Windows mám legální. Je pravda, že jsem na jejich aktivaci použila keygen, protože jsem měla několikrát rozbitý a hodněkrát zavirovaný PC a překročila jsem počet aktivací. Musela bych proto volat na tu jejich linku. Proto jsem raději použila aktivátor. Asi vám to takhle nijak nedokážu, ale opravdu je mám legálně.
k tomu logu: OTL:
OTL logfile created on: 19.1.2013 17:07:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
511,17 Mb Total Physical Memory | 25,96 Mb Available Physical Memory | 5,08% Memory free
1,22 Gb Paging File | 0,29 Gb Available in Paging File | 24,09% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 44,50 Gb Free Space | 29,86% Space Free | Partition Type: NTFS
Drive G: | 931,28 Gb Total Space | 820,12 Gb Free Space | 88,06% Space Free | Partition Type: FAT32
Drive H: | 983,72 Mb Total Space | 657,63 Mb Free Space | 66,85% Space Free | Partition Type: FAT
Computer Name: DOMA-QO9I0VR7RQ | User Name: Ivona | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.01.15 20:25:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Plocha\OTL.exe
PRC - [2013.01.14 20:21:40 | 000,318,976 | ---- | M] (PowerBASIC, Inc.) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\2.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe
PRC - [2012.02.17 20:40:08 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.01.06 12:47:18 | 000,781,824 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\SELPHY Photo Print\CIC_SPPhelper.exe
PRC - [2011.06.28 20:28:06 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.05.05 13:28:08 | 000,192,784 | ---- | M] (MSBoost) -- C:\Program Files\Smart PC Solutions\Magic Speed\MagicSpeedBooster.exe
PRC - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.11.07 20:38:26 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.10.28 16:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2005.08.06 01:07:30 | 000,061,440 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
========== Modules (No Company Name) ==========
MOD - [2012.08.17 14:58:38 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012.02.17 20:40:08 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.17 19:08:13 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f5e82abf\mscorlib.dll
MOD - [2011.10.17 19:08:01 | 000,835,584 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_dd213123\system.drawing.dll
MOD - [2011.10.17 19:07:05 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_d3fcdcd5\system.xml.dll
MOD - [2011.10.17 19:06:51 | 003,018,752 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_bb70cc20\system.windows.forms.dll
MOD - [2011.10.17 19:06:20 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_557eed5a\system.dll
MOD - [2011.10.17 19:05:21 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2011.10.17 19:05:17 | 001,265,664 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2010.06.13 22:02:16 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2077ce69bd24a095dd54683ae26454d4\System.Runtime.Remoting.ni.dll
MOD - [2010.06.13 21:58:05 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
MOD - [2010.06.13 21:57:35 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
MOD - [2010.06.13 21:57:33 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
MOD - [2010.06.13 21:57:27 | 007,949,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
MOD - [2009.10.17 13:15:08 | 011,486,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
MOD - [2009.06.14 15:06:40 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2007.12.02 14:37:18 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2007.12.02 14:37:18 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2007.12.02 14:37:17 | 000,466,944 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2007.12.02 14:37:17 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2007.12.02 14:37:16 | 002,052,096 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2007.02.23 17:11:47 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2007.02.23 17:11:47 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_cs_b77a5c561934e089\system.windows.forms.resources.dll
MOD - [2007.02.23 17:11:47 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_cs_b77a5c561934e089\system.resources.dll
MOD - [2006.10.31 17:53:00 | 000,270,336 | ---- | M] () -- C:\Program Files\Canon\SELPHY Photo Print\EnoJPEG4.dll
MOD - [2001.07.26 11:27:28 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hpgihps.dll
MOD - [1998.06.11 20:08:06 | 000,095,232 | ---- | M] () -- C:\WINDOWS\system32\Lfkodak.dll
MOD - [1998.06.11 20:08:04 | 000,306,688 | ---- | M] () -- C:\WINDOWS\system32\Lffpx7.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Plánovač automatické aktualizace LiveUpdate)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Auto | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe -- (NIS)
SRV - [2011.06.28 20:28:06 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.03.31 09:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.11.07 20:38:26 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.08.13 17:17:40 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2003.03.09 21:31:02 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\MOBILE~1\bin\SPAInfoDrv.sys -- (SPAInfoDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\IVONA~2.DOM\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (asw8ve1m)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw)
DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER)
DRV - [2013.01.14 16:32:51 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.07.06 03:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtsp.sys -- (SRTSP)
DRV - [2012.07.06 03:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\srtspx.sys -- (SRTSPX)
DRV - [2012.06.07 05:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ccsetx86.sys -- (ccSet_NIS)
DRV - [2012.05.22 02:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symefa.sys -- (SymEFA)
DRV - [2012.04.18 03:13:32 | 000,388,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symtdi.sys -- (SYMTDI)
DRV - [2012.04.18 02:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\ironx86.sys -- (SymIRON)
DRV - [2012.03.25 19:43:20 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.11.14 20:28:02 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111123.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011.11.12 15:58:01 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111209.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2011.11.12 15:57:59 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20111209.003\NAVENG.SYS -- (NAVENG)
DRV - [2011.11.12 15:57:58 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011.11.12 15:57:58 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.11.11 16:47:24 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111208.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011.07.26 03:18:36 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1309000.009\symds.sys -- (SymDS)
DRV - [2011.06.28 20:28:03 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.02.08 10:45:06 | 000,019,328 | ---- | M] (WiFi Media Connect) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfmcvad.sys -- (WFMC_VAD)
DRV - [2009.11.22 17:05:58 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.03.31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 10:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 10:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 10:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.28 10:50:36 | 000,517,632 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2006.04.07 16:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VNUSB.sys -- (VNUSB)
DRV - [2006.03.18 03:24:59 | 000,026,844 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2005.08.04 04:10:18 | 001,273,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.05.04 10:18:26 | 002,951,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2004.12.03 14:55:12 | 000,969,728 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.04.28 10:30:02 | 000,078,848 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\actvcomm.sys -- (actvcomm)
DRV - [2004.03.08 11:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004.01.28 13:11:02 | 000,022,912 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\actser.sys -- (actser)
DRV - [2003.05.07 17:07:58 | 000,041,472 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2002.11.11 19:52:54 | 000,006,400 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pctvvbi.sys -- (pctvvbi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar =
http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://fr.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://securityresponse.symantec.com/av ... x_homepage
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar =
http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page =
http://google.icq.com
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://fr.msn.com/
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\${searchCLSID}: "URL" =
http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" =
http://www.crawler.com/search/dispatche ... tbid=60076
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" =
http://www.icq.com/search/results.php?q ... &ch_id=osd
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{88C19A03-DC0C-424D-B538-A846A8891C48}: "URL" =
http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" =
http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{BE9654C9-9D79-42ec-B55A-3CAEB12DBF58}: "URL" =
http://www.icq.com/search/result.php?q= ... &ch_id=osd
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\SearchScopes\{D6A8875F-7916-4732-B6B4-BA0FB5CF0C07}: "URL" =
http://www.heureka.cz/?h[fraze]={searchTerms}
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1993962763-606747145-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: {b2509cd4-17cd-45ed-8146-a82af038f493}:2.02
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120910
FF - prefs.js..extensions.enabledAddons:
smarterwiki@wikiatic.com:5.0.9
FF - prefs.js..extensions.enabledAddons: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:5.0.3
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.12
FF - prefs.js..extensions.enabledItems:
jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.0
FF - prefs.js..extensions.enabledItems: {b2509cd4-17cd-45ed-8146-a82af038f493}:1.60
FF - prefs.js..extensions.enabledItems:
gmailbutton@mozdeveloper.com:0.1
FF - prefs.js..extensions.enabledItems:
smarterwiki@wikiatic.com:4.3.5
FF - prefs.js..extensions.enabledItems:
fastYoutubeDownloader@yevgenyandrov.net:1.2.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems:
linkfilter@kaspersky.ru:11.0.1.400
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems:
KavAntiBanner@Kaspersky.ru:11.0.1.400
FF - prefs.js..keyword.URL: "
http://search.seznam.cz/?sourceid=FFlisticka_1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox [2009.06.22 12:39:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2011.11.12 16:24:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2013.01.19 16:50:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 20:40:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.10 20:51:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{92ef1ad0-8b11-11db-b606-0800200c9a66}: C:\Program Files\FileFactory Turbo\Plugins\Firefox
[2010.07.31 21:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Extensions
[2009.06.23 14:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Extensions\MediaCoder
[2009.06.20 13:07:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Extensions\
postbox@postbox-inc.com
[2013.01.14 20:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions
[2010.08.03 19:26:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.14 19:46:51 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.01.14 20:25:45 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.07.31 21:58:56 | 000,000,000 | ---D | M] (Fast Youtube Downloader) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\
fastYoutubeDownloader@yevgenyandrov.net
[2010.07.31 21:59:14 | 000,000,000 | ---D | M] ("Gmail Button") -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\
gmailbutton@mozdeveloper.com
[2012.12.03 19:57:06 | 000,363,832 | ---- | M] () (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\
smarterwiki@wikiatic.com.xpi
[2012.12.09 11:43:36 | 000,109,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.01.15 20:57:34 | 000,038,752 | ---- | M] () (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\{b2509cd4-17cd-45ed-8146-a82af038f493}.xpi
[2012.08.31 17:11:03 | 000,199,396 | ---- | M] () (No name found) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2010.10.31 20:34:01 | 000,002,051 | ---- | M] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\searchplugins\firmycz.xml
[2010.10.31 20:34:01 | 000,002,046 | ---- | M] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\searchplugins\mapycz.xml
[2010.10.31 20:34:04 | 000,002,212 | ---- | M] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Mozilla\Firefox\Profiles\1x8kottw.default\searchplugins\zbocz.xml
[2012.02.17 20:41:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.06.12 21:13:24 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\
KavAntiBanner@Kaspersky.ru
[2011.03.26 22:30:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.03.26 22:30:44 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\IVONA.DOMA-QO9I0VR7RQ\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1X8KOTTW.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\IVONA.DOMA-QO9I0VR7RQ\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1X8KOTTW.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\IVONA.DOMA-QO9I0VR7RQ\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1X8KOTTW.DEFAULT\EXTENSIONS\{B2509CD4-17CD-45ED-8146-A82AF038F493}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\IVONA.DOMA-QO9I0VR7RQ\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1X8KOTTW.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\IVONA.DOMA-QO9I0VR7RQ\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\1X8KOTTW.DEFAULT\EXTENSIONS\
SMARTERWIKI@WIKIATIC.COM.XPI
[2012.02.17 20:40:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.17 20:40:05 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.02.17 20:40:05 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.17 20:40:05 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.17 20:40:05 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.17 20:40:05 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://www.seznam.cz/
CHR - Extension: Google Translate = C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.3.1\
O1 HOSTS File: ([2012.12.17 20:15:46 | 000,000,727 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll File not found
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Alive Text to Speech) - {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\Program Files\AliveMedia\Text to Speech\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL ()
O3 - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1993962763-606747145-725345543-1003\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-1993962763-606747145-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-1993962763-606747145-725345543-1003..\Run: [MagicSpeedBooster] C:\Program Files\Smart PC Solutions\Magic Speed\MagicSpeedBooster.exe (MSBoost)
O4 - HKU\S-1-5-21-1993962763-606747145-725345543-1003..\Run: [Sexmxe] C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Sexmxe.exe File not found
O4 - HKU\S-1-5-21-1993962763-606747145-725345543-1003..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKU\S-1-5-21-1993962763-606747145-725345543-1003..\Run: [WINSXS32] C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\2.exe (PowerBASIC, Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\SELPHY Photo Print Launcher.lnk = C:\Program Files\Canon\SELPHY Photo Print\CIC_SPPhelper.exe (Canon Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wi-Fi MediaConnect.lnk = C:\Program Files\Philips\Wi-Fi MediaConnect\Wi-Fi MediaConnect.exe (Koninklijke Philips Electronics N.V.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1993962763-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1993962763-606747145-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 5008663953 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5}
http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679}
http://drmlicense.one.microsoft.com/crl ... crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE0B4D3F-F867-4F9A-97D8-0037FA9CE3CC}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1634E7C-F26E-4E0E-9269-48492DE51CB4}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\klogon: DllName - (C:\WINDOWS\system32\klogon.dll) - File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.05.05 14:53:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.12.09 12:11:42 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012.12.09 12:11:44 | 000,000,000 | ---D | M] - G:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2009.04.06 16:50:20 | 000,000,000 | -HSD | M] - G:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2009.04.06 16:50:20 | 000,000,000 | -HSD | M] - G:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2012.12.09 12:11:44 | 000,000,000 | ---D | M] - H:\Autorun.inf -- [ FAT ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\Pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - PCLEPIM1.dll File not found
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.01.15 20:24:39 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Plocha\OTL.exe
[2013.01.15 20:14:58 | 000,318,976 | ---- | C] (PowerBASIC, Inc.) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\3.exe
[2013.01.14 20:21:39 | 000,318,976 | ---- | C] (PowerBASIC, Inc.) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\2.exe
[2013.01.14 16:32:51 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\*.tmp files -> C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.01.19 17:32:01 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-606747145-725345543-1003UA.job
[2013.01.19 17:22:01 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7CB0F1A3-DCEE-4579-A3BA-497C7A6601B5}.job
[2013.01.19 17:21:15 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.19 16:50:52 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.19 16:50:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.15 20:26:47 | 000,000,424 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2013.01.15 20:25:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Plocha\OTL.exe
[2013.01.15 20:14:59 | 000,318,976 | ---- | M] (PowerBASIC, Inc.) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\3.exe
[2013.01.14 20:44:48 | 000,000,229 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.01.14 20:21:40 | 000,318,976 | ---- | M] (PowerBASIC, Inc.) -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\2.exe
[2013.01.14 16:32:51 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\*.tmp files -> C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.15 21:09:10 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.11 20:46:09 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.12.11 20:46:09 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.12.11 20:46:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.12.11 20:46:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.12.11 20:46:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.08.24 19:56:45 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011.10.15 19:16:24 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\I1kIfJMHH0fH
[2011.08.29 12:43:55 | 000,210,944 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\chrtmp
[2011.06.28 20:28:02 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.06.09 20:41:58 | 000,000,424 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2010.06.22 20:38:57 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\.33a11c88
[2010.06.16 19:17:40 | 000,000,448 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\com.remotehd.RemoteHelper.plist
[2009.12.25 20:47:31 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\$_hpcst$.hpc
[2009.12.20 21:22:30 | 000,000,010 | -HS- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\systemCurUses
[2009.12.20 21:22:25 | 000,000,006 | -HS- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\systemHdID
[2009.07.01 15:11:43 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\PUTTY.RND
[2009.07.01 12:28:04 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\winscp.rnd
[2007.04.05 15:26:50 | 000,000,064 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\default.pls
[2007.03.05 17:30:01 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.02.23 17:31:24 | 000,000,141 | ---- | C] () -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Local Settings\Data aplikací\fusioncache.dat
========== ZeroAccess Check ==========
[2007.02.23 17:10:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2006.05.06 13:33:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2006.05.08 13:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg7
[2006.05.05 15:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2011.04.12 20:33:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG10
[2012.08.16 12:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\boost_interprocess
[2009.09.15 19:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Boss Media
[2012.08.24 19:56:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\CanonCP
[2011.04.12 20:25:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2009.11.22 17:04:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
[2010.08.03 20:08:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\f-secure
[2010.05.07 20:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\fssg
[2009.07.19 18:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ICQ
[2009.11.13 14:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MemeoCommon
[2011.04.12 20:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2009.12.26 12:54:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
[2010.02.10 13:26:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PCSettings
[2010.05.01 20:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Rapidshare Search Tool
[2010.07.06 19:30:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\regid.1986-12.com.adobe
[2012.01.06 20:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
[2010.07.19 20:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
[2011.02.20 15:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\tmp
[2007.12.04 13:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\VCOM
[2010.05.10 21:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.09.12 19:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.06.05 12:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006.11.05 12:53:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\.ABC 3.01
[2006.11.07 17:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\AVG7
[2006.10.17 15:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\BSplayer Pro
[2006.10.17 16:10:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\InterTrust
[2006.10.17 13:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\Thunderbird
[2006.11.12 13:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\uTorrent
[2006.11.03 16:50:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona\Data aplikací\Vso
[2007.04.12 14:50:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Ashampoo
[2009.11.04 20:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Autograph
[2009.06.25 13:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Broad Intelligence
[2011.02.02 22:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\BSplayer Pro
[2012.11.28 16:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\calibre
[2012.08.25 14:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Canon
[2010.02.06 19:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\DAEMON Tools Lite
[2010.03.15 14:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Desktopicon
[2007.08.25 13:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Digital Dutch
[2011.04.12 20:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\DVDVideoSoft
[2010.07.27 19:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\F-Secure
[2008.02.02 14:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\FFSJ
[2007.04.25 11:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\FileFactory Turbo
[2010.03.04 21:56:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\GetRightToGo
[2009.08.23 18:46:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Happy Foto
[2011.09.20 16:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\ICQ
[2007.05.03 17:43:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\ICQ Toolbar
[2007.03.30 16:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\ICQLite
[2007.04.05 17:17:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Image Zone Express
[2010.02.17 21:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Irido
[2009.11.13 13:53:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Memeo
[2008.02.20 16:52:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\MenuShrink
[2010.05.09 19:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Moyea
[2007.06.24 14:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\OLYMPUS
[2009.10.18 11:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Participatory Culture Foundation
[2009.12.25 21:23:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\PC Suite
[2011.09.17 20:34:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\PhotoFiltre Studio X
[2009.10.04 15:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Postbox
[2007.04.05 17:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Printer Info Cache
[2010.06.26 21:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\RemoteHelper
[2009.01.04 14:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\River Past G5
[2009.12.25 20:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Samsung
[2010.07.19 20:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Smart PC Solutions
[2012.11.15 20:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Spyware Terminator
[2010.08.16 19:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\The Bat!
[2007.03.27 17:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Thunderbird
[2010.02.20 21:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Tific
[2010.04.25 20:46:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\uTorrent
[2007.12.04 13:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\VCOM
[2012.04.23 20:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\Vso
[2011.08.04 20:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivona.DOMA-QO9I0VR7RQ\Data aplikací\WebSurf.ru
[2006.05.05 15:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG7
[2006.09.14 17:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY\Data aplikací\AVG7
[2006.10.17 14:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService.NT AUTHORITY.000\Data aplikací\AVG7
========== Purity Check ==========
========== Custom Scans ==========
< >
[2007.02.21 16:32:39 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2007.02.21 16:34:29 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2007.03.01 16:38:35 | 000,000,342 | ---- | C] () -- C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1172763280.job
[2009.11.16 18:10:56 | 000,001,058 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-606747145-725345543-1003UA.job
[2010.07.07 19:41:11 | 000,000,342 | ---- | C] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-DOMA-QO9I0VR7RQ-Ivona.job
[2010.07.09 19:49:20 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7CB0F1A3-DCEE-4579-A3BA-497C7A6601B5}.job
[2011.10.10 20:48:08 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\31926ee518054421a61b\i386\sp2.cab:atapi.sys
[2003.04.16 13:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.10.26 13:56:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.10.26 13:56:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003.04.16 13:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0091\DriverFiles\i386\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0092\DriverFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\31926ee518054421a61b\i386\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\31926ee518054421a61b\i386\sp2.cab:cdrom.sys
[2003.04.16 13:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.10.26 13:56:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2008.10.26 13:56:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2009.12.22 19:39:20 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\31926ee518054421a61b\i386\sp2.cab:hal.dll
[2003.04.16 13:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.10.26 13:56:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2008.10.26 13:56:59 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.17 15:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=B4E29943B4B04BD5E7381546848E6669 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
[2009.09.30 19:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Office Genuine Advantage
[2009.01.04 14:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C47EC3A5-D5BD-40F0-80E0-F8BEFF9D776F}
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2005.02.10 23:04:33 | 002,040,218 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C47EC3A5-D5BD-40F0-80E0-F8BEFF9D776F}\setup_bmc.exe
[2005.02.10 23:03:29 | 001,757,184 | ---- | M] (Mystik Media) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C47EC3A5-D5BD-40F0-80E0-F8BEFF9D776F}\offline\IFYTMEALEMICVEBCEFARETIRFFFFFF0\BMC.exe
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
