prosim o kontrolu....v poslednej dobe sa zda pomaly a navyse potrebujem nejake miesto v nom urobit, ci je tam cosi bez mojho vedomia co sa moze odstranit ("nejaky bordel")....
no potom ci sa da (a ako) poodstranovat veci aby som co najmenej neziaducich dat stahoval ked sa pripojim
dakujem.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Premio at 2013-11-09 14:31:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (6%) free of 16 GB
Total RAM: 1023 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:32:01, on 9.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\T-MOBI~1\drivers\A96FED~1\FMMSER~1.EXE
C:\PROGRA~1\T-MOBI~1\FOFDMU~1.EXE
C:\Program Files\ArcGIS\License10.0\bin\ARCGIS.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
E:\samsung\Kies\Kies.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Documents and Settings\Premio\Plocha\RSIT.exe
C:\Program Files\trend micro\Premio.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\qt\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KiesPDLR] E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] E:\samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcGIS License Manager - Acresso Software Inc. - C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Mobility Manager Service (FMMService) - Flarion Technologies, Inc. - C:\PROGRA~1\T-MOBI~1\drivers\A96FED~1\FMMSER~1.EXE
O23 - Service: FOFDM Upgrade (FOFDMUpgrade) - Paradoxx Software - C:\PROGRA~1\T-MOBI~1\FOFDMU~1.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 7163 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default
prefs.js - "browser.startup.homepage" - "www.sme.sk"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
QuickTimePlugin.class
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-16 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-16 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-04-17 110592]
"nwiz"=nwiz.exe /install []
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-03-06 86016]
"Control Center"=C:\Program Files\ASUS\WLAN Card Utilities\Center.exe [2006-05-04 1689600]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-12-19 15797248]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-27 7573504]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-04-27 86016]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"QuickTime Task"=C:\Program Files\qt\QTTask.exe [2012-10-25 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"KiesPDLR"=E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656]
"KiesPreload"=E:\samsung\Kies\Kies.exe [2013-09-04 1564528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
E:\samsung\Kies\KiesHelper.exe /s []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
E:\samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\System32\muzapp.exe"="C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=iyvu9_32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======List of files/folders created in the last 1 month======
2013-11-06 19:33:02 ----D---- C:\Program Files\Mozilla Firefox
2013-11-06 03:46:07 ----D---- C:\Program Files\trend micro
2013-11-06 03:46:05 ----D---- C:\rsit
2013-10-19 14:30:04 ----D---- C:\Documents and Settings\Premio\Data aplikací\Rovio
2013-10-13 20:47:21 ----A---- C:\WINDOWS\system32\drivers\ssudobex.sys
2013-10-13 20:47:19 ----A---- C:\WINDOWS\system32\drivers\ssudmdm.sys
2013-10-13 20:47:18 ----A---- C:\WINDOWS\system32\drivers\ssudbus.sys
2013-10-13 20:11:28 ----D---- C:\Program Files\MyFree Codec
2013-10-13 19:55:29 ----A---- C:\WINDOWS\system32\FsUsbExService.Exe
2013-10-13 19:55:29 ----A---- C:\WINDOWS\system32\FsUsbExDisk.Sys
2013-10-13 19:55:29 ----A---- C:\WINDOWS\system32\FsUsbExDevice.Dll
2013-10-13 19:47:19 ----D---- C:\Program Files\MarkAny
======List of files/folders modified in the last 1 month======
2013-11-09 14:30:00 ----A---- C:\ASWL2K.ini
2013-11-09 14:26:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-10-22 21:22:46 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 risdptsk;risdptsk; C:\WINDOWS\system32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-18 716272]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-11-26 20747]
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.9; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2010-02-17 15781]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 BCM43XX;ASUS 802.11 - ovládač sieťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-12-19 4127232]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-27 3663040]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-06 11136]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]
S1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-10-31 20032]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 FlrnUSB;Leadtek USB Network Interface; C:\WINDOWS\system32\DRIVERS\FlrnUSB.sys [2010-11-13 42213]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 ft1000;Flarion Flash OFDM wireless service; C:\WINDOWS\system32\DRIVERS\ft1000.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys []
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys []
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2013-06-21 181912]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
S3 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ArcGIS License Manager;ArcGIS License Manager; C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe [2008-11-06 1500424]
R2 FMMService;Mobility Manager Service; C:\PROGRA~1\T-MOBI~1\drivers\A96FED~1\FMMSER~1.EXE [2010-11-13 40960]
R2 FOFDMUpgrade;FOFDM Upgrade; C:\PROGRA~1\T-MOBI~1\FOFDMU~1.EXE [2010-02-09 180224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-12-16 161768]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-06-20 53248]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-27 143426]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-07 867080]
S2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-04 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-04 135664]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu....dakujem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu....dakujem
Zdravim 
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu....dakujem
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Premio on ne 10.11.2013 at 7:55:46.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Premio\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
~~~ FireFox
Successfully deleted: [File] C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\user.js
Successfully deleted: [File] C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\invalidprefs.js
Successfully deleted the following from C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\prefs.js
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=24FBDA53-A20D-49B7-BB31-22DD3C7CA61C&n=77ee894c&p2=^HJ^xdm073^YY^sk
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2012121420");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^sk");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "24FBDA53-A20D-49B7-BB31-22DD3C7CA61C");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1355511759875");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Emptied folder: C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\minidumps [20 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10.11.2013 at 8:02:20.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Premio on ne 10.11.2013 at 7:55:46.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Premio\Data aplikacˇ\opencandy"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
~~~ FireFox
Successfully deleted: [File] C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\user.js
Successfully deleted: [File] C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\invalidprefs.js
Successfully deleted the following from C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\prefs.js
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=24FBDA53-A20D-49B7-BB31-22DD3C7CA61C&n=77ee894c&p2=^HJ^xdm073^YY^sk
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2012121420");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^sk");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "24FBDA53-A20D-49B7-BB31-22DD3C7CA61C");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1355511759875");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Emptied folder: C:\Documents and Settings\Premio\Data aplikacˇ\mozilla\firefox\profiles\5dxc5p3k.default\minidumps [20 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10.11.2013 at 8:02:20.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: prosim o kontrolu....dakujem
# AdwCleaner v3.011 - Report created 10/11/2013 at 08:07:21
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Premio - JHKKPPU
# Running from : C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Deleted : C:\Documents and Settings\Premio\Local Settings\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Premio\Local Settings\Data aplikací\PackageAware
Folder Deleted : C:\Documents and Settings\Premio\Data aplikací\Uniblue\DriverScanner
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\Software\Uniblue\DriverScanner
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
-\\ Mozilla Firefox v25.0 (cs)
[ File : C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1452 octets] - [10/11/2013 08:06:20]
AdwCleaner[S0].txt - [1397 octets] - [10/11/2013 08:07:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1457 octets] ##########
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Premio - JHKKPPU
# Running from : C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
Folder Deleted : C:\Documents and Settings\Premio\Local Settings\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Premio\Local Settings\Data aplikací\PackageAware
Folder Deleted : C:\Documents and Settings\Premio\Data aplikací\Uniblue\DriverScanner
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\Software\Uniblue\DriverScanner
***** [ Browsers ] *****
-\\ Internet Explorer v6.0.2900.5512
-\\ Mozilla Firefox v25.0 (cs)
[ File : C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1452 octets] - [10/11/2013 08:06:20]
AdwCleaner[S0].txt - [1397 octets] - [10/11/2013 08:07:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1457 octets] ##########
Re: prosim o kontrolu....dakujem
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu....dakujem
OTL logfile created on: 10.11.2013 17:30:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Premio\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
1023.29 Mb Total Physical Memory | 417.77 Mb Available Physical Memory | 40.83% Memory free
1.56 Gb Paging File | 1.10 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.61 Gb Total Space | 0.78 Gb Free Space | 4.97% Space Free | Partition Type: FAT32
Drive D: | 38.09 Gb Total Space | 0.27 Gb Free Space | 0.70% Space Free | Partition Type: NTFS
Drive E: | 39.44 Gb Total Space | 5.19 Gb Free Space | 13.16% Space Free | Partition Type: NTFS
Computer Name: JHKKPPU | User Name: Premio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Unknown] -- -- (MSDTC)
SRV - [2013.08.12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Unknown] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.16 07:17:44 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Unknown] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.09.07 10:11:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Unknown] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.13 08:55:54 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) [Auto | Unknown] -- C:\PROGRA~1\T-MOBI~1\drivers\A96FED~1\FMMSER~1.EXE -- (FMMService)
SRV - [2010.02.09 20:31:42 | 000,180,224 | ---- | M] (Paradoxx Software) [Auto | Unknown] -- C:\PROGRA~1\T-MOBI~1\FOFDMU~1.EXE -- (FOFDMUpgrade)
SRV - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) [Auto | Unknown] -- C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe -- (ArcGIS License Manager)
SRV - [2008.04.14 05:22:06 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
SRV - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Unknown] -- C:\WINDOWS\System32\ASWLSVC.exe -- (ASWLSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ft1000.sys -- (ft1000)
DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8)
DRV - [2013.07.18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\FsUsbExDisk.SYS -- (FsUsbExDisk)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ssudobex.sys -- (ssudobex)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ssudmdm.sys -- (ssudmdm)
DRV - [2013.06.21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.10.31 11:22:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.11.13 08:55:54 | 000,042,213 | ---- | M] (Qualcomm Flarion Technologies) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\FlrnUSB.sys -- (FlrnUSB)
DRV - [2010.02.18 12:33:48 | 000,716,272 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 18:01:28 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Unknown] -- C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -- (MDC8021X)
DRV - [2008.04.14 05:22:06 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
DRV - [2008.01.09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\seehcri.sys -- (seehcri)
DRV - [2007.08.28 05:58:00 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ATKACPI.sys -- (MTsensor)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Unknown] -- C:\WINDOWS\System32\DRIVERS\AmdPPM.sys -- (AmdPPM)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\WinUSB.sys -- (WinUSB)
DRV - [2006.10.12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Unknown] -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8)
DRV - [2006.04.12 09:24:40 | 000,132,608 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\System32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.03.06 23:49:36 | 000,011,136 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\nvsmu.sys -- (nvsmu)
DRV - [2006.02.08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006.02.02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006.01.31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005.12.19 11:37:42 | 004,127,232 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005.12.14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005.11.24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\tosporte.sys -- (tosporte)
DRV - [2005.11.11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2005.10.03 10:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\SynMini.sys -- (SynMini)
DRV - [2005.10.03 10:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\SynScan.sys -- (SynScan)
DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005.07.12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk)
DRV - [2005.07.11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005.06.03 13:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750obex.sys -- (k750obex)
DRV - [2005.06.03 13:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - [2005.06.03 13:47:00 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750mdm.sys -- (k750mdm)
DRV - [2005.06.03 13:46:58 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - [2005.06.03 13:46:52 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750bus.sys -- (k750bus)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\tosrfnds.sys -- (tosrfnds)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\ASNDIS5.SYS -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.sme.sk/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Extensions
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions
[2011.04.02 00:44:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.26 20:47:28 | 000,060,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\translator@zoli.bod.xpi
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2011.09.06 18:53:44 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
O1 HOSTS File: ([2004.08.18 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\qt\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t File not found
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t File not found
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPDLR] E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPreload] E:\samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.154.227.17 195.91.0.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72EF073A-31BD-4036-885D-300AC86E446C}: DhcpNameServer = 194.154.227.17 195.91.0.17
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.16 10:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011.02.22 09:43:53 | 000,000,095 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL s.exe
O33 - MountPoints2\{2b8b1de0-2fad-11e0-8638-0018f38f93f5}\Shell\AutoRun\command - "" = G:\Files\PStart\PStart.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\1\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\2\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
System Restore Service not available.
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\iyvu9_32.dll ()
Unable to save MBR. Invalid drive designation: 0
========== Files/Folders - Created Within 7 Days ==========
[2013.11.10 17:26:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 08:06:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.10 07:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.10 07:54:33 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.09 12:02:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Premio\Recent
[2013.11.06 19:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.06 03:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.11.06 03:46:05 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.11.10 08:11:42 | 000,000,174 | ---- | M] () -- C:\ASWL2K.ini
[2013.11.10 08:11:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.10 08:10:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.10 07:54:58 | 001,073,262 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.10 07:54:46 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.06 03:45:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.10 07:54:48 | 001,073,262 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.06 03:45:20 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.10.13 19:55:29 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2013.10.13 19:55:29 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.10.10 18:32:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\System32\drivers\svunlnyl.dat
[2012.01.08 09:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2011.03.03 14:59:11 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2011.01.28 17:38:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\$_hpcst$.hpc
[2010.07.05 20:07:21 | 000,063,904 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\jpslvdes.dll
[2010.02.16 09:10:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\PUTTY.RND
[2007.05.22 08:30:30 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.11.13 09:42:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.09.23 09:39:02 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.07.16 09:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.07.24 07:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.11.13 08:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Paradoxx
[2010.11.13 09:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2011.03.03 14:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Soluto
[2011.04.09 16:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
[2011.12.01 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.07.05 16:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GeoSetter
[2010.07.24 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Teleca
[2010.11.13 08:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx
[2010.11.13 10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Uniblue
[2011.01.29 10:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mobile Atlas Creator
[2011.03.03 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GetRightToGo
[2011.04.09 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\LANGMaster
[2011.07.19 14:18:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Premio\Data aplikací\.#
[2011.08.30 17:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Xi
[2011.09.07 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\ESRI
[2011.12.01 08:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Samsung
[2011.12.03 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Temp
[2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit
[2013.10.19 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Rovio
[2010.06.30 09:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
========== Purity Check ==========
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Premio\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
1023.29 Mb Total Physical Memory | 417.77 Mb Available Physical Memory | 40.83% Memory free
1.56 Gb Paging File | 1.10 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.61 Gb Total Space | 0.78 Gb Free Space | 4.97% Space Free | Partition Type: FAT32
Drive D: | 38.09 Gb Total Space | 0.27 Gb Free Space | 0.70% Space Free | Partition Type: NTFS
Drive E: | 39.44 Gb Total Space | 5.19 Gb Free Space | 13.16% Space Free | Partition Type: NTFS
Computer Name: JHKKPPU | User Name: Premio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Unknown] -- -- (MSDTC)
SRV - [2013.08.12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Unknown] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.16 07:17:44 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Unknown] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.09.07 10:11:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Unknown] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.13 08:55:54 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) [Auto | Unknown] -- C:\PROGRA~1\T-MOBI~1\drivers\A96FED~1\FMMSER~1.EXE -- (FMMService)
SRV - [2010.02.09 20:31:42 | 000,180,224 | ---- | M] (Paradoxx Software) [Auto | Unknown] -- C:\PROGRA~1\T-MOBI~1\FOFDMU~1.EXE -- (FOFDMUpgrade)
SRV - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) [Auto | Unknown] -- C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe -- (ArcGIS License Manager)
SRV - [2008.04.14 05:22:06 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
SRV - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Unknown] -- C:\WINDOWS\System32\ASWLSVC.exe -- (ASWLSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ft1000.sys -- (ft1000)
DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8)
DRV - [2013.07.18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\FsUsbExDisk.SYS -- (FsUsbExDisk)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ssudobex.sys -- (ssudobex)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ssudmdm.sys -- (ssudmdm)
DRV - [2013.06.21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.10.31 11:22:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.11.13 08:55:54 | 000,042,213 | ---- | M] (Qualcomm Flarion Technologies) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\FlrnUSB.sys -- (FlrnUSB)
DRV - [2010.02.18 12:33:48 | 000,716,272 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 18:01:28 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Unknown] -- C:\WINDOWS\System32\DRIVERS\mdc8021x.sys -- (MDC8021X)
DRV - [2008.04.14 05:22:06 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
DRV - [2008.01.09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\seehcri.sys -- (seehcri)
DRV - [2007.08.28 05:58:00 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\ATKACPI.sys -- (MTsensor)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Unknown] -- C:\WINDOWS\System32\DRIVERS\AmdPPM.sys -- (AmdPPM)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\WinUSB.sys -- (WinUSB)
DRV - [2006.10.12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\bcmwl5.sys -- (BCM43XX)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Unknown] -- C:\WINDOWS\System32\DRIVERS\AmdK8.sys -- (AmdK8)
DRV - [2006.04.12 09:24:40 | 000,132,608 | ---- | M] () [Kernel | Auto | Unknown] -- C:\WINDOWS\System32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.03.06 23:49:36 | 000,011,136 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\nvsmu.sys -- (nvsmu)
DRV - [2006.02.08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006.02.02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006.01.31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005.12.19 11:37:42 | 004,127,232 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005.12.14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005.11.24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\tosporte.sys -- (tosporte)
DRV - [2005.11.11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2005.10.03 10:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\SynMini.sys -- (SynMini)
DRV - [2005.10.03 10:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\SynScan.sys -- (SynScan)
DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005.07.12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\rimsptsk.sys -- (rimsptsk)
DRV - [2005.07.11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005.06.03 13:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750obex.sys -- (k750obex)
DRV - [2005.06.03 13:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - [2005.06.03 13:47:00 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750mdm.sys -- (k750mdm)
DRV - [2005.06.03 13:46:58 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - [2005.06.03 13:46:52 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\k750bus.sys -- (k750bus)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\tosrfnds.sys -- (tosrfnds)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\ASNDIS5.SYS -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.sme.sk/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Extensions
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions
[2011.04.02 00:44:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.26 20:47:28 | 000,060,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\translator@zoli.bod.xpi
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2011.09.06 18:53:44 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
O1 HOSTS File: ([2004.08.18 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\qt\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t File not found
O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t File not found
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPDLR] E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPreload] E:\samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.154.227.17 195.91.0.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72EF073A-31BD-4036-885D-300AC86E446C}: DhcpNameServer = 194.154.227.17 195.91.0.17
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.16 10:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011.02.22 09:43:53 | 000,000,095 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL s.exe
O33 - MountPoints2\{2b8b1de0-2fad-11e0-8638-0018f38f93f5}\Shell\AutoRun\command - "" = G:\Files\PStart\PStart.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\1\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\2\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
System Restore Service not available.
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\iyvu9_32.dll ()
Unable to save MBR. Invalid drive designation: 0
========== Files/Folders - Created Within 7 Days ==========
[2013.11.10 17:26:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 08:06:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.10 07:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.10 07:54:33 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.09 12:02:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Premio\Recent
[2013.11.06 19:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.06 03:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.11.06 03:46:05 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.11.10 08:11:42 | 000,000,174 | ---- | M] () -- C:\ASWL2K.ini
[2013.11.10 08:11:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.10 08:10:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.10 07:54:58 | 001,073,262 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.10 07:54:46 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.06 03:45:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.10 07:54:48 | 001,073,262 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.06 03:45:20 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.10.13 19:55:29 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2013.10.13 19:55:29 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.10.10 18:32:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\System32\drivers\svunlnyl.dat
[2012.01.08 09:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2011.03.03 14:59:11 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2011.01.28 17:38:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\$_hpcst$.hpc
[2010.07.05 20:07:21 | 000,063,904 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\jpslvdes.dll
[2010.02.16 09:10:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\PUTTY.RND
[2007.05.22 08:30:30 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.11.13 09:42:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.09.23 09:39:02 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.07.16 09:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.07.24 07:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.11.13 08:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Paradoxx
[2010.11.13 09:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2011.03.03 14:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Soluto
[2011.04.09 16:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
[2011.12.01 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.07.05 16:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GeoSetter
[2010.07.24 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Teleca
[2010.11.13 08:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx
[2010.11.13 10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Uniblue
[2011.01.29 10:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mobile Atlas Creator
[2011.03.03 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GetRightToGo
[2011.04.09 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\LANGMaster
[2011.07.19 14:18:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Premio\Data aplikací\.#
[2011.08.30 17:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Xi
[2011.09.07 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\ESRI
[2011.12.01 08:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Samsung
[2011.12.03 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Temp
[2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit
[2013.10.19 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Rovio
[2010.06.30 09:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
========== Purity Check ==========
Re: prosim o kontrolu....dakujem
========== Custom Scans ==========
< >
[2006.10.16 10:47:26 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.03.04 11:14:09 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.03.04 11:14:09 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.02.20 01:50:30 | 000,000,472 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.03.09 16:23:46 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.10.09 21:21:53 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.10.09 21:22:10 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2006.10.16 10:35:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Premio\Data aplikací\Microsoft
[2006.10.16 11:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Identities
[2007.06.30 22:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Microsoft Web Folders
[2008.01.14 14:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Adobe
[2008.01.14 14:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\HP
[2008.01.14 14:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Hewlett-Packard
[2008.01.14 15:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\AdobeUM
[2009.04.26 23:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mozilla
[2009.04.28 23:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Macromedia
[2009.08.18 14:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Help
[2010.02.16 12:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Skype
[2010.02.16 12:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\skypePM
[2010.02.19 08:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Winamp
[2010.03.04 11:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Google
[2010.03.20 02:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Sun
[2010.06.29 09:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Lavasoft
[2010.07.05 16:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GeoSetter
[2010.07.24 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Teleca
[2010.11.13 08:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx
[2010.11.13 09:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Intel
[2010.11.13 10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Uniblue
[2010.11.18 13:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\InstallShield
[2011.01.29 10:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mobile Atlas Creator
[2011.03.03 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GetRightToGo
[2011.04.09 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\LANGMaster
[2011.07.19 14:18:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Premio\Data aplikací\.#
[2011.07.29 18:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\DivX
[2011.08.30 17:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Xi
[2011.09.07 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\ESRI
[2011.12.01 08:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Samsung
[2011.12.03 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Temp
[2011.12.04 16:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Apple Computer
[2013.02.16 08:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Intelli-studio
[2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit
[2013.09.01 02:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Malwarebytes
[2013.10.19 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Rovio
< %APPDATA%\*.exe /s >
[2011.07.29 17:48:42 | 034,107,265 | ---- | M] (Slovak Telekom a.s. ) -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx\PhoneReport\Updates\update_3.69.03.99.exe
[2011.11.02 17:51:52 | 000,928,656 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2011.11.02 17:51:56 | 000,278,928 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2011.11.02 17:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2011.10.31 12:23:28 | 000,214,544 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsUsbExAdmin.exe
[2011.10.31 12:23:28 | 000,217,088 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsUsbExService.exe
[2011.10.31 12:23:28 | 000,283,648 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2011.10.31 12:23:28 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ErrorReport.exe
[2011.10.31 12:23:28 | 000,020,480 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsExService64.exe
[2011.10.31 12:23:28 | 000,341,960 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsAdmin64.exe
[2011.11.02 17:51:58 | 000,067,472 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2011.10.31 12:23:28 | 000,690,688 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2011.10.31 12:23:28 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2011.10.31 12:23:12 | 000,101,288 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.10.31 12:23:12 | 000,106,408 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.11.02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.11.02 17:52:08 | 003,571,576 | ---- | M] (Freeware) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2011.10.31 12:22:52 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2011.10.31 12:22:54 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2011.11.02 17:52:10 | 000,391,568 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2011.10.31 12:22:30 | 024,114,392 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2013.09.04 12:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2013.09.04 12:16:40 | 000,559,984 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2013.09.04 12:16:42 | 000,277,872 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2013.09.04 12:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2013.07.18 07:36:04 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2013.07.18 07:34:30 | 000,233,176 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsUsbExAdmin.exe
[2013.09.04 12:16:50 | 000,065,904 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2013.07.18 07:34:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsUsbExService.exe
[2013.09.04 12:02:18 | 000,351,232 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2013.07.18 07:34:32 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ErrorReport.exe
[2013.07.18 07:34:32 | 000,021,504 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsExService64.exe
[2013.07.18 07:34:30 | 000,431,832 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsAdmin64.exe
[2013.09.04 12:16:44 | 000,067,952 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2013.09.04 12:01:12 | 000,692,736 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2013.09.04 11:59:26 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2013.08.22 11:58:38 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\Uncompress.exe
[2013.08.22 11:58:40 | 000,077,704 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2013.08.22 11:58:36 | 000,088,464 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2013.08.22 11:58:36 | 000,061,328 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2013.09.04 12:16:46 | 000,844,656 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2013.09.04 12:16:48 | 003,835,088 | ---- | M] (Freeware) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2013.07.18 07:33:58 | 000,266,240 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2013.07.18 07:33:58 | 000,102,400 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2013.07.18 07:32:38 | 000,401,056 | ---- | M] (Marktek Inc.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MPXBox.exe
[2013.07.18 07:32:38 | 000,032,768 | ---- | M] (MarkAny Co, Ltd) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MaCSMgr.exe
[2013.07.18 07:32:38 | 000,065,536 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MAWebControl.exe
[2013.07.18 07:32:38 | 000,061,440 | ---- | M] ((주)마크애니) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MaAgent.exe
[2013.07.18 07:32:36 | 000,020,480 | ---- | M] ( ) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\UpdateClient\MAUpdate.exe
[2013.07.18 07:32:36 | 000,057,344 | ---- | M] ((주)마크애니) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\UpdateClient\MAUpdateBoot.exe
[2013.07.18 07:32:36 | 000,126,976 | ---- | M] ((주)마크애니) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\UpdateClient\MaUpdateClient.exe
[2013.07.18 07:31:54 | 025,591,752 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\StoryAlbumViewer\StoryAlbumViewer_setup.exe
[2013.09.04 12:16:48 | 000,623,984 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2013.07.04 07:25:52 | 015,365,072 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.11.02 17:52:10 | 000,391,568 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2013.09.04 12:16:48 | 000,623,984 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.18 12:33:48 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.10.16 10:34:22 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2006.10.16 10:34:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.10.16 10:34:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.11.10 08:11:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2013.11.10 08:10:56 | 000,000,182 | ---- | M] () -- C:\WINDOWS\system32\PcCard0.log
[2013.11.10 08:10:56 | 000,000,037 | ---- | M] () -- C:\WINDOWS\system32\fmmservice.log
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"KiesPDLR" = E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2013.09.04 11:16:46 | 000,844,656 | ---- | M] (Samsung)
"KiesPreload" = E:\samsung\Kies\Kies.exe /preload -- [2013.09.04 11:16:40 | 001,564,528 | ---- | M] (Samsung)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.11.06 19:34:22 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=EF01D104449CC654FDCF423C92BD8846 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.04.14 05:22:26 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=414AFE6E8CCDE984E16D5ED08624CEC6 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
< >
< *crack* /s >
[2009.07.14 13:45:46 | 000,080,554 | ---- | M] () -- \Python26\ArcGIS10.0\Lib\site-packages\numpy\f2py\crackfortran.pyo
[2009.04.05 10:09:20 | 000,114,862 | ---- | M] () -- \Python26\ArcGIS10.0\Lib\site-packages\numpy\f2py\crackfortran.py
[2009.07.14 13:45:44 | 000,080,711 | ---- | M] () -- \Python26\ArcGIS10.0\Lib\site-packages\numpy\f2py\crackfortran.pyc
< *keygen* /s >
< *loader* /s >
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.03.03 14:17:40 | 000,000,841 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Caesar_III.data0
[2011.03.03 14:17:48 | 000,001,225 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Caesar_III.data
[2011.11.01 18:28:08 | 000,069,120 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2013.09.04 12:12:54 | 000,069,120 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2010.05.19 14:41:24 | 000,062,976 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\RasterSdeLoader.dll
[2010.05.19 13:32:00 | 000,169,984 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\NetworkLoader.dll
[2010.05.19 14:58:32 | 000,104,960 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\ObjectLoader.dll
[2010.05.19 14:58:32 | 000,430,080 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\ObjectLoaderUI.dll
[2010.05.19 13:14:34 | 000,122,880 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\BasicRasterSdeLoader.dll
[2010.05.19 13:14:26 | 000,095,232 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\RasterLoader.dll
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Documentation\install_guides\ArcGIS_Desktop\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Documentation\install_guides\ArcGIS_Desktop\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Documentation\install_guides\ArcGIS_Desktop\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\de\lmrefguide\includes\images\circleLoader-large.gif
[2010.05.11 13:23:20 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\de\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.05.11 13:23:20 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\de\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\es\lmrefguide\includes\images\circleLoader-large.gif
[2010.05.11 13:23:20 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\es\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\es\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.05.11 13:23:20 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\fr\lmrefguide\includes\images\circleLoader-large.gif
[2010.05.11 13:23:20 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\fr\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\fr\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\ja\lmrefguide\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\ja\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\ja\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\lmrefguide\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\zh-CN\lmrefguide\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\zh-CN\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\zh-CN\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.13 09:34:22 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\ArcGIS\ThirdParty\bin\MBViewsLoader.exe
[2010.04.13 09:34:22 | 000,001,852 | ---- | M] () -- \Program Files\Common Files\ArcGIS\ThirdParty\bin\MBViewsLoader.tlb
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2009.12.29 20:02:28 | 000,004,176 | ---- | M] () -- \Program Files\Google\Google SketchUp 7\Resources\en-US\searching\ajax-loader.gif
[2009.12.29 20:02:28 | 000,000,500 | ---- | M] () -- \Program Files\Google\Google SketchUp 7\Tools\DynamicComponents\ruby\dcloader.rb
[2009.12.29 20:02:28 | 000,028,946 | ---- | M] () -- \Program Files\Google\Google SketchUp 7\Tools\WebTextures\webtextures_loader.rb
[2006.01.30 15:01:18 | 000,495,616 | ---- | M] () -- \Program Files\Sony Ericsson\Mobile2\Sync Station\NotesPimAdaptorLoader.dll
[2008.04.13 20:31:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[5 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2013.02.18 06:28:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2012.02.21 14:46:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
< End of report >
< >
[2006.10.16 10:47:26 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.03.04 11:14:09 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.03.04 11:14:09 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.02.20 01:50:30 | 000,000,472 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.03.09 16:23:46 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.10.09 21:21:53 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.10.09 21:22:10 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.04.27 00:19:12 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2006.10.16 10:35:36 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Premio\Data aplikací\Microsoft
[2006.10.16 11:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Identities
[2007.06.30 22:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Microsoft Web Folders
[2008.01.14 14:43:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Adobe
[2008.01.14 14:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\HP
[2008.01.14 14:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Hewlett-Packard
[2008.01.14 15:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\AdobeUM
[2009.04.26 23:25:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mozilla
[2009.04.28 23:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Macromedia
[2009.08.18 14:10:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Help
[2010.02.16 12:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Skype
[2010.02.16 12:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\skypePM
[2010.02.19 08:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Winamp
[2010.03.04 11:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Google
[2010.03.20 02:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Sun
[2010.06.29 09:55:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Lavasoft
[2010.07.05 16:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GeoSetter
[2010.07.24 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Teleca
[2010.11.13 08:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx
[2010.11.13 09:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Intel
[2010.11.13 10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Uniblue
[2010.11.18 13:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\InstallShield
[2011.01.29 10:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mobile Atlas Creator
[2011.03.03 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GetRightToGo
[2011.04.09 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\LANGMaster
[2011.07.19 14:18:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Premio\Data aplikací\.#
[2011.07.29 18:07:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\DivX
[2011.08.30 17:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Xi
[2011.09.07 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\ESRI
[2011.12.01 08:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Samsung
[2011.12.03 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Temp
[2011.12.04 16:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Apple Computer
[2013.02.16 08:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Intelli-studio
[2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit
[2013.09.01 02:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Malwarebytes
[2013.10.19 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Rovio
< %APPDATA%\*.exe /s >
[2011.07.29 17:48:42 | 034,107,265 | ---- | M] (Slovak Telekom a.s. ) -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx\PhoneReport\Updates\update_3.69.03.99.exe
[2011.11.02 17:51:52 | 000,928,656 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2011.11.02 17:51:56 | 000,278,928 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2011.11.02 17:51:54 | 003,508,624 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2011.10.31 12:23:28 | 000,214,544 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsUsbExAdmin.exe
[2011.10.31 12:23:28 | 000,217,088 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsUsbExService.exe
[2011.10.31 12:23:28 | 000,283,648 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2011.10.31 12:23:28 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ErrorReport.exe
[2011.10.31 12:23:28 | 000,020,480 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsExService64.exe
[2011.10.31 12:23:28 | 000,341,960 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\FsAdmin64.exe
[2011.11.02 17:51:58 | 000,067,472 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2011.10.31 12:23:28 | 000,690,688 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2011.10.31 12:23:28 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2011.10.31 12:23:12 | 000,101,288 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.10.31 12:23:12 | 000,106,408 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.11.02 17:52:06 | 000,021,392 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.11.02 17:52:08 | 003,571,576 | ---- | M] (Freeware) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2011.10.31 12:22:52 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2011.10.31 12:22:54 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2011.11.02 17:52:10 | 000,391,568 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2011.10.31 12:22:30 | 024,114,392 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2013.09.04 12:16:40 | 001,564,528 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2013.09.04 12:16:40 | 000,559,984 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2013.09.04 12:16:42 | 000,277,872 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2013.09.04 12:16:42 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2013.07.18 07:36:04 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\KiesAirMessage.exe
[2013.07.18 07:34:30 | 000,233,176 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsUsbExAdmin.exe
[2013.09.04 12:16:50 | 000,065,904 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2013.07.18 07:34:30 | 000,233,472 | ---- | M] (Teruten) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsUsbExService.exe
[2013.09.04 12:02:18 | 000,351,232 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2013.07.18 07:34:32 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ErrorReport.exe
[2013.07.18 07:34:32 | 000,021,504 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsExService64.exe
[2013.07.18 07:34:30 | 000,431,832 | ---- | M] (Teruten Inc) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\FsAdmin64.exe
[2013.09.04 12:16:44 | 000,067,952 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2013.09.04 12:01:12 | 000,692,736 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2013.09.04 11:59:26 | 000,173,568 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2013.08.22 11:58:38 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\Uncompress.exe
[2013.08.22 11:58:40 | 000,077,704 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2013.08.22 11:58:36 | 000,088,464 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2013.08.22 11:58:36 | 000,061,328 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AdminDelegator.exe
[2013.09.04 12:16:46 | 000,844,656 | ---- | M] (Samsung) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2013.09.04 12:16:48 | 003,835,088 | ---- | M] (Freeware) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2013.07.18 07:33:58 | 000,266,240 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2013.07.18 07:33:58 | 000,102,400 | ---- | M] (ENJsoft corp.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2013.07.18 07:32:38 | 000,401,056 | ---- | M] (Marktek Inc.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MPXBox.exe
[2013.07.18 07:32:38 | 000,032,768 | ---- | M] (MarkAny Co, Ltd) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MaCSMgr.exe
[2013.07.18 07:32:38 | 000,065,536 | ---- | M] () -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MAWebControl.exe
[2013.07.18 07:32:38 | 000,061,440 | ---- | M] ((주)마크애니) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\MaAgent.exe
[2013.07.18 07:32:36 | 000,020,480 | ---- | M] ( ) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\UpdateClient\MAUpdate.exe
[2013.07.18 07:32:36 | 000,057,344 | ---- | M] ((주)마크애니) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\UpdateClient\MAUpdateBoot.exe
[2013.07.18 07:32:36 | 000,126,976 | ---- | M] ((주)마크애니) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Program Files\MarkAny\ContentSafer\UpdateClient\MaUpdateClient.exe
[2013.07.18 07:31:54 | 025,591,752 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\StoryAlbumViewer\StoryAlbumViewer_setup.exe
[2013.09.04 12:16:48 | 000,623,984 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2013.07.04 07:25:52 | 015,365,072 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.11.02 17:52:10 | 000,391,568 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2013.09.04 12:16:48 | 000,623,984 | ---- | M] (ml) -- C:\Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.18 12:33:48 | 000,716,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.10.16 10:34:22 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2006.10.16 10:34:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006.10.16 10:34:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
< %systemroot%\system32\*.dll /lockedfiles >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.11.10 08:11:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2013.11.10 08:10:56 | 000,000,182 | ---- | M] () -- C:\WINDOWS\system32\PcCard0.log
[2013.11.10 08:10:56 | 000,000,037 | ---- | M] () -- C:\WINDOWS\system32\fmmservice.log
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 05:22:36 | 001,695,232 | ---- | M] (Microsoft Corporation)
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 13:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"KiesPDLR" = E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2013.09.04 11:16:46 | 000,844,656 | ---- | M] (Samsung)
"KiesPreload" = E:\samsung\Kies\Kies.exe /preload -- [2013.09.04 11:16:40 | 001,564,528 | ---- | M] (Samsung)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.11.06 19:34:22 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=EF01D104449CC654FDCF423C92BD8846 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2008.04.14 05:22:26 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=414AFE6E8CCDE984E16D5ED08624CEC6 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
< >
< *crack* /s >
[2009.07.14 13:45:46 | 000,080,554 | ---- | M] () -- \Python26\ArcGIS10.0\Lib\site-packages\numpy\f2py\crackfortran.pyo
[2009.04.05 10:09:20 | 000,114,862 | ---- | M] () -- \Python26\ArcGIS10.0\Lib\site-packages\numpy\f2py\crackfortran.py
[2009.07.14 13:45:44 | 000,080,711 | ---- | M] () -- \Python26\ArcGIS10.0\Lib\site-packages\numpy\f2py\crackfortran.pyc
< *keygen* /s >
< *loader* /s >
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.03.03 14:17:40 | 000,000,841 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Caesar_III.data0
[2011.03.03 14:17:48 | 000,001,225 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\GetRightToGo\Brothersoftdownloader_for_Caesar_III.data
[2011.11.01 18:28:08 | 000,069,120 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2013.09.04 12:12:54 | 000,069,120 | ---- | M] () -- \Documents and Settings\Premio\Data aplikací\Samsung\Kies\UpdateTemp\Sub\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2010.05.19 14:41:24 | 000,062,976 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\RasterSdeLoader.dll
[2010.05.19 13:32:00 | 000,169,984 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\NetworkLoader.dll
[2010.05.19 14:58:32 | 000,104,960 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\ObjectLoader.dll
[2010.05.19 14:58:32 | 000,430,080 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\ObjectLoaderUI.dll
[2010.05.19 13:14:34 | 000,122,880 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\BasicRasterSdeLoader.dll
[2010.05.19 13:14:26 | 000,095,232 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Bin\RasterLoader.dll
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Documentation\install_guides\ArcGIS_Desktop\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Documentation\install_guides\ArcGIS_Desktop\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\Desktop10.0\Documentation\install_guides\ArcGIS_Desktop\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\de\lmrefguide\includes\images\circleLoader-large.gif
[2010.05.11 13:23:20 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\de\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.05.11 13:23:20 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\de\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\es\lmrefguide\includes\images\circleLoader-large.gif
[2010.05.11 13:23:20 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\es\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\es\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.05.11 13:23:20 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\fr\lmrefguide\includes\images\circleLoader-large.gif
[2010.05.11 13:23:20 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\fr\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.05.11 13:23:20 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\fr\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\ja\lmrefguide\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\ja\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\ja\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\lmrefguide\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.21 09:16:46 | 000,008,238 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\zh-CN\lmrefguide\includes\images\circleLoader-large.gif
[2010.04.21 09:16:46 | 000,010,819 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\zh-CN\lmrefguide\includes\js\lazyTree\v1.0\images\bar-loader.gif
[2010.04.21 09:16:46 | 000,001,849 | ---- | M] () -- \Program Files\ArcGIS\License10.0\Documentation\zh-CN\lmrefguide\includes\js\lazyTree\v1.0\images\circle-loader.gif
[2010.04.13 09:34:22 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\ArcGIS\ThirdParty\bin\MBViewsLoader.exe
[2010.04.13 09:34:22 | 000,001,852 | ---- | M] () -- \Program Files\Common Files\ArcGIS\ThirdParty\bin\MBViewsLoader.tlb
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2009.12.29 20:02:28 | 000,004,176 | ---- | M] () -- \Program Files\Google\Google SketchUp 7\Resources\en-US\searching\ajax-loader.gif
[2009.12.29 20:02:28 | 000,000,500 | ---- | M] () -- \Program Files\Google\Google SketchUp 7\Tools\DynamicComponents\ruby\dcloader.rb
[2009.12.29 20:02:28 | 000,028,946 | ---- | M] () -- \Program Files\Google\Google SketchUp 7\Tools\WebTextures\webtextures_loader.rb
[2006.01.30 15:01:18 | 000,495,616 | ---- | M] () -- \Program Files\Sony Ericsson\Mobile2\Sync Station\NotesPimAdaptorLoader.dll
[2008.04.13 20:31:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[5 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2013.02.18 06:28:58 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2012.02.21 14:46:30 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
< End of report >
Re: prosim o kontrolu....dakujem
OTL Extras logfile created on: 10.11.2013 17:30:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Premio\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
1023.29 Mb Total Physical Memory | 417.77 Mb Available Physical Memory | 40.83% Memory free
1.56 Gb Paging File | 1.10 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.61 Gb Total Space | 0.78 Gb Free Space | 4.97% Space Free | Partition Type: FAT32
Drive D: | 38.09 Gb Total Space | 0.27 Gb Free Space | 0.70% Space Free | Partition Type: NTFS
Drive E: | 39.44 Gb Total Space | 5.19 Gb Free Space | 13.16% Space Free | Partition Type: NTFS
Computer Name: JHKKPPU | User Name: Premio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-507921405-57989841-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\System32\muzapp.exe" = C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{1DD1D1E9-FC96-4B17-BE0A-A5481F8B0D67}" = ArcGIS License Manager 10
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D24F198-A2CB-46B5-BB16-41B69C644B6C}" = Microsoft Security Client
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SK-SK Language Pack
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64665955-E1A1-4A8B-BFFA-673A95318909}" = ArcGIS Desktop 10
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9180B851-7FC1-42E4-948C-D55B39F3CE41}_is1" = T-Mobile Communication Center 3.60.03.99
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A87869D7-B133-498C-A347-D9BE109FF6C8}" = USB2.0 1.3M Web Cam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-C470-7760-CE0000000001}" = Adobe Acrobat 6.0 CE Professional
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5842AC3-59C7-4DDD-BB33-54FE544DB3DA}" = Součásti komunikace operačního systému
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"ArcGIS Desktop 10" = ArcGIS Desktop 10
"ArcGIS License Manager 10" = ArcGIS License Manager 10
"CCleaner" = CCleaner (remove only)
"firebird" = The Firebird
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"GPS_LOG Win32_is1" = GPS_LOG Win32
"HASP Emulator PreProfessiaonal Edition V2.7 for Windows NT/W2K/XP" = HASP Emulator PreProfessiaonal Edition V2.7 for Windows NT/W2K/XP
"HControl" = ATK0100 ACPI UTILITY
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"Kokeš_0" = Kokeš 6.70 "E:\wkokes_6_70\"
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 25.0 (x86 cs)" = Mozilla Firefox 25.0 (x86 cs)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"PK-PCSU_is1" = Zrychleni Pocitace
"PROPLUS" = Microsoft Office Professional Plus 2007
"SnowWhite" = Snow White
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Premio\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
1023.29 Mb Total Physical Memory | 417.77 Mb Available Physical Memory | 40.83% Memory free
1.56 Gb Paging File | 1.10 Gb Available in Paging File | 70.77% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.61 Gb Total Space | 0.78 Gb Free Space | 4.97% Space Free | Partition Type: FAT32
Drive D: | 38.09 Gb Total Space | 0.27 Gb Free Space | 0.70% Space Free | Partition Type: NTFS
Drive E: | 39.44 Gb Total Space | 5.19 Gb Free Space | 13.16% Space Free | Partition Type: NTFS
Computer Name: JHKKPPU | User Name: Premio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-507921405-57989841-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\System32\muzapp.exe" = C:\WINDOWS\System32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{044146E4-A924-458A-9948-4B9C7C7D9321}" = LightScribe 1.4.31.1
"{0FB871A9-C617-4415-BB5D-619A8D946115}" = Microsoft Antimalware Service SK-SK Language Pack
"{1DD1D1E9-FC96-4B17-BE0A-A5481F8B0D67}" = ArcGIS License Manager 10
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D24F198-A2CB-46B5-BB16-41B69C644B6C}" = Microsoft Security Client
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client SK-SK Language Pack
"{597E70FF-7C46-4EED-8092-91B7C2E0529D}" = Google SketchUp 7
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64665955-E1A1-4A8B-BFFA-673A95318909}" = ArcGIS Desktop 10
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9180B851-7FC1-42E4-948C-D55B39F3CE41}_is1" = T-Mobile Communication Center 3.60.03.99
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A87869D7-B133-498C-A347-D9BE109FF6C8}" = USB2.0 1.3M Web Cam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-C470-7760-CE0000000001}" = Adobe Acrobat 6.0 CE Professional
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D5842AC3-59C7-4DDD-BB33-54FE544DB3DA}" = Součásti komunikace operačního systému
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Age of Empires Gold 1.0" = Microsoft Age of Empires Gold
"ArcGIS Desktop 10" = ArcGIS Desktop 10
"ArcGIS License Manager 10" = ArcGIS License Manager 10
"CCleaner" = CCleaner (remove only)
"firebird" = The Firebird
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"GPS_LOG Win32_is1" = GPS_LOG Win32
"HASP Emulator PreProfessiaonal Edition V2.7 for Windows NT/W2K/XP" = HASP Emulator PreProfessiaonal Edition V2.7 for Windows NT/W2K/XP
"HControl" = ATK0100 ACPI UTILITY
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"Kokeš_0" = Kokeš 6.70 "E:\wkokes_6_70\"
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 25.0 (x86 cs)" = Mozilla Firefox 25.0 (x86 cs)
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"PK-PCSU_is1" = Zrychleni Pocitace
"PROPLUS" = Microsoft Office Professional Plus 2007
"SnowWhite" = Snow White
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
Re: prosim o kontrolu....dakujem
Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)
- Stahne a ulozte na plochu UsbFix http://www.viry.cz/forum/viewtopic.php?f=24&t=102308
- Spustte a kliknete na Deletion
- Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - File not found [On_Demand | Unknown] -- -- (MSDTC) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\smserial.sys -- (smserial) DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\s24trans.sys -- (s24trans) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP) DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump) DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt) DRV - File not found [Kernel | System | Unknown] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ft1000.sys -- (ft1000) DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8) IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC FF - user.js - File not found File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun [2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit [2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ] [2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job [2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job :reg HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- "QuickTime Task"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"=- "KiesPDLR"=- "KiesPreload"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu....dakujem
no s tymi usb bude problem....momentalne tu okrem tel. nic nemam. az zajtra prinesiem vsetky co pouzivam z prace....
ale idem teda skusit tu druhu cast. no i tak to neviem spustit ako administrator (neviem heslo) ale iba ako permio, aj ked mam nan prava administratora. tak snad nebude problem....
vdaka zatial....
ale idem teda skusit tu druhu cast. no i tak to neviem spustit ako administrator (neviem heslo) ale iba ako permio, aj ked mam nan prava administratora. tak snad nebude problem....
vdaka zatial....
Re: prosim o kontrolu....dakujem
Vas ucet ma admin. prava, takze to spustte pod nim USB flashky mate nakazene, bude potreba je projet"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosim o kontrolu....dakujem
OTL logfile created on: 10.11.2013 19:22:15 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Premio\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
1023.29 Mb Total Physical Memory | 545.75 Mb Available Physical Memory | 53.33% Memory free
1.56 Gb Paging File | 1.22 Gb Available in Paging File | 78.20% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.61 Gb Total Space | 0.77 Gb Free Space | 4.96% Space Free | Partition Type: FAT32
Drive D: | 38.09 Gb Total Space | 0.27 Gb Free Space | 0.70% Space Free | Partition Type: NTFS
Drive E: | 39.44 Gb Total Space | 5.19 Gb Free Space | 13.16% Space Free | Partition Type: NTFS
Computer Name: JHKKPPU | User Name: Premio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
PRC - [2013.09.04 11:16:40 | 001,564,528 | ---- | M] (Samsung) -- E:\samsung\Kies\Kies.exe
PRC - [2013.08.12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.08.12 10:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.12.16 07:17:44 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011.09.07 10:11:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010.11.13 08:55:54 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) -- C:\Program Files\T-Mobile Communication Centre\drivers\a96fed82ddfdbed769459e76fd9c0a27\FMMService.exe
PRC - [2010.04.23 16:20:36 | 001,670,144 | ---- | M] (ESRI) -- C:\Program Files\ArcGIS\License10.0\bin\ARCGIS.exe
PRC - [2010.02.09 20:31:42 | 000,180,224 | ---- | M] (Paradoxx Software) -- C:\Program Files\T-Mobile Communication Centre\FOFDMUpgrade.exe
PRC - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.04.17 11:24:30 | 000,110,592 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006.04.01 10:37:00 | 002,170,880 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2006.02.24 11:58:14 | 000,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005.10.26 16:17:24 | 000,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005.08.10 07:54:34 | 000,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005.06.08 16:45:04 | 000,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
========== Modules (No Company Name) ==========
MOD - [2013.10.09 21:41:28 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013.10.09 21:39:00 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013.10.09 21:36:22 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25798162f0e3229e9754b28f5b6d9dd\WindowsBase.ni.dll
MOD - [2013.10.09 21:35:10 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.09.04 11:11:32 | 014,915,584 | ---- | M] () -- E:\samsung\Kies\Theme\Kies.Theme.dll
MOD - [2013.09.04 11:09:36 | 000,575,488 | ---- | M] () -- E:\samsung\Kies\Common\Kies.UI.dll
MOD - [2013.09.02 23:10:56 | 000,036,864 | ---- | M] () -- E:\samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
MOD - [2013.09.02 23:10:06 | 000,023,040 | ---- | M] () -- E:\samsung\Kies\MVVM\Kies.MVVM.dll
MOD - [2013.08.14 21:23:36 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.14 21:18:06 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013.08.14 21:17:20 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.14 21:14:44 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.07.18 06:34:48 | 000,057,856 | ---- | M] () -- E:\samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
MOD - [2013.07.13 02:45:38 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013.07.13 02:26:38 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2013.07.13 02:26:36 | 004,214,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010.11.13 20:36:12 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2006.04.17 11:24:30 | 000,110,592 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
MOD - [2006.04.13 09:17:00 | 000,163,840 | R--- | M] () -- C:\WINDOWS\ATK0100\ASUSNet.dll
MOD - [2006.04.01 10:37:00 | 002,170,880 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2006.02.24 11:57:52 | 000,065,536 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll
MOD - [2005.10.07 09:22:50 | 000,081,920 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll
MOD - [2005.05.11 13:23:42 | 000,073,728 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll
MOD - [2004.05.28 04:13:10 | 000,057,344 | R--- | M] () -- C:\WINDOWS\ATK0100\CMSSC.dll
MOD - [2003.07.19 13:13:22 | 000,131,072 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat Elements\ContextMenu.CZE
MOD - [2003.02.25 20:19:56 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
MOD - [2001.10.28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
========== Services (SafeList) ==========
SRV - [2013.08.12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.16 07:17:44 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.09.07 10:11:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.13 08:55:54 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) [Auto | Running] -- C:\Program Files\T-Mobile Communication Centre\drivers\a96fed82ddfdbed769459e76fd9c0a27\FMMService.exe -- (FMMService)
SRV - [2010.02.09 20:31:42 | 000,180,224 | ---- | M] (Paradoxx Software) [Auto | Running] -- C:\Program Files\T-Mobile Communication Centre\FOFDMUpgrade.exe -- (FOFDMUpgrade)
SRV - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe -- (ArcGIS License Manager)
SRV - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ft1000.sys -- (ft1000)
DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8)
DRV - [2013.07.18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.06.21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.10.31 11:22:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.11.13 08:55:54 | 000,042,213 | ---- | M] (Qualcomm Flarion Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlrnUSB.sys -- (FlrnUSB)
DRV - [2010.02.18 12:33:48 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 18:01:28 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2008.01.09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.08.28 05:58:00 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.10.12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.12 09:24:40 | 000,132,608 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.03.06 23:49:36 | 000,011,136 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.02.08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006.02.02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006.01.31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005.12.19 11:37:42 | 004,127,232 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005.12.14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005.11.24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.11.11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd)
DRV - [2005.10.03 10:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2005.10.03 10:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005.07.12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.07.11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005.06.03 13:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.06.03 13:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.06.03 13:47:00 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.06.03 13:46:58 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.06.03 13:46:52 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.sme.sk/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Extensions
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions
[2011.04.02 00:44:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.26 20:47:28 | 000,060,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\translator@zoli.bod.xpi
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2011.09.06 18:53:44 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
O1 HOSTS File: ([2004.08.18 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\qt\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPDLR] E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPreload] E:\samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.16 10:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011.02.22 09:43:53 | 000,000,095 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL s.exe
O33 - MountPoints2\{2b8b1de0-2fad-11e0-8638-0018f38f93f5}\Shell\AutoRun\command - "" = G:\Files\PStart\PStart.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\1\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\2\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 7 Days ==========
[2013.11.10 17:26:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 08:06:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.10 07:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.10 07:54:33 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.09 12:02:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Premio\Recent
[2013.11.06 19:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.06 03:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.11.06 03:46:05 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.11.10 19:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.10 18:56:58 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.11.10 08:11:42 | 000,000,174 | ---- | M] () -- C:\ASWL2K.ini
[2013.11.10 08:11:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.10 08:10:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.10 07:54:58 | 001,073,262 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.10 07:54:46 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.06 03:45:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.10 07:54:48 | 001,073,262 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.06 03:45:20 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.10.13 19:55:29 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2013.10.13 19:55:29 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.10.10 18:32:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\System32\drivers\svunlnyl.dat
[2012.01.08 09:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2011.03.03 14:59:11 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2011.01.28 17:38:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\$_hpcst$.hpc
[2010.07.05 20:07:21 | 000,063,904 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\jpslvdes.dll
[2010.02.16 09:10:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\PUTTY.RND
[2007.05.22 08:30:30 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.11.13 09:42:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.09.23 09:39:02 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.07.16 09:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.07.24 07:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.11.13 08:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Paradoxx
[2010.11.13 09:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2011.03.03 14:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Soluto
[2011.04.09 16:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
[2011.12.01 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.07.05 16:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GeoSetter
[2010.07.24 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Teleca
[2010.11.13 08:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx
[2010.11.13 10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Uniblue
[2011.01.29 10:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mobile Atlas Creator
[2011.03.03 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GetRightToGo
[2011.04.09 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\LANGMaster
[2011.07.19 14:18:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Premio\Data aplikací\.#
[2011.08.30 17:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Xi
[2011.09.07 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\ESRI
[2011.12.01 08:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Samsung
[2011.12.03 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Temp
[2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit
[2013.10.19 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Rovio
[2010.06.30 09:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
========== Purity Check ==========
========== Custom Scans ==========
< :otl >
[2006.10.16 10:47:26 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.03.04 11:14:09 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.03.04 11:14:09 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.02.20 01:50:30 | 000,000,472 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.03.09 16:23:46 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.10.09 21:21:53 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.10.09 21:22:10 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
< SRV - File not found [On_Demand | Unknown] -- -- (MSDTC) >
< >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\smserial.sys -- (smserial) >
< DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\s24trans.sys -- (s24trans) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP) >
< DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump) >
< DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc) >
< DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt) >
< DRV - File not found [Kernel | System | Unknown] -- -- (Changer) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ft1000.sys -- (ft1000) >
< DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8) >
< >
< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC >
< >
< FF - user.js - File not found >
< File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI >
< >
< O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun >
< O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun >
< O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun >
< >
< [2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit >
< [2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit >
< >
< [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >
< [29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >
< [6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] >
< [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] >
< [1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ] >
< >
< [2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job >
< [2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job >
< [2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job >
< [2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job >
< [2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job >
< >
< :reg >
< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] >
< "Adobe ARM"=- >
< "QuickTime Task"=- >
< [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] >
< "MSMSGS"=- >
< "KiesPDLR"=- >
< "KiesPreload"=- >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] >
< >
< >
< :files >
< %windir%\system32\*.tmp.dll /s >
< %windir%\system32\SET*.tmp /s >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %windir%\*.tmp >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< >
< :commands >
< [RESETHOSTS] >
< [EMPTYTEMP] >
< [EMPTYFLASH] >
< [EMPTYJAVA] >
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Premio\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy
1023.29 Mb Total Physical Memory | 545.75 Mb Available Physical Memory | 53.33% Memory free
1.56 Gb Paging File | 1.22 Gb Available in Paging File | 78.20% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15.61 Gb Total Space | 0.77 Gb Free Space | 4.96% Space Free | Partition Type: FAT32
Drive D: | 38.09 Gb Total Space | 0.27 Gb Free Space | 0.70% Space Free | Partition Type: NTFS
Drive E: | 39.44 Gb Total Space | 5.19 Gb Free Space | 13.16% Space Free | Partition Type: NTFS
Computer Name: JHKKPPU | User Name: Premio | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
PRC - [2013.09.04 11:16:40 | 001,564,528 | ---- | M] (Samsung) -- E:\samsung\Kies\Kies.exe
PRC - [2013.08.12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.08.12 10:11:20 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012.12.16 07:17:44 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011.09.07 10:11:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2010.11.13 08:55:54 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) -- C:\Program Files\T-Mobile Communication Centre\drivers\a96fed82ddfdbed769459e76fd9c0a27\FMMService.exe
PRC - [2010.04.23 16:20:36 | 001,670,144 | ---- | M] (ESRI) -- C:\Program Files\ArcGIS\License10.0\bin\ARCGIS.exe
PRC - [2010.02.09 20:31:42 | 000,180,224 | ---- | M] (Paradoxx Software) -- C:\Program Files\T-Mobile Communication Centre\FOFDMUpgrade.exe
PRC - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.04.17 11:24:30 | 000,110,592 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2006.04.01 10:37:00 | 002,170,880 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2006.02.24 11:58:14 | 000,868,352 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2005.10.26 16:17:24 | 000,159,744 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2005.08.10 07:54:34 | 000,385,024 | R--- | M] (Teleca Software Solutions) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2005.06.08 16:45:04 | 000,278,528 | ---- | M] (Teleca Software Solutions AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
========== Modules (No Company Name) ==========
MOD - [2013.10.09 21:41:28 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013.10.09 21:39:00 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013.10.09 21:36:22 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25798162f0e3229e9754b28f5b6d9dd\WindowsBase.ni.dll
MOD - [2013.10.09 21:35:10 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.09.04 11:11:32 | 014,915,584 | ---- | M] () -- E:\samsung\Kies\Theme\Kies.Theme.dll
MOD - [2013.09.04 11:09:36 | 000,575,488 | ---- | M] () -- E:\samsung\Kies\Common\Kies.UI.dll
MOD - [2013.09.02 23:10:56 | 000,036,864 | ---- | M] () -- E:\samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
MOD - [2013.09.02 23:10:06 | 000,023,040 | ---- | M] () -- E:\samsung\Kies\MVVM\Kies.MVVM.dll
MOD - [2013.08.14 21:23:36 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.14 21:18:06 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013.08.14 21:17:20 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.14 21:14:44 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.07.18 06:34:48 | 000,057,856 | ---- | M] () -- E:\samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
MOD - [2013.07.13 02:45:38 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013.07.13 02:26:38 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2013.07.13 02:26:36 | 004,214,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2010.11.13 20:36:12 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2006.04.17 11:24:30 | 000,110,592 | R--- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
MOD - [2006.04.13 09:17:00 | 000,163,840 | R--- | M] () -- C:\WINDOWS\ATK0100\ASUSNet.dll
MOD - [2006.04.01 10:37:00 | 002,170,880 | R--- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2006.02.24 11:57:52 | 000,065,536 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\anubisps.dll
MOD - [2005.10.07 09:22:50 | 000,081,920 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll
MOD - [2005.05.11 13:23:42 | 000,073,728 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_32.dll
MOD - [2004.05.28 04:13:10 | 000,057,344 | R--- | M] () -- C:\WINDOWS\ATK0100\CMSSC.dll
MOD - [2003.07.19 13:13:22 | 000,131,072 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat Elements\ContextMenu.CZE
MOD - [2003.02.25 20:19:56 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
MOD - [2001.10.28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll
========== Services (SafeList) ==========
SRV - [2013.08.12 10:12:38 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.16 07:17:44 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.09.07 10:11:00 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.13 08:55:54 | 000,040,960 | ---- | M] (Flarion Technologies, Inc.) [Auto | Running] -- C:\Program Files\T-Mobile Communication Centre\drivers\a96fed82ddfdbed769459e76fd9c0a27\FMMService.exe -- (FMMService)
SRV - [2010.02.09 20:31:42 | 000,180,224 | ---- | M] (Paradoxx Software) [Auto | Running] -- C:\Program Files\T-Mobile Communication Centre\FOFDMUpgrade.exe -- (FOFDMUpgrade)
SRV - [2008.11.06 00:59:50 | 001,500,424 | ---- | M] (Acresso Software Inc.) [Auto | Running] -- C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe -- (ArcGIS License Manager)
SRV - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\smserial.sys -- (smserial)
DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\s24trans.sys -- (s24trans)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ft1000.sys -- (ft1000)
DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8)
DRV - [2013.07.18 07:34:28 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2013.06.21 02:07:52 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2013.06.21 02:07:52 | 000,084,248 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011.10.31 11:22:36 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010.11.13 08:55:54 | 000,042,213 | ---- | M] (Qualcomm Flarion Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlrnUSB.sys -- (FlrnUSB)
DRV - [2010.02.18 12:33:48 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.17 18:01:28 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2008.01.09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2007.08.28 05:58:00 | 000,005,760 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.10.12 16:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.12 09:24:40 | 000,132,608 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2006.03.06 23:49:36 | 000,011,136 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.02.08 17:33:34 | 000,062,848 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2006.02.02 23:16:08 | 000,108,928 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006.01.31 18:35:28 | 000,039,808 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2005.12.19 11:37:42 | 004,127,232 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005.12.14 17:07:24 | 000,037,632 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005.11.24 13:37:36 | 000,047,104 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.11.11 15:09:52 | 000,052,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd)
DRV - [2005.10.03 10:26:36 | 000,720,470 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynMini.sys -- (SynMini)
DRV - [2005.10.03 10:26:14 | 000,008,278 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynScan.sys -- (SynScan)
DRV - [2005.08.01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005.07.14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005.07.12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.07.11 18:58:56 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005.06.03 13:47:06 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2005.06.03 13:47:04 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.06.03 13:47:00 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2005.06.03 13:46:58 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2005.06.03 13:46:52 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus)
DRV - [2005.01.06 13:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-507921405-57989841-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.sme.sk/"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.06 19:33:04 | 000,000,000 | ---D | M]
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Extensions
[2009.04.26 23:25:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions
[2011.04.02 00:44:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.26 20:47:28 | 000,060,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Premio\Data aplikací\Mozilla\Firefox\Profiles\5dxc5p3k.default\extensions\translator@zoli.bod.xpi
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.06 19:33:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2011.09.06 18:53:44 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
O1 HOSTS File: ([2004.08.18 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\S-1-5-21-507921405-57989841-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\qt\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe (Sony Ericsson Mobile Communications AB)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPDLR] E:\samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-507921405-57989841-839522115-1003..\Run: [KiesPreload] E:\samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-57989841-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Premio\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.16 10:49:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2011.02.22 09:43:53 | 000,000,095 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL s.exe
O33 - MountPoints2\{2b8b1de0-2fad-11e0-8638-0018f38f93f5}\Shell\AutoRun\command - "" = G:\Files\PStart\PStart.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{51d9cade-c230-11dc-8330-0018f3af30eb}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun
O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell\AutoRun\command - "" = G:\iStudio.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\1\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\2\Command - "" = G:\Recycle.exe
O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycle.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 7 Days ==========
[2013.11.10 17:26:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 08:06:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.10 07:55:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.10 07:54:33 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.09 12:02:25 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Premio\Recent
[2013.11.06 19:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.06 03:46:07 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.11.06 03:46:05 | 000,000,000 | ---D | C] -- C:\rsit
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.11.10 19:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.10 18:56:58 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2013.11.10 17:26:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Premio\Plocha\OTL.exe
[2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.11.10 08:11:42 | 000,000,174 | ---- | M] () -- C:\ASWL2K.ini
[2013.11.10 08:11:26 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.10 08:10:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.10 07:54:58 | 001,073,262 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.10 07:54:46 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Premio\Plocha\JRT.exe
[2013.11.06 03:45:26 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Premio\Dokumenty\*.tmp files -> C:\Documents and Settings\Premio\Dokumenty\*.tmp -> ]
[1 C:\Documents and Settings\Premio\*.tmp files -> C:\Documents and Settings\Premio\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.11.10 07:54:48 | 001,073,262 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\adwcleaner.exe
[2013.11.06 03:45:20 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Premio\Plocha\RSIT.exe
[2013.10.13 19:55:29 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2013.10.13 19:55:29 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.10.10 18:32:27 | 000,000,914 | ---- | C] () -- C:\WINDOWS\System32\drivers\svunlnyl.dat
[2012.01.08 09:18:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2011.03.03 14:59:11 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2011.01.28 17:38:55 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\$_hpcst$.hpc
[2010.07.05 20:07:21 | 000,063,904 | ---- | C] () -- C:\Documents and Settings\Premio\Data aplikací\jpslvdes.dll
[2010.02.16 09:10:27 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\PUTTY.RND
[2007.05.22 08:30:30 | 000,036,864 | ---- | C] () -- C:\Documents and Settings\Premio\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2010.11.13 09:42:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.09.23 09:39:02 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.07.16 09:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2010.07.24 07:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Teleca
[2010.11.13 08:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Paradoxx
[2010.11.13 09:46:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
[2011.03.03 14:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Soluto
[2011.04.09 16:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LANGMaster
[2011.12.01 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2010.07.05 16:36:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GeoSetter
[2010.07.24 07:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Teleca
[2010.11.13 08:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Paradoxx
[2010.11.13 10:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Uniblue
[2011.01.29 10:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Mobile Atlas Creator
[2011.03.03 14:17:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\GetRightToGo
[2011.04.09 16:45:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\LANGMaster
[2011.07.19 14:18:16 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Premio\Data aplikací\.#
[2011.08.30 17:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Xi
[2011.09.07 10:16:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\ESRI
[2011.12.01 08:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Samsung
[2011.12.03 19:30:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Temp
[2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit
[2013.10.19 14:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\Rovio
[2010.06.30 09:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
========== Purity Check ==========
========== Custom Scans ==========
< :otl >
[2006.10.16 10:47:26 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.03.04 11:14:09 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.03.04 11:14:09 | 000,000,924 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2011.02.20 01:50:30 | 000,000,472 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.03.09 16:23:46 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.10.09 21:21:53 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\MpIdleTask.job
[2013.10.09 21:22:10 | 000,000,400 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
< SRV - File not found [On_Demand | Unknown] -- -- (MSDTC) >
< >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\smserial.sys -- (smserial) >
< DRV - File not found [Kernel | Disabled | Unknown] -- system32\DRIVERS\s24trans.sys -- (s24trans) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTLE8023xp) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\Rtenicxp.sys -- (RTL8023xp) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP) >
< DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump) >
< DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc) >
< DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt) >
< DRV - File not found [Kernel | System | Unknown] -- -- (Changer) >
< DRV - File not found [Kernel | On_Demand | Unknown] -- system32\DRIVERS\ft1000.sys -- (ft1000) >
< DRV - [2013.11.10 08:13:32 | 000,040,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Unknown] -- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6D63EA1A-CC47-4D1E-A2FC-3F24EB069B9C}\MpKsl3f2fcbd8.sys -- (MpKsl3f2fcbd8) >
< >
< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC >
< >
< FF - user.js - File not found >
< File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PREMIO\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5DXC5P3K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI >
< >
< O33 - MountPoints2\{0611528a-1bbf-11df-83f5-0018f38f93f5}\Shell - "" = AutoRun >
< O33 - MountPoints2\{7dad6bcb-7808-11e2-8722-0018f38f93f5}\Shell - "" = AutoRun >
< O33 - MountPoints2\{dac301de-50c4-11de-837f-0018f3af30eb}\Shell - "" = AutoRun >
< >
< [2013.04.23 22:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit >
< [2013.04.23 22:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Premio\Data aplikací\IObit >
< >
< [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >
< [29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >
< [6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] >
< [5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] >
< [1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ] >
< >
< [2013.11.10 15:47:32 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\Tasks\MpIdleTask.job >
< [2013.11.06 01:50:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job >
< [2013.11.10 08:22:12 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job >
< [2013.11.10 08:11:02 | 000,000,920 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job >
< [2013.11.10 17:13:02 | 000,000,924 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job >
< >
< :reg >
< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] >
< "Adobe ARM"=- >
< "QuickTime Task"=- >
< [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] >
< "MSMSGS"=- >
< "KiesPDLR"=- >
< "KiesPreload"=- >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] >
< [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] >
< >
< >
< :files >
< %windir%\system32\*.tmp.dll /s >
< %windir%\system32\SET*.tmp /s >
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %windir%\*.tmp >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< >
< :commands >
< [RESETHOSTS] >
< [EMPTYTEMP] >
< [EMPTYFLASH] >
< [EMPTYJAVA] >
< End of report >
Re: prosim o kontrolu....dakujem
pc sa nerestartoval....
a co sa tyka tych usb. napada ma jedine zariadenie ktore ma system win mobile a pripajam ho cez active sync manager. nebude tam problem so spustenim toho cistica????
a co sa tyka tych usb. napada ma jedine zariadenie ktore ma system win mobile a pripajam ho cez active sync manager. nebude tam problem so spustenim toho cistica????
Re: prosim o kontrolu....dakujem
tak uz som todal aj opravit a aj sa restartoval....
a zmizol z plochy aj OTL
a zmizol z plochy aj OTL
Naposledy upravil(a) peter55 dne 10 lis 2013 19:46, celkem upraveno 1 x.
Re: prosim o kontrolu....dakujem
Tak mi sem dejte log z te opravy
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?
