex
< *keygen* /s >
< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2012.07.06 12:24:36 | 000,008,386 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\backup\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2013.01.25 19:45:02 | 000,003,704 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2013.03.03 11:54:51 | 000,059,788 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader.log
[2013.03.03 11:37:31 | 000,143,346 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_install.txt
[2013.03.03 11:34:38 | 002,264,724 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_v1.log
[2013.03.03 11:38:42 | 000,105,682 | ---- | M] () -- \Documents and Settings\Václav Zíka\Data aplikací\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2011.03.26 16:16:32 | 003,258,368 | ---- | M] () -- \Documents and Settings\Václav Zíka\Dokumenty\Install\YoutubeDownloaderSetup_1.1.msi
[2012.10.17 15:57:39 | 000,000,214 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Data aplikací\Opera\Opera\icons\http%3A%2F%2Fstep.yourfiledownloader.com%2Fstatic%2Fa%2Fimages%2Ffavicon.png
[2013.05.11 23:41:43 | 000,006,820 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\temp\Temporary Internet Files\Content.IE5\6PUIFZFI\ajax-loader.bt[1].gif
[2013.05.11 23:41:43 | 000,001,603 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\temp\Temporary Internet Files\Content.IE5\6PUIFZFI\ajax-loader.s[1].gif
[2013.06.04 20:37:24 | 000,002,038 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\4DYVCTQB\vbulletin_post_loader[1].js
[2013.06.01 22:42:20 | 000,001,603 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\4TYNWL6F\ajax-loader.s[1].gif
[2013.06.01 01:05:25 | 000,001,631 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\DP604BB6\loader[1].gif
[2013.05.24 01:40:46 | 000,010,014 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\MH6PQXGH\ajax-loader[1].gif
[2013.06.01 22:32:26 | 000,000,385 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\MH6PQXGH\ajax-loader[2].gif
[2013.05.15 09:31:25 | 000,001,849 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\NB5XP9X2\ajax-loader[1].gif
[2013.06.01 00:07:12 | 000,000,723 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\NB5XP9X2\ajax-loader[2].gif
[2013.05.15 09:31:25 | 000,001,737 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\TS1GHB6I\loader_img.gif.pagespeed.ce.HmdC9cVMF-[1].gif
[2013.06.01 22:42:21 | 000,006,820 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\WDUB8DUB\ajax-loader.bt[1].gif
[2013.05.15 09:31:38 | 000,000,723 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\XS77V180\ajax-loader[1].gif
[2013.05.15 10:08:15 | 000,003,488 | ---- | M] () -- \Documents and Settings\Václav Zíka\Local Settings\Temporary Internet Files\Content.IE5\XS77V180\vbulletin_post_loader[1].js
[2013.04.06 15:24:13 | 000,052,960 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.04.06 15:24:14 | 000,232,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.05.07 14:55:15 | 001,711,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2 \Program Files\Avira\AntiVir Desktop\*.tmp files -> \Program Files\Avira\AntiVir Desktop\*.tmp -> ]
[2013.02.28 21:30:20 | 000,044,032 | R--- | M] () -- \Program Files\Calibre2\DLLs\PyISAPI_loader.dll
[2013.03.01 17:10:18 | 000,940,192 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\lib\DVSVideoDownloader.dll
[2013.01.28 13:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.31 22:28:30 | 002,348,544 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2012.12.27 18:03:02 | 000,001,020 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2013.01.25 19:45:02 | 000,003,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2013.01.22 21:39:36 | 000,006,223 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,045,056 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\hu-HU\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,045,056 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2013.01.31 22:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2008.11.07 19:06:24 | 000,000,042 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2009.09.28 21:48:33 | 000,006,639 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.pyc
[2010.06.07 21:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.09.25 11:10:31 | 000,005,437 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2010.10.03 10:09:02 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 21:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2010.10.03 10:09:15 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 16:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
< End of report >
Re: Prosím o kontrolu logu.
a tady je ten druhý:
Extras.Txt:
¨¨¨¨¨¨¨¨¨
OTL Extras logfile created on: 6.6.2013 17:37:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Václav Zíka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,71% Memory free
3,85 Gb Paging File | 3,40 Gb Available in Paging File | 88,50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 176,44 Gb Free Space | 59,19% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 364,89 Gb Free Space | 39,17% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 636,52 Gb Free Space | 68,33% Space Free | Partition Type: NTFS
Drive J: | 465,65 Gb Total Space | 167,17 Gb Free Space | 35,90% Space Free | Partition Type: FAT32
Computer Name: ERIN | User Name: Václav Zíka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\IronWare Communication\IW FTPort Client\Cftp32.exe" = C:\Program Files\IronWare Communication\IW FTPort Client\Cftp32.exe:*:Enabled:IW FTPort Client -- (AEC s.r.o.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Firestorm-Release\SLVoice.exe" = C:\Program Files\Firestorm-Release\SLVoice.exe:*:Enabled:SLVoice -- ()
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.2.4902
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{311F799A-FCE9-4D9E-B5D2-CBB8859B40BB}" = Microsoft XNA Framework Redistributable 1.0 Refresh
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CA9D105-113C-11D8-AB3E-000102B0F79A}" = Readiris Pro 9
"{4723F199-FA64-4233-8E6E-9FCCC95A18EE}" = Python 2.6.5
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{531F0013-964C-4BE6-B382-4117DC8BCDF9}" = ArcSoft MediaImpression
"{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{87CE002F-33CD-4C3A-95CA-6EC98DC1A6C3}" = calibre
"{90110405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F9697D3-DCB6-4716-A643-DFEE792F8E10}_is1" = FWSplitter 1.3
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.3
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C910A7-0B89-4260-8845-FE221D9285E8}_is1" = PC Chrono 1.1.0.6
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}" = hp deskjet 5100
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client Beta 2.1.9
"7-Zip" = 7-Zip 4.43 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adolix Split and Merge PDF_is1" = Adolix Split and Merge PDF v2.1
"AMP Font Viewer" = AMP Font Viewer
"Avira AntiVir Desktop" = Avira Free Antivirus
"AWicons Lite" = AWicons Lite
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON PERFECTION V30_V300 PHOTO Uživatelská příručka" = EPSON PERFECTION V30_V300 PHOTO Manuál
"EPSON Scanner" = EPSON Scan
"FBReader for Windows" = FBReader for Windows
"Filzip 3.0.0.0_is1" = Filzip 3.0
"Firestorm-Release" = Firestorm-Release (remove only)
"FormatFactory" = FormatFactory 3.00
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"GoldWave v5.25" = GoldWave v5.25
"GOM Player" = GOM Player
"hp print screen utility" = hp print screen utility
"ICE Book Reader Professional" = ICE Book Reader Professional
"Jass-2" = Jass-2 (remove only)
"JPEG Resampler_is1" = JPEG Resampler Vs 5.0
"jwDuplFiles_is1" = jwDuplFiles 2.0
"Ladicka" = Ladicka
"Lexicon 4.0" = Lingea Lexicon 2002
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixPad" = MixPad Audio Mixer
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox 21.0 (x86 cs)" = Mozilla Firefox 21.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Renamer 3.0 by ŠtuPe" = MP3 Renamer 3.0 by ŠtuPe (pouze odstranění)
"MPE" = MyPhoneExplorer
"Multi Unpacker" = Multi Unpacker 1.0
"Mumble" = Mumble and Murmur
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Opera 12.11.1661" = Opera 12.11
"Paint Shop Pro 6.0" = Paint Shop Pro 6.0 (ESD)
"PC Translator" = PC Translator
"PDF To Word Converter_is1" = PDF To Word Converter V3.0.3
"PSPad editor_is1" = PSPad editor
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"RmTablet" = Tablet Driver With Macrokey Manager
"save2pc Light_is1" = save2pc Light 3.38
"Stamp" = Stamp ID3 Tag Editor
"STDU Viewer_is1" = STDU Viewer version 1.6.205.0
"szn-software-postak" = Seznam Pošťák (Všichni uživatelé tohoto počítače.)
"Totalcmd" = Total Commander (Remove or Repair)
"WavePad" = WavePad Sound Editor
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 3 Free 3.82
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.5.2013 7:48:01 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace stduviewerapp.exe, verze 1.6.205.0, chybující modul
stdumobifile.dll, verze 1.4.120.0, adresa chyby 0x0000ad7c.
Error - 31.5.2013 7:48:11 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace stduviewerapp.exe, verze 1.6.205.0, chybující modul
stdumobifile.dll, verze 1.4.120.0, adresa chyby 0x0000ad7c.
Error - 31.5.2013 7:50:50 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace stduviewerapp.exe, verze 1.6.205.0, chybující modul
stdumobifile.dll, verze 1.4.120.0, adresa chyby 0x0000ad7c.
Error - 31.5.2013 18:07:37 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
jscript.dll, verze 5.7.6002.22589, adresa chyby 0x00021398.
Error - 31.5.2013 18:29:46 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
mshtml.dll, verze 6.0.2900.6380, adresa chyby 0x0006f87c.
Error - 1.6.2013 7:09:53 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace msohelp.exe, verze 11.0.6176.0, chybující modul
mshtml.dll, verze 6.0.2900.6380, adresa chyby 0x0006a5e0.
Error - 1.6.2013 8:04:54 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace salamand.exe, verze 1.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00019af2.
Error - 4.6.2013 8:13:05 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace salamand.exe, verze 1.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x0000100b.
Error - 4.6.2013 14:39:14 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
mshtml.dll, verze 6.0.2900.6380, adresa chyby 0x00018e65.
Error - 5.6.2013 15:15:20 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x01acd6bc.
[ System Events ]
Error - 11.5.2013 16:34:40 | Computer Name = ERIN | Source = Service Control Manager | ID = 7034
Description = Služba WTService byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 11.5.2013 16:34:40 | Computer Name = ERIN | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Driver Helper Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 11.5.2013 16:34:40 | Computer Name = ERIN | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 6.6.2013 8:40:29 | Computer Name = ERIN | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD avipbb avkmgr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv
Tcpip
WS2IFSL
Error - 6.6.2013 8:55:31 | Computer Name = ERIN | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
Extras.Txt:
¨¨¨¨¨¨¨¨¨
OTL Extras logfile created on: 6.6.2013 17:37:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Václav Zíka\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 73,71% Memory free
3,85 Gb Paging File | 3,40 Gb Available in Paging File | 88,50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 176,44 Gb Free Space | 59,19% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 364,89 Gb Free Space | 39,17% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 636,52 Gb Free Space | 68,33% Space Free | Partition Type: NTFS
Drive J: | 465,65 Gb Total Space | 167,17 Gb Free Space | 35,90% Space Free | Partition Type: FAT32
Computer Name: ERIN | User Name: Václav Zíka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:Remote Desktop
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\IronWare Communication\IW FTPort Client\Cftp32.exe" = C:\Program Files\IronWare Communication\IW FTPort Client\Cftp32.exe:*:Enabled:IW FTPort Client -- (AEC s.r.o.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Disabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Firestorm-Release\SLVoice.exe" = C:\Program Files\Firestorm-Release\SLVoice.exe:*:Enabled:SLVoice -- ()
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.6.2.4902
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{311F799A-FCE9-4D9E-B5D2-CBB8859B40BB}" = Microsoft XNA Framework Redistributable 1.0 Refresh
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CA9D105-113C-11D8-AB3E-000102B0F79A}" = Readiris Pro 9
"{4723F199-FA64-4233-8E6E-9FCCC95A18EE}" = Python 2.6.5
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{531F0013-964C-4BE6-B382-4117DC8BCDF9}" = ArcSoft MediaImpression
"{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{87CE002F-33CD-4C3A-95CA-6EC98DC1A6C3}" = calibre
"{90110405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F9697D3-DCB6-4716-A643-DFEE792F8E10}_is1" = FWSplitter 1.3
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.3
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C910A7-0B89-4260-8845-FE221D9285E8}_is1" = PC Chrono 1.1.0.6
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FEDA56C4-82F3-46DD-8B50-FC592BBE1C0D}" = hp deskjet 5100
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12345_is1" = WeGame Client Beta 2.1.9
"7-Zip" = 7-Zip 4.43 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adolix Split and Merge PDF_is1" = Adolix Split and Merge PDF v2.1
"AMP Font Viewer" = AMP Font Viewer
"Avira AntiVir Desktop" = Avira Free Antivirus
"AWicons Lite" = AWicons Lite
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON PERFECTION V30_V300 PHOTO Uživatelská příručka" = EPSON PERFECTION V30_V300 PHOTO Manuál
"EPSON Scanner" = EPSON Scan
"FBReader for Windows" = FBReader for Windows
"Filzip 3.0.0.0_is1" = Filzip 3.0
"Firestorm-Release" = Firestorm-Release (remove only)
"FormatFactory" = FormatFactory 3.00
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"GoldWave v5.25" = GoldWave v5.25
"GOM Player" = GOM Player
"hp print screen utility" = hp print screen utility
"ICE Book Reader Professional" = ICE Book Reader Professional
"Jass-2" = Jass-2 (remove only)
"JPEG Resampler_is1" = JPEG Resampler Vs 5.0
"jwDuplFiles_is1" = jwDuplFiles 2.0
"Ladicka" = Ladicka
"Lexicon 4.0" = Lingea Lexicon 2002
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MixPad" = MixPad Audio Mixer
"Monkey's Audio_is1" = Monkey's Audio
"Mozilla Firefox 21.0 (x86 cs)" = Mozilla Firefox 21.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Renamer 3.0 by ŠtuPe" = MP3 Renamer 3.0 by ŠtuPe (pouze odstranění)
"MPE" = MyPhoneExplorer
"Multi Unpacker" = Multi Unpacker 1.0
"Mumble" = Mumble and Murmur
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Opera 12.11.1661" = Opera 12.11
"Paint Shop Pro 6.0" = Paint Shop Pro 6.0 (ESD)
"PC Translator" = PC Translator
"PDF To Word Converter_is1" = PDF To Word Converter V3.0.3
"PSPad editor_is1" = PSPad editor
"RealAlt_is1" = Real Alternative 1.9.0 Lite
"RmTablet" = Tablet Driver With Macrokey Manager
"save2pc Light_is1" = save2pc Light 3.38
"Stamp" = Stamp ID3 Tag Editor
"STDU Viewer_is1" = STDU Viewer version 1.6.205.0
"szn-software-postak" = Seznam Pošťák (Všichni uživatelé tohoto počítače.)
"Totalcmd" = Total Commander (Remove or Repair)
"WavePad" = WavePad Sound Editor
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.3
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 3 Free 3.82
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1614895754-2052111302-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.5.2013 7:48:01 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace stduviewerapp.exe, verze 1.6.205.0, chybující modul
stdumobifile.dll, verze 1.4.120.0, adresa chyby 0x0000ad7c.
Error - 31.5.2013 7:48:11 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace stduviewerapp.exe, verze 1.6.205.0, chybující modul
stdumobifile.dll, verze 1.4.120.0, adresa chyby 0x0000ad7c.
Error - 31.5.2013 7:50:50 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace stduviewerapp.exe, verze 1.6.205.0, chybující modul
stdumobifile.dll, verze 1.4.120.0, adresa chyby 0x0000ad7c.
Error - 31.5.2013 18:07:37 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
jscript.dll, verze 5.7.6002.22589, adresa chyby 0x00021398.
Error - 31.5.2013 18:29:46 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
mshtml.dll, verze 6.0.2900.6380, adresa chyby 0x0006f87c.
Error - 1.6.2013 7:09:53 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace msohelp.exe, verze 11.0.6176.0, chybující modul
mshtml.dll, verze 6.0.2900.6380, adresa chyby 0x0006a5e0.
Error - 1.6.2013 8:04:54 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace salamand.exe, verze 1.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00019af2.
Error - 4.6.2013 8:13:05 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace salamand.exe, verze 1.0.0.0, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x0000100b.
Error - 4.6.2013 14:39:14 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
mshtml.dll, verze 6.0.2900.6380, adresa chyby 0x00018e65.
Error - 5.6.2013 15:15:20 | Computer Name = ERIN | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 6.0.2900.5512, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x01acd6bc.
[ System Events ]
Error - 11.5.2013 16:34:40 | Computer Name = ERIN | Source = Service Control Manager | ID = 7034
Description = Služba WTService byla neočekávaně ukončena. Tento stav nastal již
1krát.
Error - 11.5.2013 16:34:40 | Computer Name = ERIN | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Driver Helper Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 11.5.2013 16:34:40 | Computer Name = ERIN | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.
Error - 6.6.2013 8:40:29 | Computer Name = ERIN | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31
Error - 6.6.2013 8:40:56 | Computer Name = ERIN | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD avipbb avkmgr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv
Tcpip
WS2IFSL
Error - 6.6.2013 8:55:31 | Computer Name = ERIN | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
< End of report >
Re: Prosím o kontrolu logu.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
Je to pravda, a jsem Vám vskutku vděčný, že jsem se s Vaší pomocí před nedávnem jedné havěti zbavil. Rozhodně jsem nečekal, že se na Vás budu muset tak brzo znovu obracet.
Nejsem si zcela jist, kde jsem k této nové nákaze přišel, ale podezření mám. Včera jsem ke svému počítači, patrně dost neprozřetelně, připojil HD z PC jednoho známého, po té co mě prosil, jestli bych se mu z něj nepokusil zachránit nějaká data, protože mu zkolaboval systém. Při procházení adresářovou strukturou a hledání dat určených k záchraně jsem pak omylem místo otevření vnořeného adresáře nějaký jeden program spustil. Hned jsem jej ukončil a nic se nedělo, takže teď nevím jistě, jestli právě tento moment byl zárodkem mých dnešních potíží, ale od naší poslední spolupráce jsem žádný software odnikud nestahoval.
Mrzí mě, že už Vás musím znovu obtěžovat, proto jsem se také hned zprvu snažil tuto závadu odstranit sám způsobem, který jsem tu v samém úvodu popsal, ale bohužel nemám jistotu, jestli jsem byl dostatečně úspěšný a zcela se toho zbavil.
Prosím, nezlobte se a ještě jednou mi pozte. Děkuji.
Nejsem si zcela jist, kde jsem k této nové nákaze přišel, ale podezření mám. Včera jsem ke svému počítači, patrně dost neprozřetelně, připojil HD z PC jednoho známého, po té co mě prosil, jestli bych se mu z něj nepokusil zachránit nějaká data, protože mu zkolaboval systém. Při procházení adresářovou strukturou a hledání dat určených k záchraně jsem pak omylem místo otevření vnořeného adresáře nějaký jeden program spustil. Hned jsem jej ukončil a nic se nedělo, takže teď nevím jistě, jestli právě tento moment byl zárodkem mých dnešních potíží, ale od naší poslední spolupráce jsem žádný software odnikud nestahoval.
Mrzí mě, že už Vás musím znovu obtěžovat, proto jsem se také hned zprvu snažil tuto závadu odstranit sám způsobem, který jsem tu v samém úvodu popsal, ale bohužel nemám jistotu, jestli jsem byl dostatečně úspěšný a zcela se toho zbavil.
Prosím, nezlobte se a ještě jednou mi pozte. Děkuji.
Re: Prosím o kontrolu logu.
OK, diky za vysvetleni. Evidentne jste se nenakazil vasi vinnou Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl [2013.06.06 17:14:00 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job [2013.06.06 14:59:51 | 000,000,936 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job [2013.06.06 17:23:00 | 000,000,940 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=- :files C:\Documents and Settings\All Users\Data aplikací\olb13.js C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
All processes killed
========== OTL ==========
C:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Data aplikací\olb13.js moved successfully.
C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Václav Zíka
->Temp folder emptied: 424629041 bytes
->Temporary Internet Files folder emptied: 962764057 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 78391855 bytes
->Opera cache emptied: 52557213 bytes
->Flash cache emptied: 14453 bytes
User: Václav ZÃka
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49635 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1688026 bytes
Total Files Cleaned = 1 450,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: UpdatusUser
User: Václav Zíka
->Flash cache emptied: 0 bytes
User: Václav ZÃka
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: UpdatusUser
User: Václav Zíka
->Java cache emptied: 0 bytes
User: Václav ZÃka
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06062013_215708
Files\Folders moved on Reboot...
C:\windows\System32\drivers\etc\Hosts moved successfully.
File\Folder C:\Documents and Settings\Václav Zíka\Local Settings\Temp\17F08B3.dmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
C:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Data aplikací\olb13.js moved successfully.
C:\Documents and Settings\All Users\Data aplikací\kjhy64.txt moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
File move failed. C:\windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Václav Zíka
->Temp folder emptied: 424629041 bytes
->Temporary Internet Files folder emptied: 962764057 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 78391855 bytes
->Opera cache emptied: 52557213 bytes
->Flash cache emptied: 14453 bytes
User: Václav ZÃka
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49635 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1688026 bytes
Total Files Cleaned = 1 450,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: UpdatusUser
User: Václav Zíka
->Flash cache emptied: 0 bytes
User: Václav ZÃka
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: UpdatusUser
User: Václav Zíka
->Java cache emptied: 0 bytes
User: Václav ZÃka
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 06062013_215708
Files\Folders moved on Reboot...
C:\windows\System32\drivers\etc\Hosts moved successfully.
File\Folder C:\Documents and Settings\Václav Zíka\Local Settings\Temp\17F08B3.dmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu logu.
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu.
Tak, je uklizeno.
Ještě jednou mnohokrát děkuji za Vaši pomoc a pevně doufám, že o mne teď dost dlouho neuslyšíte.
Mnoho zdaru ve Vaší skvělé činnosti.
Ještě jednou mnohokrát děkuji za Vaši pomoc a pevně doufám, že o mne teď dost dlouho neuslyšíte.
Mnoho zdaru ve Vaší skvělé činnosti.
Re: Prosím o kontrolu logu.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
