Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivka
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
Logfile of random's system information tool 1.09 (written by random/random)
Run by Acer PC at 2014-02-15 21:44:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 119 GB (84%) free of 142 GB
Total RAM: 1014 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:19, on 15.2.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Acer PC\Plocha\RSIT.exe
C:\Program Files\trend micro\Acer PC.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3210383687
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
--
End of file - 7303 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-17 330160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-17 59824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-03-17 80304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2013-02-15 412480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1103424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [2006-01-25 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-08-02 24064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files\Google\Drive\googledrivesync.exe [2013-12-06 20203904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-12-30 875016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\WINDOWS\PLFSetL.exe [2008-07-03 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2009-04-15 135168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-02-24 17529856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
C:\WINDOWS\system32\csnp2uvc.dll [2009-02-16 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-03-27 6365920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2009-06-25 565248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-05-08 607584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^SMCWUSB-G 802.11g Wireless USB Utility.lnk]
C:\PROGRA~1\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-01-18 442368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-14 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe"="C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe:*:Enabled:Acronis Sync Agent Service"
"C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe:*:Enabled:Samsung AllShare Service"
"C:\Program Files\Samsung\AllShare\AllShare.exe"="C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:Samsung AllShare Player"
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe"="C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:Samsung AllShare Agent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-02-15 11:38:02 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\Malwarebytes
2014-02-14 21:33:48 ----D---- C:\AdwCleaner
2014-02-14 07:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-02-13 13:44:42 ----A---- C:\WINDOWS\imsins.BAK
2014-01-30 15:11:09 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\DivX
2014-01-30 15:09:08 ----D---- C:\Program Files\Common Files\DivX Shared
2014-01-30 14:50:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2014-01-28 14:57:40 ----D---- C:\Program Files\SMC
2014-01-28 14:57:22 ----D---- C:\WINDOWS\Downloaded Installations
2014-01-28 14:56:56 ----A---- C:\WINDOWS\system32\drivers\SMCWGU.sys
2014-01-28 14:47:21 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
2014-01-25 03:07:32 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
2014-01-25 03:06:09 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
2014-01-25 02:07:27 ----D---- C:\Program Files\Arasan
2014-01-16 18:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
======List of files/folders modified in the last 1 month======
2014-02-15 21:44:18 ----D---- C:\Program Files\trend micro
2014-02-15 21:42:51 ----D---- C:\WINDOWS\system32
2014-02-15 21:41:40 ----D---- C:\WINDOWS\system32\drivers
2014-02-15 21:34:49 ----D---- C:\WINDOWS\Temp
2014-02-15 21:26:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-02-15 21:04:28 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-15 21:03:55 ----D---- C:\WINDOWS\Prefetch
2014-02-15 20:57:31 ----RD---- C:\Program Files
2014-02-15 17:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2014-02-15 16:01:46 ----RSD---- C:\WINDOWS\assembly
2014-02-15 16:01:46 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-14 14:18:32 ----RASH---- C:\boot.ini
2014-02-14 14:18:31 ----A---- C:\WINDOWS\win.ini
2014-02-14 14:18:31 ----A---- C:\WINDOWS\system.ini
2014-02-14 08:15:37 ----D---- C:\WINDOWS
2014-02-14 07:01:31 ----HD---- C:\WINDOWS\inf
2014-02-14 07:01:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-13 14:33:24 ----SHD---- C:\WINDOWS\Installer
2014-02-13 14:25:08 ----D---- C:\WINDOWS\WinSxS
2014-02-13 14:24:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 14:07:56 ----D---- C:\WINDOWS\system32\MRT
2014-02-13 13:59:11 ----D---- C:\WINDOWS\Debug
2014-02-13 13:58:49 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-13 13:45:47 ----D---- C:\Program Files\Internet Explorer
2014-02-13 13:45:21 ----D---- C:\WINDOWS\ie8updates
2014-02-09 16:31:06 ----D---- C:\Program Files\Acer GameZone
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\corpol.dll
2014-02-05 23:24:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-04 20:27:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-01 08:26:08 ----D---- C:\WINDOWS\system32\FxsTmp
2014-01-30 16:05:34 ----D---- C:\Program Files\Šachy Grand Master Chess
2014-01-30 16:01:54 ----D---- C:\Program Files\eSobi
2014-01-30 16:01:41 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\eSobi
2014-01-30 15:13:44 ----RSD---- C:\WINDOWS\Fonts
2014-01-30 15:09:08 ----D---- C:\Program Files\Common Files
2014-01-30 11:20:20 ----D---- C:\AllShare
2014-01-29 13:16:11 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-01-29 03:45:44 ----D---- C:\WINDOWS\Network Diagnostic
2014-01-29 02:39:58 ----D---- C:\WINDOWS\system32\drivers\etc
2014-01-28 14:57:18 ----D---- C:\Program Files\Common Files\InstallShield
2014-01-25 03:10:37 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2014-01-25 03:07:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-25 02:17:56 ----SHD---- C:\Documents and Settings\Acer PC\Data aplikací\.#
2014-01-19 08:32:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2013-05-24 81184]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2008-04-15 312344]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2013-05-24 158496]
R0 tib;Acronis TIB Manager; C:\WINDOWS\system32\DRIVERS\tib.sys [2013-05-24 736192]
R0 tib_mounter;Acronis TIB Mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [2013-05-24 130488]
R0 vididr;Acronis Virtual Disk; C:\WINDOWS\system32\DRIVERS\vididr.sys [2013-05-24 116000]
R0 vidsflt;Acronis Disk Storage Filter; C:\WINDOWS\system32\DRIVERS\vidsflt.sys [2013-05-24 85280]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-08-26 120136]
R1 MpKslf36d81a0;MpKslf36d81a0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7DA1CB48-EA0F-48CA-8EC9-E5614A69D603}\MpKslf36d81a0.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2013-05-26 234752]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-02-20 1952512]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-04-15 991136]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-24 5032448]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-05-06 1759744]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-02-18 534312]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-10-30 47272]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2009-02-03 162816]
S3 Rts516xIR;Realtek IR Driver; C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\WINDOWS\system32\DRIVERS\SMCWGU.sys [2005-12-16 408064]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2013-05-26 888640]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\Rts5161ccid.sys []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2008-04-14 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2013-02-15 830376]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-05-26 3783672]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-05-08 349528]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-03-17 154032]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-03-20 7084672]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-03 135664]
S2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04 257928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-08-02 24064]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-03 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-03 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Acer PC at 2014-02-15 21:44:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 119 GB (84%) free of 142 GB
Total RAM: 1014 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:19, on 15.2.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Acer PC\Plocha\RSIT.exe
C:\Program Files\trend micro\Acer PC.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3210383687
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
--
End of file - 7303 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-17 330160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-17 59824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-03-17 80304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2013-02-15 412480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1103424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files\Samsung\AllShare\AllShareAgent.exe [2012-03-01 285072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [2006-01-25 53248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-08-02 24064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files\Google\Drive\googledrivesync.exe [2013-12-06 20203904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-15 178712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-12-30 875016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\WINDOWS\PLFSetL.exe [2008-07-03 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductReg]
C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2009-04-15 135168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-02-24 17529856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
C:\WINDOWS\system32\csnp2uvc.dll [2009-02-16 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-03-27 6365920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer VCM.lnk]
C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2009-06-25 565248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-05-08 607584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^SMCWUSB-G 802.11g Wireless USB Utility.lnk]
C:\PROGRA~1\SMC\SMCWUSB-G 802.11g Wireless USB 2.0 Adapter\SMCWGUTI.exe [2006-01-18 442368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-14 208896]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe"="C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe:*:Enabled:Acronis Sync Agent Service"
"C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe:*:Enabled:Samsung AllShare Service"
"C:\Program Files\Samsung\AllShare\AllShare.exe"="C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:Samsung AllShare Player"
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe"="C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:Samsung AllShare Agent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======List of files/folders created in the last 1 month======
2014-02-15 11:38:02 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\Malwarebytes
2014-02-14 21:33:48 ----D---- C:\AdwCleaner
2014-02-14 07:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-02-13 13:44:42 ----A---- C:\WINDOWS\imsins.BAK
2014-01-30 15:11:09 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\DivX
2014-01-30 15:09:08 ----D---- C:\Program Files\Common Files\DivX Shared
2014-01-30 14:50:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2014-01-28 14:57:40 ----D---- C:\Program Files\SMC
2014-01-28 14:57:22 ----D---- C:\WINDOWS\Downloaded Installations
2014-01-28 14:56:56 ----A---- C:\WINDOWS\system32\drivers\SMCWGU.sys
2014-01-28 14:47:21 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
2014-01-25 03:07:32 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
2014-01-25 03:06:09 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
2014-01-25 02:07:27 ----D---- C:\Program Files\Arasan
2014-01-16 18:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
======List of files/folders modified in the last 1 month======
2014-02-15 21:44:18 ----D---- C:\Program Files\trend micro
2014-02-15 21:42:51 ----D---- C:\WINDOWS\system32
2014-02-15 21:41:40 ----D---- C:\WINDOWS\system32\drivers
2014-02-15 21:34:49 ----D---- C:\WINDOWS\Temp
2014-02-15 21:26:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-02-15 21:04:28 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-15 21:03:55 ----D---- C:\WINDOWS\Prefetch
2014-02-15 20:57:31 ----RD---- C:\Program Files
2014-02-15 17:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2014-02-15 16:01:46 ----RSD---- C:\WINDOWS\assembly
2014-02-15 16:01:46 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-14 14:18:32 ----RASH---- C:\boot.ini
2014-02-14 14:18:31 ----A---- C:\WINDOWS\win.ini
2014-02-14 14:18:31 ----A---- C:\WINDOWS\system.ini
2014-02-14 08:15:37 ----D---- C:\WINDOWS
2014-02-14 07:01:31 ----HD---- C:\WINDOWS\inf
2014-02-14 07:01:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-13 14:33:24 ----SHD---- C:\WINDOWS\Installer
2014-02-13 14:25:08 ----D---- C:\WINDOWS\WinSxS
2014-02-13 14:24:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 14:07:56 ----D---- C:\WINDOWS\system32\MRT
2014-02-13 13:59:11 ----D---- C:\WINDOWS\Debug
2014-02-13 13:58:49 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-13 13:45:47 ----D---- C:\Program Files\Internet Explorer
2014-02-13 13:45:21 ----D---- C:\WINDOWS\ie8updates
2014-02-09 16:31:06 ----D---- C:\Program Files\Acer GameZone
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\corpol.dll
2014-02-05 23:24:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-04 20:27:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-01 08:26:08 ----D---- C:\WINDOWS\system32\FxsTmp
2014-01-30 16:05:34 ----D---- C:\Program Files\Šachy Grand Master Chess
2014-01-30 16:01:54 ----D---- C:\Program Files\eSobi
2014-01-30 16:01:41 ----D---- C:\Documents and Settings\Acer PC\Data aplikací\eSobi
2014-01-30 15:13:44 ----RSD---- C:\WINDOWS\Fonts
2014-01-30 15:09:08 ----D---- C:\Program Files\Common Files
2014-01-30 11:20:20 ----D---- C:\AllShare
2014-01-29 13:16:11 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2014-01-29 03:45:44 ----D---- C:\WINDOWS\Network Diagnostic
2014-01-29 02:39:58 ----D---- C:\WINDOWS\system32\drivers\etc
2014-01-28 14:57:18 ----D---- C:\Program Files\Common Files\InstallShield
2014-01-25 03:10:37 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2014-01-25 03:07:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-25 02:17:56 ----SHD---- C:\Documents and Settings\Acer PC\Data aplikací\.#
2014-01-19 08:32:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2013-05-24 81184]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2008-04-15 312344]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2013-05-24 158496]
R0 tib;Acronis TIB Manager; C:\WINDOWS\system32\DRIVERS\tib.sys [2013-05-24 736192]
R0 tib_mounter;Acronis TIB Mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [2013-05-24 130488]
R0 vididr;Acronis Virtual Disk; C:\WINDOWS\system32\DRIVERS\vididr.sys [2013-05-24 116000]
R0 vidsflt;Acronis Disk Storage Filter; C:\WINDOWS\system32\DRIVERS\vidsflt.sys [2013-05-24 85280]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-08-26 120136]
R1 MpKslf36d81a0;MpKslf36d81a0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7DA1CB48-EA0F-48CA-8EC9-E5614A69D603}\MpKslf36d81a0.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2013-05-26 234752]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-02-20 1952512]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-04-15 991136]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-02-24 5032448]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-05-06 1759744]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-02-18 534312]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-02-04 37032]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-10-30 47272]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2009-02-03 162816]
S3 Rts516xIR;Realtek IR Driver; C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\WINDOWS\system32\DRIVERS\SMCWGU.sys [2005-12-16 408064]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\WINDOWS\system32\DRIVERS\tdrpman.sys [2013-05-26 888640]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\Rts5161ccid.sys []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2008-04-14 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2013-02-15 830376]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2013-05-26 3783672]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-05-08 349528]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-15 354840]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-03-17 154032]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-03-20 7084672]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-03 135664]
S2 SamsungAllShareV2.0;Samsung AllShare PC; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-04 257928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-08-02 24064]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-03 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-03 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 756392]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: preventivka
Jeste jeden sken a budem mazat.
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
OTL logfile created on: 16.2.2014 3:52:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer PC\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,87 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 48,53% Memory free
2,39 Gb Paging File | 1,96 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 116,56 Gb Free Space | 83,83% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: Acer PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.16 03:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Acer PC\Plocha\OTL.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.05.26 16:06:10 | 003,783,672 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013.03.20 18:28:20 | 007,084,672 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013.02.15 11:59:48 | 000,830,376 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.15 15:59:15 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\e519ca59f575456843364dcccf306bda\System.ServiceProcess.ni.dll
MOD - [2014.02.15 15:50:27 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\ecc7743098d7e89031a74a40e0276943\System.Management.ni.dll
MOD - [2014.02.15 15:21:40 | 000,762,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ec2ecb9f65b3e40b70ba221dd9a7f1b\System.Runtime.Remoting.ni.dll
MOD - [2014.02.15 15:21:03 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\529e65b2426131133868e5e26ba858ac\System.Xml.Linq.ni.dll
MOD - [2014.02.13 14:28:01 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\0812551ba18760af570ed10f03af09fd\System.Core.ni.dll
MOD - [2014.02.13 14:27:51 | 005,628,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\926dccd5f3cd72c4d6cc4009648d06d0\System.Xml.ni.dll
MOD - [2014.02.13 14:27:32 | 001,014,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\66d85425fcbd18e6fecd7339add5b3a0\System.Configuration.ni.dll
MOD - [2014.02.13 14:27:28 | 009,100,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6456ab920c84162f31dede6e2591275d\System.ni.dll
MOD - [2014.02.13 14:27:04 | 014,418,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\0f9ba380621c38344628d30fb72d2327\mscorlib.ni.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.03.27 21:36:30 | 000,021,312 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
MOD - [2013.03.27 21:09:00 | 000,420,160 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll
MOD - [2012.02.22 15:46:24 | 001,135,616 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
MOD - [2012.02.22 15:46:24 | 000,656,896 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
MOD - [2012.02.22 15:46:24 | 000,290,304 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
MOD - [2012.02.22 15:46:24 | 000,289,792 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libThumbnail.dll
MOD - [2012.02.22 15:46:24 | 000,133,120 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
MOD - [2012.02.22 15:46:24 | 000,105,472 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\DCMCDP.dll
MOD - [2012.02.22 15:46:24 | 000,098,816 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\FolderCDP.dll
MOD - [2012.02.22 15:46:24 | 000,077,312 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
MOD - [2012.02.22 15:46:24 | 000,063,488 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ID3Driver.dll
MOD - [2012.02.22 15:46:24 | 000,054,784 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
MOD - [2012.02.22 15:46:24 | 000,031,232 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\Autobackup.dll
MOD - [2012.02.22 15:46:24 | 000,029,184 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
MOD - [2012.02.22 15:46:24 | 000,027,648 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
MOD - [2012.02.22 15:46:24 | 000,024,064 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
MOD - [2012.02.22 15:46:24 | 000,024,064 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\photoDriver.dll
MOD - [2012.02.22 15:46:24 | 000,023,040 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
MOD - [2012.02.22 15:46:24 | 000,017,920 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
MOD - [2012.02.22 15:46:24 | 000,017,920 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
MOD - [2012.02.22 15:46:24 | 000,013,824 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\TextExtractor.dll
MOD - [2012.02.22 15:46:24 | 000,012,288 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\VideoThumb.dll
MOD - [2012.02.22 15:46:24 | 000,012,288 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
MOD - [2012.01.05 21:40:20 | 005,717,504 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
MOD - [2012.01.05 21:40:20 | 004,671,488 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avcodec-52.dll
MOD - [2012.01.05 21:40:20 | 000,686,080 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avformat-52.dll
MOD - [2012.01.05 21:40:20 | 000,520,234 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\sqlite3.dll
MOD - [2012.01.05 21:40:20 | 000,450,560 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
MOD - [2012.01.05 21:40:20 | 000,399,826 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
MOD - [2012.01.05 21:40:20 | 000,366,592 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\tag.dll
MOD - [2012.01.05 21:40:20 | 000,152,064 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\swscale-0.dll
MOD - [2012.01.05 21:40:20 | 000,147,456 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libexpat.dll
MOD - [2012.01.05 21:40:20 | 000,070,656 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avutil-50.dll
MOD - [2012.01.05 21:40:20 | 000,044,032 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\us.dll
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.04 20:27:25 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.05.26 16:06:10 | 003,783,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013.03.20 18:28:20 | 007,084,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013.02.15 11:59:48 | 000,830,376 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts5161ccid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.05.26 16:06:22 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2013.05.26 16:05:42 | 000,888,640 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2013.05.24 05:09:26 | 000,130,488 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tib_mounter.sys -- (tib_mounter)
DRV - [2013.05.24 05:08:59 | 000,736,192 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tib.sys -- (tib)
DRV - [2013.05.24 05:08:49 | 000,116,000 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vididr.sys -- (vididr)
DRV - [2013.05.24 05:08:47 | 000,085,280 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vidsflt.sys -- (vidsflt)
DRV - [2013.05.24 05:08:42 | 000,158,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2013.05.24 05:07:20 | 000,081,184 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2009.05.06 17:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.04.15 11:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009.03.02 06:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009.02.24 09:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.02.20 09:53:18 | 001,952,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009.02.18 10:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009.02.03 07:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2008.10.30 22:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.08.26 12:51:36 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008.08.05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.07.24 10:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.02.04 10:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.02.04 10:57:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006.11.02 14:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006.01.04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.16 11:41:56 | 000,408,064 | ---- | M] (SMC Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SMCWGU.sys -- (SMCWGU(SMC)
DRV - [2004.10.25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... AW_csCZ527
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}: "URL" = http://search.conduit.com/ResultsExt.as ... 15165&UM=2
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_43: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013.06.08 05:23:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Acer PC\Data aplikací\Mozilla\Firefox\Profiles\extensions
[2013.04.17 14:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Documents and Settings\Acer PC\Data aplikací\Mozilla\Firefox\Profiles\extensions\hdvc@hdvc.com.xpi
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U43 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Java Deployment Toolkit 6.0.430.1 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_1\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Full Screen Weather = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: Pass Strength Meter = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gahnebecgllcaakcojhgndipnamdlghe\2.0_0\
CHR - Extension: IP adresa = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.1_0\
CHR - Extension: Webcam Toy = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
CHR - Extension: Freecell = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lhppflinkhhgcllcdnocdiceepgpemah\1.0.1_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Picasa = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014.02.15 21:34:45 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" File not found
O4 - HKU\S-1-5-18..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 3210383687 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B670B2F-E965-4898-86D9-A027C7EE36EC}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer03.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer03.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.08.02 19:37:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.16 03:50:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Acer PC\Plocha\OTL.exe
[2014.02.15 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Plocha\RK_Quarantine
[2014.02.15 11:38:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\Malwarebytes
[2014.02.14 21:33:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.09 16:32:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Acer PC\Recent
[2014.01.30 15:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\DivX
[2014.01.30 15:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2014.01.30 14:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\NativeMessaging
[2014.01.30 14:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\CRE
[2014.01.30 14:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DivX
[2014.01.30 11:27:39 | 009,596,634 | ---- | C] (Spidla) -- C:\Documents and Settings\Acer PC\Dokumenty\GMChess3.exe
[2014.01.28 14:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\SMCWUSB-G 802.11g Wireless USB Utility
[2014.01.28 14:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\SMC
[2014.01.28 14:57:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2014.01.28 14:56:56 | 000,408,064 | ---- | C] (SMC Corporation) -- C:\WINDOWS\System32\drivers\SMCWGU.sys
[2014.01.28 14:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Plocha\SMCWUSB-G-802.11g-Wireless-USB-Utility
[2014.01.28 14:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
[2014.01.25 03:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
[2014.01.25 03:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
[2014.01.25 02:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Nabídka Start\Programy\Chess 2012
[2014.01.25 02:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Chess 2012
[2014.01.25 02:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Arasan
[2014.01.25 01:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Deployment
========== Files - Modified Within 30 Days ==========
[2014.02.16 03:56:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.16 03:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Acer PC\Plocha\OTL.exe
[2014.02.16 03:48:53 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.16 03:48:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.02.16 03:48:41 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.15 22:05:53 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.15 21:34:45 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.02.15 21:26:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.02.15 21:00:45 | 003,813,376 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\RogueKiller.exe
[2014.02.14 21:33:40 | 001,166,132 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\adwcleaner.exe
[2014.02.14 14:21:08 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\RSIT.exe
[2014.02.14 14:18:32 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.02.13 14:24:56 | 000,474,220 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.02.13 14:24:56 | 000,469,358 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.02.13 14:24:56 | 000,088,590 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.02.13 14:24:56 | 000,076,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.02.13 13:46:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.02.11 07:29:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.02.07 03:22:17 | 000,000,430 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2014.02.06 04:38:36 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014.02.06 00:08:34 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014.02.06 00:08:34 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014.02.06 00:08:34 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014.02.06 00:08:34 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014.02.06 00:08:34 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014.02.06 00:08:33 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014.02.06 00:08:33 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014.02.06 00:08:33 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014.02.06 00:08:33 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014.02.05 23:24:05 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2014.02.04 20:27:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.02.04 20:27:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.01.30 15:48:35 | 000,284,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.30 15:16:19 | 001,011,378 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\Bedroom_TV.divx
[2014.01.28 14:57:42 | 000,001,028 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SMCWUSB-G 802.11g Wireless USB Utility.lnk
[2014.01.28 14:55:41 | 023,867,985 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\SMCWUSB-G-802.11g-Wireless-USB-Utility.zip
[2014.01.25 02:25:00 | 000,001,077 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\Chess 2012.lnk
[2014.01.19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2014.02.16 03:56:06 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.15 21:00:43 | 003,813,376 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\RogueKiller.exe
[2014.02.14 21:33:09 | 001,166,132 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\adwcleaner.exe
[2014.02.14 14:20:49 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\RSIT.exe
[2014.02.13 13:44:42 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014.01.30 15:16:16 | 001,011,378 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\Bedroom_TV.divx
[2014.01.28 14:57:42 | 000,001,028 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SMCWUSB-G 802.11g Wireless USB Utility.lnk
[2014.01.28 14:54:13 | 023,867,985 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\SMCWUSB-G-802.11g-Wireless-USB-Utility.zip
[2014.01.25 02:25:00 | 000,001,077 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\Chess 2012.lnk
[2013.08.26 20:16:21 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2013.08.26 20:16:21 | 000,002,411 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2013.07.29 17:32:06 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2013.07.06 13:47:40 | 003,492,741 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-2106517767-953129233-1774555873-1005-0.dat
[2013.07.06 13:47:39 | 000,283,686 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.06.30 11:24:23 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.24 03:57:25 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.nast
[2013.05.24 03:54:39 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.err
[2013.05.10 03:21:35 | 000,000,024 | -HS- | C] () -- C:\Documents and Settings\Acer PC\Data aplikací\Win4665 Config DB.dlx
[2013.05.10 03:21:35 | 000,000,024 | -HS- | C] () -- C:\Documents and Settings\Acer PC\Data aplikací\System3192SettingsDB.dat
[2013.03.14 18:14:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Acer PC\Data aplikací\wklnhst.dat
[2013.03.14 04:43:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
========== ZeroAccess Check ==========
[2009.08.02 19:42:21 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.01.25 02:17:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Acer PC\Data aplikací\.#
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer GameZone Console
[2013.05.24 07:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acronis
[2014.01.25 03:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
[2013.05.26 16:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\D2FFA9E3-CFC7-4C55-BD36-FDC4ABF920A8
[2014.01.28 14:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
[2014.01.30 16:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\eSobi
[2013.06.23 16:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\OpenOffice.org
[2013.07.06 13:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Samsung
[2014.01.15 02:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\spidla
[2014.01.25 03:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Super-Cow
[2013.05.13 05:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\TeamViewer
[2013.03.14 18:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Template
[2013.03.14 08:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\URSoft
[2013.05.10 03:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Zonora Technologies
[2014.01.15 02:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Špidla Data Processing, s.r.o
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Acer GameZone Console
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Super-Cow
[2013.05.24 05:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2013.10.09 13:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eSobi
[2013.08.26 20:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2013.06.23 11:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2014.01.25 03:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2014.01.15 02:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Acer GameZone Console
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Super-Cow
[2009.11.03 12:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\SACore
[2013.07.06 13:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Samsung
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.08.02 19:41:05 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.08.03 05:16:46 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.11.03 13:01:49 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009.11.03 13:01:49 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.13 20:10:55 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\AGP440.SYS
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\i386\AUTOCHK.EXE
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\$NtUninstallKB932716-v2$\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys
< MD5 for: IASTOR.SYS >
[2008.04.15 10:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\ACER\Preload\Autorun\DRV\Intel AHCI\f6flpy64\IaStor.sys
[2008.04.15 16:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.15 10:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\ACER\Preload\Autorun\DRV\Intel AHCI\f6flpy32\IaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.15 10:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\OemDir\iaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\DRVSTORE\iaAHCI_E7EB69FF3449D216602D0D37A1D73969621673A9\iaStor.sys
[2008.04.15 10:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\iaStor.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 13:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\i386\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[3 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.01.25 02:17:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Acer PC\Data aplikací\.#
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer GameZone Console
[2013.05.24 07:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acronis
[2013.07.29 15:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Adobe
[2014.01.25 03:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
[2013.05.26 16:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\D2FFA9E3-CFC7-4C55-BD36-FDC4ABF920A8
[2014.01.30 15:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\DivX
[2014.01.28 14:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
[2014.01.30 16:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\eSobi
[2013.05.10 03:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Google
[2009.10.17 10:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Macromedia
[2014.02.15 11:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Malwarebytes
[2013.08.26 13:54:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Microsoft
[2013.05.05 02:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Mozilla
[2013.06.23 16:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\OpenOffice.org
[2013.07.06 13:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Samsung
[2014.01.15 02:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\spidla
[2014.01.25 03:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
[2013.03.17 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Sun
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Super-Cow
[2013.05.13 05:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\TeamViewer
[2013.03.14 18:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Template
[2013.03.14 08:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\URSoft
[2014.01.08 19:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\vlc
[2013.03.17 13:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\WinRAR
[2013.05.10 03:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Zonora Technologies
[2014.01.15 02:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2014.01.20 21:37:14 | 005,361,664 | -H-- | M] () -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\game.exe
[2013.08.08 09:01:34 | 009,596,634 | ---- | M] (Spidla) -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\GMChess3.exe
[2006.07.28 06:47:30 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\server.exe
[2014.01.15 02:17:53 | 000,712,084 | ---- | M] () -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\unins000.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.08.02 21:30:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.08.02 21:30:16 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.08.02 21:30:15 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.13 13:58:49 | 085,946,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.02.13 14:24:56 | 000,088,590 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.02.13 14:24:56 | 000,076,644 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.02.13 14:24:56 | 000,469,358 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.02.13 14:24:56 | 000,474,220 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.02.13 14:24:56 | 001,120,198 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.16 03:56:06 | 000,000,512 | ---- | M] () MD5=7593E3280A966E2F383A7B432CE21BA7 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.02.08 07:31:07 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\js\chromeBackstageLoader.js.vir
[2014.02.08 07:31:00 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.08 07:31:00 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\tb\al\ac\img\loader-icon.png.vir
[2014.02.08 07:30:58 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\tb\al\ui\gf\img\loader.gif.vir
[2013.05.24 03:54:39 | 000,000,084 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.err
[2013.06.30 11:06:14 | 000,001,128 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.nast
[2013.06.10 19:39:00 | 000,307,664 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\Adobe\AIH.f3dc5a3e4da37ab36d3d38edd24c8aef88a71c40\downloader.bundle
[2013.03.20 07:02:00 | 000,512,384 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\Adobe\AIH.f3dc5a3e4da37ab36d3d38edd24c8aef88a71c40\downloader.dll
[2014.02.14 09:16:32 | 000,003,061 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Temporary Internet Files\Content.IE5\BR8Z3N2A\rmsloaderdelayeddiv[1].js
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\Acer PC\Oblíbené položky\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2013.05.24 04:03:31 | 000,905,728 | ---- | M] () -- \Documents and Settings\Acer PC\Plocha\SRDownloader.exe
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\Acer PC\Plocha\Nová složka\Favorites\Favorites\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\All Users\Oblíbené položky\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2008.04.14 13:00:00 | 000,017,421 | ---- | M] () -- \i386\DMLOADER.DL_
[2008.04.14 13:00:00 | 000,115,367 | ---- | M] () -- \i386\OSLOADER.EX_
[2008.04.14 13:00:00 | 000,133,029 | ---- | M] () -- \i386\OSLOADER.NT_
[2013.03.14 17:43:18 | 000,024,576 | ---- | M] () -- \Program Files\Common Files\Acronis\TrueImageHome\tnd_loader.bin
[2013.02.09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2013.05.10 03:10:33 | 000,003,776 | ---- | M] () -- \Program Files\jv16 PowerTools 2013\Backups\00025A\Advert.Advantage.Reloader[1].js
[2013.05.12 11:54:08 | 000,000,673 | ---- | M] () -- \Program Files\jv16 PowerTools 2013\Backups\00025A\loader.white[1].gif
[2012.08.13 09:52:58 | 000,006,081 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2013.06.23 16:07:29 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 10:04:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2013.06.23 16:07:38 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 09:12:36 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2012.04.29 08:40:30 | 001,744,896 | ---- | M] () -- \Program Files\TapinRadio\TapinRadioDownloader.exe
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
[2013.03.27 21:43:10 | 000,628,512 | ---- | M] () -- \Program Files\Acronis\TrueImageHome\license_activator.exe
< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2010.06.08 13:35:21 | 000,000,011 | ---- | M] () -- \Documents and Settings\Acer PC\Dokumenty\Disk Google\Vzory_právnĂch_dokumentĹŻ_2010.1__(8.6.2010)\Vzory právních dokumentů 2010.1 (8.6.2010)\01 - Vzory2010\serial.txt
[2013.07.01 12:35:04 | 000,000,024 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp
[2008.04.14 13:00:00 | 000,024,957 | ---- | M] () -- \i386\DPSERIAL.DL_
[2008.04.14 13:00:00 | 000,030,259 | ---- | M] () -- \i386\SERIAL.SY_
[2008.04.14 13:00:00 | 000,006,549 | ---- | M] () -- \i386\SERIALUI.DL_
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.13 14:45:46 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.08.14 09:04:37 | 000,000,056 | ---- | M] () -- \Trefik12DEMO\db\Serial.TrefikBlob
[2013.08.14 09:04:37 | 000,077,824 | ---- | M] () -- \Trefik12DEMO\db\Serial.TrefikIdx
[2013.08.14 09:04:37 | 000,049,792 | ---- | M] () -- \Trefik12DEMO\db\Serial.TrefikTbl
[2013.02.15 09:40:48 | 000,040,960 | ---- | M] () -- \Trefik12DEMO\db\SerialSout.TrefikIdx
[2013.02.15 09:40:48 | 000,031,776 | ---- | M] () -- \Trefik12DEMO\db\SerialSout.TrefikTbl
[2004.12.09 11:55:50 | 000,001,887 | ---- | M] () -- \Trefik12DEMO\help\serialy.htm
[2004.11.30 11:13:28 | 000,023,593 | ---- | M] () -- \Trefik12DEMO\help\images\serialy.gif
[2013.08.13 17:41:09 | 000,000,103 | ---- | M] () -- \Trefik12DEMO\temp\Update\pserial.trf
[2013.08.13 17:41:08 | 000,000,030 | ---- | M] () -- \Trefik12DEMO\temp\Update\pserialsout.trf
[2014.02.13 14:13:00 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.03.16 19:30:10 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.15 11:17:26 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 11:15:18 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.15 15:21:14 | 002,659,328 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b71d4a24ecc32f0c5a110a5c7b9d755f\System.Runtime.Serialization.ni.dll
[2014.02.15 15:21:42 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\efdf6e0cd334958ba2eb6db14486b7b3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.07.06 13:09:11 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.13 14:25:36 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.06 13:09:09 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.13 14:25:33 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC30924\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 15:17:16 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 13:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AB689DEA
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D158BAF9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ADE16379
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer PC\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,87 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 48,53% Memory free
2,39 Gb Paging File | 1,96 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 116,56 Gb Free Space | 83,83% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: Acer PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.16 03:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Acer PC\Plocha\OTL.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.05.26 16:06:10 | 003,783,672 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013.03.20 18:28:20 | 007,084,672 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013.02.15 11:59:48 | 000,830,376 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.15 15:59:15 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\e519ca59f575456843364dcccf306bda\System.ServiceProcess.ni.dll
MOD - [2014.02.15 15:50:27 | 001,218,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\ecc7743098d7e89031a74a40e0276943\System.Management.ni.dll
MOD - [2014.02.15 15:21:40 | 000,762,880 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ec2ecb9f65b3e40b70ba221dd9a7f1b\System.Runtime.Remoting.ni.dll
MOD - [2014.02.15 15:21:03 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\529e65b2426131133868e5e26ba858ac\System.Xml.Linq.ni.dll
MOD - [2014.02.13 14:28:01 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\0812551ba18760af570ed10f03af09fd\System.Core.ni.dll
MOD - [2014.02.13 14:27:51 | 005,628,416 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\926dccd5f3cd72c4d6cc4009648d06d0\System.Xml.ni.dll
MOD - [2014.02.13 14:27:32 | 001,014,784 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\66d85425fcbd18e6fecd7339add5b3a0\System.Configuration.ni.dll
MOD - [2014.02.13 14:27:28 | 009,100,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6456ab920c84162f31dede6e2591275d\System.ni.dll
MOD - [2014.02.13 14:27:04 | 014,418,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\0f9ba380621c38344628d30fb72d2327\mscorlib.ni.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.03.27 21:36:30 | 000,021,312 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
MOD - [2013.03.27 21:09:00 | 000,420,160 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll
MOD - [2012.02.22 15:46:24 | 001,135,616 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
MOD - [2012.02.22 15:46:24 | 000,656,896 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
MOD - [2012.02.22 15:46:24 | 000,290,304 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
MOD - [2012.02.22 15:46:24 | 000,289,792 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libThumbnail.dll
MOD - [2012.02.22 15:46:24 | 000,133,120 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
MOD - [2012.02.22 15:46:24 | 000,105,472 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\DCMCDP.dll
MOD - [2012.02.22 15:46:24 | 000,098,816 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\FolderCDP.dll
MOD - [2012.02.22 15:46:24 | 000,077,312 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
MOD - [2012.02.22 15:46:24 | 000,063,488 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ID3Driver.dll
MOD - [2012.02.22 15:46:24 | 000,054,784 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
MOD - [2012.02.22 15:46:24 | 000,031,232 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\Autobackup.dll
MOD - [2012.02.22 15:46:24 | 000,029,184 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
MOD - [2012.02.22 15:46:24 | 000,027,648 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
MOD - [2012.02.22 15:46:24 | 000,024,064 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
MOD - [2012.02.22 15:46:24 | 000,024,064 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\photoDriver.dll
MOD - [2012.02.22 15:46:24 | 000,023,040 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
MOD - [2012.02.22 15:46:24 | 000,017,920 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
MOD - [2012.02.22 15:46:24 | 000,017,920 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
MOD - [2012.02.22 15:46:24 | 000,013,824 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\TextExtractor.dll
MOD - [2012.02.22 15:46:24 | 000,012,288 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\VideoThumb.dll
MOD - [2012.02.22 15:46:24 | 000,012,288 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
MOD - [2012.01.05 21:40:20 | 005,717,504 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
MOD - [2012.01.05 21:40:20 | 004,671,488 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avcodec-52.dll
MOD - [2012.01.05 21:40:20 | 000,686,080 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avformat-52.dll
MOD - [2012.01.05 21:40:20 | 000,520,234 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\sqlite3.dll
MOD - [2012.01.05 21:40:20 | 000,450,560 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
MOD - [2012.01.05 21:40:20 | 000,399,826 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
MOD - [2012.01.05 21:40:20 | 000,366,592 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\tag.dll
MOD - [2012.01.05 21:40:20 | 000,152,064 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\swscale-0.dll
MOD - [2012.01.05 21:40:20 | 000,147,456 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\libexpat.dll
MOD - [2012.01.05 21:40:20 | 000,070,656 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\avutil-50.dll
MOD - [2012.01.05 21:40:20 | 000,044,032 | ---- | M] () -- C:\Program Files\Samsung\AllShare\AllShareDMS\us.dll
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.04 20:27:25 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.05.26 16:06:10 | 003,783,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013.03.20 18:28:20 | 007,084,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013.02.15 11:59:48 | 000,830,376 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.03.02 16:00:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.03.02 16:00:20 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008.04.15 16:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts5161ccid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (Rts516xIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.05.26 16:06:22 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2013.05.26 16:05:42 | 000,888,640 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2013.05.24 05:09:26 | 000,130,488 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tib_mounter.sys -- (tib_mounter)
DRV - [2013.05.24 05:08:59 | 000,736,192 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tib.sys -- (tib)
DRV - [2013.05.24 05:08:49 | 000,116,000 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vididr.sys -- (vididr)
DRV - [2013.05.24 05:08:47 | 000,085,280 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vidsflt.sys -- (vidsflt)
DRV - [2013.05.24 05:08:42 | 000,158,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2013.05.24 05:07:20 | 000,081,184 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2009.05.06 17:15:38 | 001,759,744 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.04.15 11:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009.03.02 06:03:48 | 000,038,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1c51x86.sys -- (L1c)
DRV - [2009.02.24 09:49:44 | 005,032,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.02.20 09:53:18 | 001,952,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009.02.18 10:46:56 | 000,534,312 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009.02.03 07:42:30 | 000,162,816 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2008.10.30 22:19:14 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.08.26 12:51:36 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2008.08.05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.07.24 10:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.02.04 10:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008.02.04 10:57:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2006.11.02 14:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006.01.04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.16 11:41:56 | 000,408,064 | ---- | M] (SMC Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SMCWGU.sys -- (SMCWGU(SMC)
DRV - [2004.10.25 13:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... AW_csCZ527
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}: "URL" = http://search.conduit.com/ResultsExt.as ... 15165&UM=2
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_43: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013.06.08 05:23:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Acer PC\Data aplikací\Mozilla\Firefox\Profiles\extensions
[2013.04.17 14:50:46 | 000,201,930 | ---- | M] () (No name found) -- C:\Documents and Settings\Acer PC\Data aplikací\Mozilla\Firefox\Profiles\extensions\hdvc@hdvc.com.xpi
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U43 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Java Deployment Toolkit 6.0.430.1 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_1\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Full Screen Weather = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: Pass Strength Meter = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gahnebecgllcaakcojhgndipnamdlghe\2.0_0\
CHR - Extension: IP adresa = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.1_0\
CHR - Extension: Webcam Toy = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
CHR - Extension: Freecell = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lhppflinkhhgcllcdnocdiceepgpemah\1.0.1_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Picasa = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014.02.15 21:34:45 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" File not found
O4 - HKU\S-1-5-18..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 3210383687 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Java Plug-in 1.5.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_43)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B670B2F-E965-4898-86D9-A027C7EE36EC}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Acer03.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Acer03.bmp
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.08.02 19:37:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.16 03:50:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Acer PC\Plocha\OTL.exe
[2014.02.15 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Plocha\RK_Quarantine
[2014.02.15 11:38:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\Malwarebytes
[2014.02.14 21:33:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.09 16:32:00 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Acer PC\Recent
[2014.01.30 15:11:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\DivX
[2014.01.30 15:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2014.01.30 14:54:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\NativeMessaging
[2014.01.30 14:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\CRE
[2014.01.30 14:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DivX
[2014.01.30 11:27:39 | 009,596,634 | ---- | C] (Spidla) -- C:\Documents and Settings\Acer PC\Dokumenty\GMChess3.exe
[2014.01.28 14:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\SMCWUSB-G 802.11g Wireless USB Utility
[2014.01.28 14:57:40 | 000,000,000 | ---D | C] -- C:\Program Files\SMC
[2014.01.28 14:57:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2014.01.28 14:56:56 | 000,408,064 | ---- | C] (SMC Corporation) -- C:\WINDOWS\System32\drivers\SMCWGU.sys
[2014.01.28 14:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Plocha\SMCWUSB-G-802.11g-Wireless-USB-Utility
[2014.01.28 14:47:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
[2014.01.25 03:07:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
[2014.01.25 03:06:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
[2014.01.25 02:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Nabídka Start\Programy\Chess 2012
[2014.01.25 02:23:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Chess 2012
[2014.01.25 02:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\Arasan
[2014.01.25 01:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\Deployment
========== Files - Modified Within 30 Days ==========
[2014.02.16 03:56:06 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.16 03:50:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Acer PC\Plocha\OTL.exe
[2014.02.16 03:48:53 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.16 03:48:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.02.16 03:48:41 | 1063,194,624 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.15 22:05:53 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.15 21:34:45 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.02.15 21:26:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.02.15 21:00:45 | 003,813,376 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\RogueKiller.exe
[2014.02.14 21:33:40 | 001,166,132 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\adwcleaner.exe
[2014.02.14 14:21:08 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\RSIT.exe
[2014.02.14 14:18:32 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.02.13 14:24:56 | 000,474,220 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.02.13 14:24:56 | 000,469,358 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.02.13 14:24:56 | 000,088,590 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.02.13 14:24:56 | 000,076,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.02.13 13:46:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.02.11 07:29:46 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.02.07 03:22:17 | 000,000,430 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2014.02.06 04:38:36 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014.02.06 00:08:34 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014.02.06 00:08:34 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014.02.06 00:08:34 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014.02.06 00:08:34 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014.02.06 00:08:34 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014.02.06 00:08:33 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014.02.06 00:08:33 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014.02.06 00:08:33 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014.02.06 00:08:33 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014.02.05 23:24:05 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2014.02.04 20:27:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.02.04 20:27:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.01.30 15:48:35 | 000,284,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.30 15:16:19 | 001,011,378 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\Bedroom_TV.divx
[2014.01.28 14:57:42 | 000,001,028 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\SMCWUSB-G 802.11g Wireless USB Utility.lnk
[2014.01.28 14:55:41 | 023,867,985 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\SMCWUSB-G-802.11g-Wireless-USB-Utility.zip
[2014.01.25 02:25:00 | 000,001,077 | ---- | M] () -- C:\Documents and Settings\Acer PC\Plocha\Chess 2012.lnk
[2014.01.19 08:32:23 | 000,231,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2014.02.16 03:56:06 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.15 21:00:43 | 003,813,376 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\RogueKiller.exe
[2014.02.14 21:33:09 | 001,166,132 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\adwcleaner.exe
[2014.02.14 14:20:49 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\RSIT.exe
[2014.02.13 13:44:42 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2014.01.30 15:16:16 | 001,011,378 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\Bedroom_TV.divx
[2014.01.28 14:57:42 | 000,001,028 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\SMCWUSB-G 802.11g Wireless USB Utility.lnk
[2014.01.28 14:54:13 | 023,867,985 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\SMCWUSB-G-802.11g-Wireless-USB-Utility.zip
[2014.01.25 02:25:00 | 000,001,077 | ---- | C] () -- C:\Documents and Settings\Acer PC\Plocha\Chess 2012.lnk
[2013.08.26 20:16:21 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2013.08.26 20:16:21 | 000,002,411 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2013.07.29 17:32:06 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\NMOCOD.DLL
[2013.07.06 13:47:40 | 003,492,741 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-2106517767-953129233-1774555873-1005-0.dat
[2013.07.06 13:47:39 | 000,283,686 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.06.30 11:24:23 | 000,007,680 | ---- | C] () -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.24 03:57:25 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.nast
[2013.05.24 03:54:39 | 000,000,084 | ---- | C] () -- C:\Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.err
[2013.05.10 03:21:35 | 000,000,024 | -HS- | C] () -- C:\Documents and Settings\Acer PC\Data aplikací\Win4665 Config DB.dlx
[2013.05.10 03:21:35 | 000,000,024 | -HS- | C] () -- C:\Documents and Settings\Acer PC\Data aplikací\System3192SettingsDB.dat
[2013.03.14 18:14:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Acer PC\Data aplikací\wklnhst.dat
[2013.03.14 04:43:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
========== ZeroAccess Check ==========
[2009.08.02 19:42:21 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.01.25 02:17:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Acer PC\Data aplikací\.#
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer GameZone Console
[2013.05.24 07:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acronis
[2014.01.25 03:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
[2013.05.26 16:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\D2FFA9E3-CFC7-4C55-BD36-FDC4ABF920A8
[2014.01.28 14:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
[2014.01.30 16:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\eSobi
[2013.06.23 16:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\OpenOffice.org
[2013.07.06 13:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Samsung
[2014.01.15 02:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\spidla
[2014.01.25 03:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Super-Cow
[2013.05.13 05:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\TeamViewer
[2013.03.14 18:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Template
[2013.03.14 08:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\URSoft
[2013.05.10 03:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Zonora Technologies
[2014.01.15 02:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Špidla Data Processing, s.r.o
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Acer GameZone Console
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Super-Cow
[2013.05.24 05:11:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2013.10.09 13:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eSobi
[2013.08.26 20:16:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2013.06.23 11:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sandlot Games
[2014.01.25 03:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2014.01.15 02:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Acer GameZone Console
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Super-Cow
[2009.11.03 12:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\SACore
[2013.07.06 13:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Samsung
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.08.02 19:41:05 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.08.03 05:16:46 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.11.03 13:01:49 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009.11.03 13:01:49 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.13 20:10:55 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\AGP440.SYS
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\i386\AUTOCHK.EXE
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\$NtUninstallKB932716-v2$\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys
< MD5 for: IASTOR.SYS >
[2008.04.15 10:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\ACER\Preload\Autorun\DRV\Intel AHCI\f6flpy64\IaStor.sys
[2008.04.15 16:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.15 10:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\ACER\Preload\Autorun\DRV\Intel AHCI\f6flpy32\IaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.15 10:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\OemDir\iaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.04.15 16:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\DRVSTORE\iaAHCI_E7EB69FF3449D216602D0D37A1D73969621673A9\iaStor.sys
[2008.04.15 10:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\iaStor.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 13:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\i386\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[3 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.01.25 02:17:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Acer PC\Data aplikací\.#
[2009.08.02 22:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer
[2009.08.02 21:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acer GameZone Console
[2013.05.24 07:19:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Acronis
[2013.07.29 15:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Adobe
[2014.01.25 03:10:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Chessmaster Challenge
[2013.05.26 16:05:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\D2FFA9E3-CFC7-4C55-BD36-FDC4ABF920A8
[2014.01.30 15:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\DivX
[2014.01.28 14:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\driveridentifier
[2014.01.30 16:01:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\eSobi
[2013.05.10 03:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Google
[2009.10.17 10:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Macromedia
[2014.02.15 11:38:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Malwarebytes
[2013.08.26 13:54:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Microsoft
[2013.05.05 02:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Mozilla
[2013.06.23 16:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\OpenOffice.org
[2013.07.06 13:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Samsung
[2014.01.15 02:20:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\spidla
[2014.01.25 03:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\SpinTop
[2013.03.17 15:58:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Sun
[2009.08.02 22:22:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Super-Cow
[2013.05.13 05:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\TeamViewer
[2013.03.14 18:14:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Template
[2013.03.14 08:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\URSoft
[2014.01.08 19:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\vlc
[2013.03.17 13:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\WinRAR
[2013.05.10 03:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Zonora Technologies
[2014.01.15 02:19:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Acer PC\Data aplikací\Špidla Data Processing, s.r.o
< %APPDATA%\*.exe /s >
[2014.01.20 21:37:14 | 005,361,664 | -H-- | M] () -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\game.exe
[2013.08.08 09:01:34 | 009,596,634 | ---- | M] (Spidla) -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\GMChess3.exe
[2006.07.28 06:47:30 | 000,135,168 | ---- | M] () -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\server.exe
[2014.01.15 02:17:53 | 000,712,084 | ---- | M] () -- C:\Documents and Settings\Acer PC\Data aplikací\spidla\wrapper_trial\Šachy Grand Master Chess\unins000.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.08.02 21:30:16 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.08.02 21:30:16 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.08.02 21:30:15 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.13 13:58:49 | 085,946,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.02.13 14:24:56 | 000,088,590 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.02.13 14:24:56 | 000,076,644 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.02.13 14:24:56 | 000,469,358 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.02.13 14:24:56 | 000,474,220 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.02.13 14:24:56 | 001,120,198 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.16 03:56:06 | 000,000,512 | ---- | M] () MD5=7593E3280A966E2F383A7B432CE21BA7 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.02.08 07:31:07 | 000,048,624 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\js\chromeBackstageLoader.js.vir
[2014.02.08 07:31:00 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\tb\al\ac\img\ajax-loader.gif.vir
[2014.02.08 07:31:00 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\tb\al\ac\img\loader-icon.png.vir
[2014.02.08 07:30:58 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho\10.26.4.512_0\tb\al\ui\gf\img\loader.gif.vir
[2013.05.24 03:54:39 | 000,000,084 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.err
[2013.06.30 11:06:14 | 000,001,128 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\SRDownloader.nast
[2013.06.10 19:39:00 | 000,307,664 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\Adobe\AIH.f3dc5a3e4da37ab36d3d38edd24c8aef88a71c40\downloader.bundle
[2013.03.20 07:02:00 | 000,512,384 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\Adobe\AIH.f3dc5a3e4da37ab36d3d38edd24c8aef88a71c40\downloader.dll
[2014.02.14 09:16:32 | 000,003,061 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Temporary Internet Files\Content.IE5\BR8Z3N2A\rmsloaderdelayeddiv[1].js
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\Acer PC\Oblíbené položky\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2013.05.24 04:03:31 | 000,905,728 | ---- | M] () -- \Documents and Settings\Acer PC\Plocha\SRDownloader.exe
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\Acer PC\Plocha\Nová složka\Favorites\Favorites\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2011.03.22 09:22:46 | 000,000,261 | ---- | M] () -- \Documents and Settings\All Users\Oblíbené položky\SAT\emu\Najmsat.Com - The King Of Sat , Key , Loader & Software....url
[2008.04.14 13:00:00 | 000,017,421 | ---- | M] () -- \i386\DMLOADER.DL_
[2008.04.14 13:00:00 | 000,115,367 | ---- | M] () -- \i386\OSLOADER.EX_
[2008.04.14 13:00:00 | 000,133,029 | ---- | M] () -- \i386\OSLOADER.NT_
[2013.03.14 17:43:18 | 000,024,576 | ---- | M] () -- \Program Files\Common Files\Acronis\TrueImageHome\tnd_loader.bin
[2013.02.09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2013.05.10 03:10:33 | 000,003,776 | ---- | M] () -- \Program Files\jv16 PowerTools 2013\Backups\00025A\Advert.Advantage.Reloader[1].js
[2013.05.12 11:54:08 | 000,000,673 | ---- | M] () -- \Program Files\jv16 PowerTools 2013\Backups\00025A\loader.white[1].gif
[2012.08.13 09:52:58 | 000,006,081 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2013.06.23 16:07:29 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 10:04:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2013.06.23 16:07:38 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 09:12:36 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2012.04.29 08:40:30 | 001,744,896 | ---- | M] () -- \Program Files\TapinRadio\TapinRadioDownloader.exe
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
[2013.03.27 21:43:10 | 000,628,512 | ---- | M] () -- \Program Files\Acronis\TrueImageHome\license_activator.exe
< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2010.06.08 13:35:21 | 000,000,011 | ---- | M] () -- \Documents and Settings\Acer PC\Dokumenty\Disk Google\Vzory_právnĂch_dokumentĹŻ_2010.1__(8.6.2010)\Vzory právních dokumentů 2010.1 (8.6.2010)\01 - Vzory2010\serial.txt
[2013.07.01 12:35:04 | 000,000,024 | ---- | M] () -- \Documents and Settings\Acer PC\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp
[2008.04.14 13:00:00 | 000,024,957 | ---- | M] () -- \i386\DPSERIAL.DL_
[2008.04.14 13:00:00 | 000,030,259 | ---- | M] () -- \i386\SERIAL.SY_
[2008.04.14 13:00:00 | 000,006,549 | ---- | M] () -- \i386\SERIALUI.DL_
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.13 14:45:46 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.08.14 09:04:37 | 000,000,056 | ---- | M] () -- \Trefik12DEMO\db\Serial.TrefikBlob
[2013.08.14 09:04:37 | 000,077,824 | ---- | M] () -- \Trefik12DEMO\db\Serial.TrefikIdx
[2013.08.14 09:04:37 | 000,049,792 | ---- | M] () -- \Trefik12DEMO\db\Serial.TrefikTbl
[2013.02.15 09:40:48 | 000,040,960 | ---- | M] () -- \Trefik12DEMO\db\SerialSout.TrefikIdx
[2013.02.15 09:40:48 | 000,031,776 | ---- | M] () -- \Trefik12DEMO\db\SerialSout.TrefikTbl
[2004.12.09 11:55:50 | 000,001,887 | ---- | M] () -- \Trefik12DEMO\help\serialy.htm
[2004.11.30 11:13:28 | 000,023,593 | ---- | M] () -- \Trefik12DEMO\help\images\serialy.gif
[2013.08.13 17:41:09 | 000,000,103 | ---- | M] () -- \Trefik12DEMO\temp\Update\pserial.trf
[2013.08.13 17:41:08 | 000,000,030 | ---- | M] () -- \Trefik12DEMO\temp\Update\pserialsout.trf
[2014.02.13 14:13:00 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.03.16 19:30:10 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.15 11:17:26 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 11:15:18 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.15 15:21:14 | 002,659,328 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b71d4a24ecc32f0c5a110a5c7b9d755f\System.Runtime.Serialization.ni.dll
[2014.02.15 15:21:42 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\efdf6e0cd334958ba2eb6db14486b7b3\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.07.06 13:09:11 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.13 14:25:36 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.06 13:09:09 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.13 14:25:33 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC30924\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 15:17:16 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 13:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AB689DEA
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D158BAF9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ADE16379
< End of report >
Re: preventivka
OTL Extras logfile created on: 16.2.2014 3:52:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer PC\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,87 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 48,53% Memory free
2,39 Gb Paging File | 1,96 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 116,56 Gb Free Space | 83,83% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: Acer PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2379:UDP" = 2379:UDP:*:Enabled:Windows Media Format SDK (iexplore.exe)
"2378:UDP" = 2378:UDP:*:Enabled:Windows Media Format SDK (iexplore.exe)
"2381:UDP" = 2381:UDP:*:Enabled:Windows Media Format SDK (iexplore.exe)
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"54010:TCP" = 54010:TCP:*:Enabled:Samsung AllShare SlideShow Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe" = C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe:*:Enabled:Acronis Sync Agent Service -- (Acronis)
"C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe" = C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe:*:Enabled:Samsung AllShare Service -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\AllShare\AllShare.exe" = C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:Samsung AllShare Player -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe" = C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:Samsung AllShare Agent -- (Samsung Electronics Co., Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216043FF}" = Java(TM) 6 Update 43
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{3248F0A8-6813-11D6-A77B-00B0D0150150}" = J2SE Runtime Environment 5.0 Update 15
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = WebCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{75BC2136-B6A1-4F3B-8A69-55E39C647B1F}" = True Image 2013
"{75BC2136-B6A1-4F3B-8A69-55E39C647B1F}Visible" = True Image 2013
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802C87BF-3A1E-45B0-8C12-9527A5C572B3}" = SMCWUSB-G 802.11g Wireless USB 2.0 Adapter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113938743}" = Supercow
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Software Bluetooth WIDCOMM
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{B6BFB37F-8693-4B4C-B22A-E04F2915F8A4}_is1" = Rozpisy pro loterie 2.05 verze 2.05
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"CCleaner" = CCleaner
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{802C87BF-3A1E-45B0-8C12-9527A5C572B3}" = SMCWUSB-G 802.11g Wireless USB 2.0 Adapter
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"jv16 PowerTools 2013" = jv16 PowerTools 2013
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TapinRadio_is1" = TapinRadio 1.58.2
"VLC media player" = VLC media player 2.0.8
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Chess2012" = Chess 2012
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.2.2014 17:10:36 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 1:31:43 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 9:18:04 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 16:30:13 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 16:46:59 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace adwcleaner.exe, verze 3.0.1.8, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.2.2014 16:47:03 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace adwcleaner.exe, verze 3.0.1.8, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.2.2014 6:06:45 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 15.2.2014 12:57:10 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 15.2.2014 13:07:29 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.75.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.2.2014 15:58:45 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
[ System Events ]
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 8.2.2014 2:02:21 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 15.2.2014 12:57:11 | Computer Name = ACER | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: atapi PCIIde
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Acer PC\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1013,87 Mb Total Physical Memory | 492,00 Mb Available Physical Memory | 48,53% Memory free
2,39 Gb Paging File | 1,96 Gb Available in Paging File | 82,03% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,04 Gb Total Space | 116,56 Gb Free Space | 83,83% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: Acer PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2379:UDP" = 2379:UDP:*:Enabled:Windows Media Format SDK (iexplore.exe)
"2378:UDP" = 2378:UDP:*:Enabled:Windows Media Format SDK (iexplore.exe)
"2381:UDP" = 2381:UDP:*:Enabled:Windows Media Format SDK (iexplore.exe)
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"54010:TCP" = 54010:TCP:*:Enabled:Samsung AllShare SlideShow Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe" = C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe:*:Enabled:Acronis Sync Agent Service -- (Acronis)
"C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe" = C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe:*:Enabled:Samsung AllShare Service -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\AllShare\AllShare.exe" = C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:Samsung AllShare Player -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe" = C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:Samsung AllShare Agent -- (Samsung Electronics Co., Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216043FF}" = Java(TM) 6 Update 43
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{3248F0A8-6813-11D6-A77B-00B0D0150150}" = J2SE Runtime Environment 5.0 Update 15
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = WebCam
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{56D4499E-AC3E-4B8D-91C9-C700C148C44B}" = Google Drive
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{75BC2136-B6A1-4F3B-8A69-55E39C647B1F}" = True Image 2013
"{75BC2136-B6A1-4F3B-8A69-55E39C647B1F}Visible" = True Image 2013
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802C87BF-3A1E-45B0-8C12-9527A5C572B3}" = SMCWUSB-G 802.11g Wireless USB 2.0 Adapter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113938743}" = Supercow
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Software Bluetooth WIDCOMM
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Czech
"{B6BFB37F-8693-4B4C-B22A-E04F2915F8A4}_is1" = Rozpisy pro loterie 2.05 verze 2.05
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Acer Screensaver" = Acer ScreenSaver
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"CCleaner" = CCleaner
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{802C87BF-3A1E-45B0-8C12-9527A5C572B3}" = SMCWUSB-G 802.11g Wireless USB 2.0 Adapter
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"jv16 PowerTools 2013" = jv16 PowerTools 2013
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TapinRadio_is1" = TapinRadio 1.58.2
"VLC media player" = VLC media player 2.0.8
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Chess2012" = Chess 2012
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.2.2014 17:10:36 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 1:31:43 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 9:18:04 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 16:30:13 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 14.2.2014 16:46:59 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace adwcleaner.exe, verze 3.0.1.8, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 14.2.2014 16:47:03 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace adwcleaner.exe, verze 3.0.1.8, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.2.2014 6:06:45 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 15.2.2014 12:57:10 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
Error - 15.2.2014 13:07:29 | Computer Name = ACER | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.75.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.2.2014 15:58:45 | Computer Name = ACER | Source = SamsungAllShareV2.0 | ID = 0
Description = Službu nelze spustit. System.Runtime.InteropServices.COMException
(0x80010002): Filtr zpráv volání zrušil. (Výjimka na základě hodnoty HRESULT: 0x80010002
(RPC_E_CALL_CANCELED)) v System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) v System.Management.ManagementScope.InitializeGuts(Object
o) v System.Management.ManagementScope.Initialize() v System.Management.ManagementEventWatcher.Initialize()
v System.Management.ManagementEventWatcher.Start() v AllShareDmsUtil.Manager.AllShareDmsManager.InitEventWatcher()
v AllShareDmsUtil.Manager.AllShareDmsManager.Initialize() v AllShareDmsUtil.Manager.AllShareDmsManager..ctor()
v AllShareDmsUtil.Manager.AllShareDmsManager.get_Instance() v AllShareDMS.AllShareDMS.DoStart()
v AllShareDMS.AllShareDMS.OnStart(String[] args) v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object
state)
[ System Events ]
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 4.2.2014 15:59:18 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 8.2.2014 2:02:21 | Computer Name = ACER | Source = DCOM | ID = 10010
Description = Server {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} se v daném časovém limitu
neregistroval u služby DCOM.
Error - 15.2.2014 12:57:11 | Computer Name = ACER | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: atapi PCIIde
< End of report >
Re: preventivka
Vypnete antivir, at nebrani programu v praci. Znovu spustte OTLDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
JavaQuickStarterService
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\SearchScopes\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288691&CUI=UN34717891398115165&UM=2
O3 - HKU\S-1-5-21-2106517767-953129233-1774555873-1005\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" File not found
O4 - HKU\S-1-5-18..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "C:\WINDOWS\system32\config\systemprofile\Data aplikací\SearchProtect" File not found
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[3 C:\WINDOWS\system32\wbem\*.tmp files -> C:\WINDOWS\system32\wbem\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:AB689DEA
@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D158BAF9
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ADE16379
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Acer PC
->Temp folder emptied: 21991588 bytes
->Temporary Internet Files folder emptied: 15630662 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 234392949 bytes
->Flash cache emptied: 595 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 950682 bytes
User: NetworkService
->Temp folder emptied: 2808198 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22205957 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 485216833 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 10317395 bytes
Total Files Cleaned = 757,00 mb
[EMPTYFLASH]
User: Acer PC
->Flash cache emptied: 0 bytes
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\wbem\SET1DA.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1DB.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1DC.tmp moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Internet Explorer\SearchScopes\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}\ not found.
Registry value HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP159.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP32C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP37D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3FB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP423.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP435.tmp\System.Xml.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP435.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP588.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP62A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7FE.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI133.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC1.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:AB689DEA deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D158BAF9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:ADE16379 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 02162014_090958
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== COMMANDS ==========
[EMPTYTEMP]
User: Acer PC
->Temp folder emptied: 21991588 bytes
->Temporary Internet Files folder emptied: 15630662 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 234392949 bytes
->Flash cache emptied: 595 bytes
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 950682 bytes
User: NetworkService
->Temp folder emptied: 2808198 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22205957 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 485216833 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 10317395 bytes
Total Files Cleaned = 757,00 mb
[EMPTYFLASH]
User: Acer PC
->Flash cache emptied: 0 bytes
User: Administrator
User: All Users
User: Default User
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
C:\WINDOWS\system32\wbem\SET1DA.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1DB.tmp moved successfully.
C:\WINDOWS\system32\wbem\SET1DC.tmp moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Internet Explorer\SearchScopes\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D71FA4C3-C5C5-41C0-A299-096BBBD82AE2}\ not found.
Registry value HKEY_USERS\S-1-5-21-2106517767-953129233-1774555873-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP159.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP32C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP37D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3FB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP423.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP435.tmp\System.Xml.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP435.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP588.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP62A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7FE.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI133.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC1.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3440EB47 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:66633281 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:AB689DEA deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:1CE11B51 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D158BAF9 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:ADE16379 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 02162014_090958
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: preventivka
vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
provedeno
PC je v pořádku
PC je v pořádku
Re: preventivka
Pokud tedy jede vse jak ma, mame hotovo 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivka
děkuji za ochotu
Re: preventivka
Neni zac!
Mejte se a treba zase nekdy
Mejte se a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?