VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu, děkuji

https://forum.viry.cz:443/viewtopic.php?t=118767

Stránka 1 z 1

Prosím o preventivní kontrolu, děkuji

Napsal: 15 led 2012 12:31
od Sidlo.N
Logfile of random's system information tool 1.09 (written by random/random)
Run by COMPAQ at 2012-01-15 12:30:32
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 104 GB (68%) free of 153 GB
Total RAM: 1015 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:30:36, on 15.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\wdm\STacSV.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\A1 Dashboard\Dashboard.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\COMPAQ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=100581
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={99 ... 2655BC8BBB}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s= ... Terms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O3 - Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [A1_Dashboard] "C:\Program Files\A1 Dashboard\Dashboard.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S256.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8784357250
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\wdm\STacSV.exe

--
End of file - 9034 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.searchqu.com/web?src=ffb&app ... 06&sr=0&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]
"Description"=Canon MycameraPlugin
"Path"=C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732]
"Description"=6.0.12.732
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
SearchResults.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\extensions\
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\
amazonat.xml
askcom.xml
conduit.xml
SearchResults.xml
SweetIM Search.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-25 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
!{30F9B915-B755-4826-820B-08FBA6BD249D}
!{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-09-05 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-09-05 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-09-05 137752]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-02-18 737280]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-02-18 506424]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2011-10-24 2078048]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2009-04-27 50472]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"NBAgent"=C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-14 1086760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-07-11 136176]
"A1_Dashboard"=C:\Program Files\A1 Dashboard\Dashboard.exe [2009-12-04 8078704]
"EPSON Stylus DX4400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop]
C:\Program Files\4shared Desktop\desktop.exe startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Update]
C:\Program Files\4shared Desktop\checkUpdate.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4Sync]
C:\Program Files\4Sync\4Sync.exe -startup []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-19 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\COMPAQ\Dokumenty\Downloads\SweetImSetup.exe"="C:\Documents and Settings\COMPAQ\Dokumenty\Downloads\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SweetImSetup.exe"="C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-01-12 21:23:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-11 22:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 22:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 21:58:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 21:58:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 21:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2011-12-27 21:10:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-12-27 19:41:21 ----D---- C:\Program Files\CCleaner
2011-12-26 11:39:42 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-12-26 11:38:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\HappyFoto-Designer
2011-12-26 11:38:39 ----D---- C:\Program Files\HappyFoto-Designer
2011-12-17 15:51:41 ----D---- C:\Program Files\Common Files\Nero

======List of files/folders modified in the last 1 month======

2012-01-15 12:30:35 ----D---- C:\Program Files\trend micro
2012-01-15 12:22:09 ----D---- C:\Documents and Settings\COMPAQ\Data aplikací\Skype
2012-01-15 09:57:27 ----D---- C:\WINDOWS\Temp
2012-01-15 09:56:56 ----D---- C:\WINDOWS\system32\drivers\Avg
2012-01-15 09:51:23 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-14 21:39:33 ----A---- C:\Documents and Settings\All Users\Data aplikací\HPWALog.txt
2012-01-14 21:39:25 ----D---- C:\WINDOWS\Prefetch
2012-01-14 15:43:09 ----D---- C:\WINDOWS
2012-01-14 15:41:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-14 09:30:24 ----RD---- C:\Program Files
2012-01-13 21:10:42 ----D---- C:\rsit
2012-01-13 17:23:08 ----D---- C:\WINDOWS\Debug
2012-01-13 11:19:52 ----D---- C:\WINDOWS\system32
2012-01-12 21:24:06 ----HD---- C:\WINDOWS\inf
2012-01-12 21:24:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-12 21:23:43 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-12 16:28:22 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-11 22:03:19 ----SHD---- C:\WINDOWS\Installer
2012-01-11 22:03:19 ----SHD---- C:\Config.Msi
2012-01-11 21:59:10 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 17:29:26 ----D---- C:\WINDOWS\system32\CatRoot
2012-01-08 08:53:30 ----D---- C:\Program Files\Mozilla Firefox
2012-01-03 07:44:14 ----RSD---- C:\WINDOWS\assembly
2012-01-03 07:43:59 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-01 16:06:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-01 16:06:15 ----D---- C:\WINDOWS\WinSxS
2011-12-31 18:39:49 ----D---- C:\Documents and Settings\COMPAQ\Data aplikací\ZoomBrowser EX
2011-12-31 18:39:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\ZoomBrowser
2011-12-26 11:39:47 ----D---- C:\WINDOWS\system32\DirectX
2011-12-26 00:44:00 ----D---- C:\Documents and Settings\COMPAQ\Data aplikací\dvdcss
2011-12-25 19:25:58 ----RD---- C:\Program Files\Skype
2011-12-25 19:21:55 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-12-22 07:25:49 ----D---- C:\WINDOWS\Logs
2011-12-17 15:51:41 ----D---- C:\Program Files\Nero
2011-12-17 15:51:41 ----D---- C:\Program Files\Common Files
2011-12-17 15:03:59 ----D---- C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iastor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-11 717296]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-19 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-09-12 29712]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-05-05 243152]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 AESTAud;AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-02-18 113536]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-10-29 1204128]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2010-07-10 1735040]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-24 5776928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2009-03-30 1550891]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-11-21 269312]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-09-10 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-07-24 100736]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-19 308136]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2009-09-08 96334]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2010-03-14 87336]
R2 STacSV;Audio Service; c:\program files\idt\wdm\STacSV.exe [2009-03-30 254042]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 16 led 2012 07:00
od Mc_Murphy
Zdravím. :162:

Dej mi minutku, hnedle se na to mrknu. :97:

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 16 led 2012 07:08
od Mc_Murphy
:arrow: Fixni v HJT níže uvedené položky.
  • Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
  • Položky, které v seznamu nenajdeš, prostě přeskoč.
  • HJT najdeš zde: C:\Program Files\trend micro\COMPAQ.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=100581
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={99 ... 2655BC8BBB}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s= ... Terms}&f=4
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O3 - Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html


:arrow: Potom stáhni OTL z tohoto odkazu a ulož jej na Plochu.
  • Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
  • Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
  • Zaškrtni okénko Pro všechny uživatele.
  • Zaškrtni okénko Kontrola na havěť "LOP".
  • Zaškrtni okénko Kontrola na havěť "Purity".
  • Stáři souborů změň z 30 dnů na 7 dnů!!
  • Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
  • Klikni na tlačítko [Prohledat].
  • Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
  • Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 18 led 2012 17:31
od Sidlo.N
Taky zdravím :)
Log OTL.Txt
OTL logfile created on: 18.1.2012 17:15:18 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\COMPAQ\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,23 Mb Total Physical Memory | 269,54 Mb Available Physical Memory | 26,55% Memory free
2,38 Gb Paging File | 1,63 Gb Available in Paging File | 68,44% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 102,71 Gb Free Space | 68,91% Space Free | Partition Type: NTFS

Computer Name: OEM-754A07F847C | User Name: COMPAQ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.01.18 17:08:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COMPAQ\Plocha\OTL.exe
PRC - [2012.01.08 08:53:15 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.10.24 16:19:49 | 002,078,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011.10.22 14:53:50 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\1.3.21.79\GoogleCrashHandler.exe
PRC - [2010.11.25 09:25:30 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.10.17 15:00:49 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.07.21 12:14:29 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010.07.19 19:17:12 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.07.19 19:17:08 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.07.19 19:16:29 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009.12.04 11:36:33 | 008,078,704 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Program Files\A1 Dashboard\Dashboard.exe
PRC - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2009.03.30 11:47:00 | 000,254,042 | ---- | M] (IDT, Inc.) -- c:\Program Files\IDT\WDM\stacsv.exe
PRC - [2009.02.18 12:41:56 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2008.08.26 13:02:24 | 000,014,336 | ---- | M] (Agere Systems) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012.01.08 08:53:14 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.11.30 21:03:08 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.10.13 17:22:37 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll
MOD - [2011.10.13 17:21:26 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.13 12:45:39 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.13 12:45:24 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.13 12:45:01 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.13 12:42:41 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.13 12:42:31 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2009.07.30 08:54:55 | 000,540,672 | ---- | M] () -- C:\Program Files\A1 Dashboard\resetregistry.dll
MOD - [2008.10.11 21:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010.07.21 12:14:29 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.07.19 19:17:08 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009.09.08 17:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2009.03.30 11:47:00 | 000,254,042 | ---- | M] (IDT, Inc.) [Auto | Running] -- c:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2008.08.26 13:02:24 | 000,014,336 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - [2011.09.12 18:10:28 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011.05.05 16:34:00 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.07.19 19:16:27 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.07.11 16:36:23 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.07.10 17:33:18 | 001,735,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009.09.10 13:55:52 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.24 17:33:24 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.03.30 11:47:00 | 001,550,891 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2009.02.18 12:41:56 | 000,113,536 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008.10.29 14:43:44 | 001,204,128 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.11.21 16:27:00 | 000,269,312 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005.09.19 09:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 09:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.09.19 09:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/home.php?ref=hp [binary data]
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "iLivid Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.searchqu.com/web?src=ffb&app ... 06&sr=0&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.08 08:53:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.11.10 20:10:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Extensions
[2012.01.16 07:22:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\extensions
[2011.05.02 18:50:52 | 000,002,868 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\amazonat.xml
[2010.09.28 21:39:14 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\askcom.xml
[2011.11.03 13:35:54 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\conduit.xml
[2011.11.04 14:32:34 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\SearchResults.xml
[2011.10.30 10:03:54 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\SweetIM Search.xml
[2011.10.30 10:03:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\sweetim.xml
[2011.12.25 19:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\SFX05Q00.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.COM.XPI
[2010.07.10 19:01:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.01.08 08:53:15 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.19 21:12:30 | 000,002,311 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.11.19 21:35:37 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.10.13 05:39:23 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.13 05:39:23 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.11.04 14:32:34 | 000,002,507 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.13 05:39:23 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.13 05:39:23 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.13 05:39:23 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTer ... 6076041902
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: Gmail = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006.03.02 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-602162358-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-602162358-1801674531-1004\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-73586283-602162358-1801674531-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-73586283-602162358-1801674531-1004..\Run: [A1_Dashboard] C:\Program Files\A1 Dashboard\Dashboard.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
O4 - HKU\S-1-5-21-73586283-602162358-1801674531-1004..\Run: [EPSON Stylus DX4400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8784357250 (MUWebControl Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0A992A7-071B-44EA-B9BF-5759998F0362}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Mýdlové bubliny.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Mýdlové bubliny.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.10 16:38:51 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{b27a1b85-932d-11df-a2fa-002655bc8bbb}\Shell - "" = AutoRun
O33 - MountPoints2\{b27a1b85-932d-11df-a2fa-002655bc8bbb}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.01.18 17:08:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\COMPAQ\Plocha\OTL.exe
[2012.01.16 07:17:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\COMPAQ\Recent
[2012.01.14 01:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\COMPAQ\Plocha\Hudba Jirka
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.01.18 17:17:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.01.18 17:08:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COMPAQ\Plocha\OTL.exe
[2012.01.18 16:58:16 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004UA.job
[2012.01.18 16:55:16 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.18 16:55:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.18 16:10:20 | 091,852,927 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2012.01.18 16:03:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.18 16:03:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.18 16:03:54 | 1064,620,032 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.15 20:14:10 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2012.01.15 15:58:07 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004Core.job
[2012.01.15 09:51:23 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.01.15 09:51:22 | 000,161,280 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.15 09:49:53 | 000,001,032 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.nast
[2012.01.15 09:49:34 | 000,138,176 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.err
[2012.01.14 02:33:27 | 061,822,340 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Disco Ibiza Progressive Vocal House 2011 (DJ Balouli Mini Promo).wma
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.18 17:17:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.01.15 20:14:10 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2012.01.15 20:14:07 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader 9.lnk
[2012.01.14 01:28:32 | 061,822,340 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Plocha\Disco Ibiza Progressive Vocal House 2011 (DJ Balouli Mini Promo).wma
[2011.11.21 21:04:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Data aplikací\.NANotifyHere
[2011.10.31 11:41:52 | 000,138,176 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.err
[2011.10.31 10:30:13 | 000,001,224 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader(1).nast
[2011.10.30 14:28:34 | 000,001,032 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.nast
[2011.04.10 15:40:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.04.06 15:43:05 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011.04.03 16:05:13 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2011.04.03 16:05:13 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2011.04.03 16:05:13 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2011.04.03 16:05:13 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2011.04.03 16:05:13 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2011.04.03 16:05:13 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2011.04.03 16:05:13 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2011.04.03 16:05:13 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2011.04.03 16:05:13 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2011.04.03 16:05:13 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2011.04.03 16:05:13 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2011.04.03 16:05:13 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2011.04.03 16:05:13 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2011.04.03 16:05:13 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2011.04.03 16:05:13 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2011.04.03 16:05:13 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2011.04.03 16:05:13 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2011.04.03 16:05:13 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2011.04.03 16:05:13 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2011.04.03 16:03:52 | 000,000,027 | ---- | C] () -- C:\WINDOWS\CDE DX4400DEFGIPS.ini
[2010.12.24 19:18:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.05 22:06:02 | 000,579,472 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.12.05 19:12:51 | 002,359,350 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Data aplikací\ZBWallpaper.bmp
[2010.07.12 06:02:31 | 000,001,704 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Data aplikací\wklnhst.dat
[2010.07.11 20:07:34 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010.07.11 16:57:50 | 000,161,280 | ---- | C] () -- C:\Documents and Settings\COMPAQ\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.11 16:00:34 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.07.11 15:59:20 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.07.11 15:45:16 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.07.10 19:41:23 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2010.07.10 19:25:39 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.07.10 19:25:39 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.07.10 19:25:37 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.07.10 19:25:37 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.07.10 19:25:36 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.07.10 18:29:55 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.07.10 18:25:21 | 001,174,000 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2010.07.10 18:25:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2010.07.10 18:25:21 | 000,104,636 | ---- | C] () -- C:\WINDOWS\System32\igmedcompkrn.dll
[2010.07.10 18:23:28 | 000,186,608 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.10 16:40:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.07.10 16:36:42 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.03.02 12:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.03.02 12:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 12:00:00 | 000,433,138 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 12:00:00 | 000,429,710 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 12:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 12:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 12:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 12:00:00 | 000,078,698 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 12:00:00 | 000,068,094 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 12:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 12:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 12:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 12:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 12:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.03.02 12:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.03.02 12:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 18 led 2012 17:32
od Sidlo.N
========== LOP Check ==========

[2010.07.10 19:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2011.11.04 18:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2011.03.14 18:00:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.04.03 16:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2011.12.26 11:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HappyFoto-Designer
[2010.07.11 16:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.07.10 19:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2010.07.19 13:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\mquadr.at
[2010.12.05 18:17:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PhotoStitch
[2011.10.30 12:42:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RapidSolution
[2010.07.10 19:42:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2011.04.03 16:12:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2010.07.19 13:28:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{092C512F-9ECA-47B0-BF89-F0FF91DB1676}
[2011.11.06 08:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\bsbandmltbpi
[2011.04.09 18:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\CheeseSoft
[2011.04.12 15:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\com.likno.air.PhotoFrameShow.BA293090D193671BA859C8E310874AAD5CDD8BAD.1
[2011.12.17 15:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoft
[2011.11.04 19:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoftIEHelpers
[2011.05.13 10:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\EPSON
[2011.11.20 09:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\GHISLER
[2011.04.03 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\NAVIGON
[2011.04.10 14:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Reviversoft
[2011.10.30 10:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\searchquband
[2011.09.09 13:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Template
[2011.08.05 09:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\XnView

========== Purity Check ==========



========== Custom Scans ==========


< netsvc >


< MD5 for: ATAPI.SYS >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.07.10 18:14:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.07.10 18:14:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2010.07.10 18:14:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2010.07.10 18:14:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 12:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2010.07.10 18:14:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.07.10 18:14:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 12:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 12:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 12:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.04.12 15:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Adobe
[2010.07.10 19:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Ahead
[2011.11.06 08:41:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\bsbandmltbpi
[2010.12.05 18:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\CANON INC
[2011.04.09 18:57:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\CheeseSoft
[2011.04.12 15:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\com.likno.air.PhotoFrameShow.BA293090D193671BA859C8E310874AAD5CDD8BAD.1
[2010.07.10 19:45:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\CyberLink
[2011.12.26 00:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\dvdcss
[2011.12.17 15:03:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoft
[2011.11.04 19:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\DVDVideoSoftIEHelpers
[2011.05.13 10:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\EPSON
[2011.04.06 10:03:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\FastStone
[2011.11.20 09:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\GHISLER
[2011.01.20 18:23:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Google
[2011.04.10 10:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\hpqLog
[2010.07.10 16:43:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Identities
[2010.07.10 17:33:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\InstallShield
[2010.07.11 15:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Macromedia
[2011.11.21 22:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Media Player Classic
[2011.11.16 07:30:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Microsoft
[2011.04.10 15:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla
[2011.04.03 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\NAVIGON
[2011.11.21 21:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Nero
[2010.07.19 19:45:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Real
[2011.04.10 14:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Reviversoft
[2010.07.10 17:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Roxio Log Files
[2011.10.30 10:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\searchquband
[2012.01.17 08:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Skype
[2011.06.17 08:15:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\skypePM
[2011.09.09 13:30:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\Template
[2011.11.16 07:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\vlc
[2010.07.11 16:07:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\WinRAR
[2011.08.05 09:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\XnView
[2011.12.31 18:39:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\COMPAQ\Data aplikací\ZoomBrowser EX

< %APPDATA%\*.exe /s >
[2011.04.12 15:12:23 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\COMPAQ\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.01.18 16:55:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.01.18 16:55:16 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.01.15 15:58:07 | 000,000,978 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004Core.job
[2012.01.18 16:58:16 | 000,001,030 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.07.11 16:36:23 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2010.07.10 18:22:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.07.10 18:22:48 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.07.10 18:22:48 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.01.18 16:03:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< %userprofile%\Plocha\*.* >
[2010.11.18 19:10:47 | 000,173,261 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\AS sesit 2005-published.pdf
[2011.06.26 16:49:05 | 000,055,003 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\bankovni-platba.pdf
[2011.06.13 14:01:56 | 008,373,034 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\CIMG0335.JPG
[2010.12.11 16:24:51 | 001,697,792 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Cukrovi 31.10.2008.doc
[2011.07.31 19:06:18 | 000,527,248 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Darkovy_Poukaz_-_887252773941.pdf
[2012.01.14 02:33:27 | 061,822,340 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Disco Ibiza Progressive Vocal House 2011 (DJ Balouli Mini Promo).wma
[2011.05.04 22:01:27 | 000,023,040 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\DOHODA O UKONČENÍ PODNÁJMU.doc
[2004.11.24 14:23:52 | 000,734,720 | ---- | M] (DVD Shrink, překlad: gvg@atlas.cz, unpack: [tIME 4 CRIME] a khhhh-tHx) -- C:\Documents and Settings\COMPAQ\Plocha\DVD Shrink 3.2.exe
[2009.04.30 22:06:20 | 000,528,188 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\FERIENHAUS „FERUCO.pdf
[2011.07.21 11:28:53 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Heslo k vymáhání.doc
[2010.07.19 19:24:25 | 000,000,803 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Internet Explorer.lnk
[2011.07.30 11:26:58 | 015,353,807 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\kmp.exe
[2011.08.08 08:52:31 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\KMPlayer.lnk
[2011.03.23 20:13:15 | 000,013,534 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\neueAZ201112.pdf
[2011.10.02 08:26:56 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Obchodní podmínky česky.wps
[2012.01.18 17:08:05 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\COMPAQ\Plocha\OTL.exe
[2011.12.31 20:48:42 | 002,208,393 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Pavouci.jpg
[2011.03.08 07:20:18 | 000,117,122 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\plnění totální škoda.pdf
[2011.08.10 06:23:58 | 000,039,460 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\POV potvrzení.pdf
[2010.12.03 16:09:17 | 000,117,122 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Priloha.pdf
[2011.12.31 18:43:34 | 002,202,198 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Silvestr 2011.jpg
[2011.06.09 06:34:28 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Splátkový kalendář.xls
[2011.12.17 16:44:53 | 000,904,192 | ---- | M] (Share-rapid.com) -- C:\Documents and Settings\COMPAQ\Plocha\SRDownloader.exe
[2011.12.25 13:14:47 | 000,190,464 | -HS- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Thumbs.db
[2011.06.07 17:14:10 | 000,089,230 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\urokovy_sazebnik_od_MSD.pdf
[2011.06.08 07:29:40 | 000,131,982 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\vypoved_smlouvy Home Credit.pdf
[2011.06.30 17:55:53 | 000,148,426 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Výpis z Katastru a rodné číslo taťky.pdf
[2011.08.05 07:51:51 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\XnView.lnk
[2011.12.18 21:52:52 | 000,359,096 | ---- | M] (CISRA) -- C:\Documents and Settings\COMPAQ\Plocha\ZBScreenSaver.scr
[2011.12.31 20:48:47 | 000,123,063 | -H-- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\ZbThumbnail.info
[2011.11.02 12:50:31 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Plocha\Čoko masáž.wps

< %userprofile%\Desktop\*.* >

< %ALLUSERSPROFILE%\Plocha\*.* >
[2010.07.19 13:28:38 | 000,000,763 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\A1 Dashboard.lnk
[2012.01.15 20:14:10 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2011.04.06 10:02:01 | 000,000,442 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\FastStone Image Viewer.lnk
[2011.11.19 11:58:53 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2011.12.26 11:39:37 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\HappyFoto-Designer 4.4.lnk
[2011.04.10 15:40:01 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2011.12.30 21:43:28 | 000,002,913 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Nero BackItUp.lnk
[2011.06.20 08:30:36 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Photo Transport.lnk
[2011.11.02 16:52:50 | 000,000,705 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Share Rapid Uploader.lnk
[2011.12.27 17:18:02 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.10.31 11:13:59 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk

< %ALLUSERSPROFILE%\Desktop\*.* >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2010.01.21 14:05:00 | 000,000,232 | R--- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.12.05 17:59:16 | 000,001,030 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube - Deinstallieren.lnk
[2010.12.05 17:59:16 | 000,001,168 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube - INFO.lnk
[2010.12.05 17:59:16 | 000,001,128 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube.lnk
[2011.11.02 16:52:50 | 000,000,053 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Share Rapid Uploader\Aplikace Share Rapid Uploader na internetu.url
[2011.11.02 16:52:50 | 000,000,702 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Share Rapid Uploader\Odinstalovat aplikaci Share Rapid Uploader.lnk
[2011.11.02 16:52:50 | 000,000,717 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Share Rapid Uploader\Share Rapid Uploader.lnk
[2011.11.02 16:52:50 | 000,000,705 | ---- | M] () -- \Documents and Settings\All Users\Plocha\Share Rapid Uploader.lnk
[2011.09.27 13:02:04 | 000,010,144 | ---- | M] () -- \Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm
[2011.11.07 11:59:32 | 000,010,144 | ---- | M] () -- \Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\conduitCommon\modules\3.8.0.8\ExternalLibraryLoader.jsm
[2011.12.06 05:02:36 | 000,010,144 | ---- | M] () -- \Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\conduitCommon\modules\3.8.1.0\ExternalLibraryLoader.jsm
[2012.01.08 16:11:38 | 000,010,144 | ---- | M] () -- \Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\conduitCommon\modules\3.9.0.3\ExternalLibraryLoader.jsm
[2011.12.17 16:44:19 | 000,904,192 | ---- | M] () -- \Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SRDownloader.exe
[2011.10.31 10:45:11 | 000,001,224 | ---- | M] () -- \Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader(1).nast
[2012.01.15 09:49:34 | 000,138,176 | ---- | M] () -- \Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.err
[2011.11.02 14:35:29 | 000,000,040 | ---- | M] () -- \Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.log
[2012.01.15 09:49:53 | 000,001,032 | ---- | M] () -- \Documents and Settings\COMPAQ\Local Settings\Data aplikací\SRDownloader.nast
[2011.12.17 16:44:53 | 000,904,192 | ---- | M] () -- \Documents and Settings\COMPAQ\Plocha\SRDownloader.exe
[2009.10.22 20:55:00 | 000,015,659 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\MovieUploaderForYouTube.chm
[2009.11.06 11:37:24 | 000,893,440 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\MovieUploaderForYouTube.exe
[2009.11.04 15:44:04 | 000,015,695 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\ReadMe(MovieUploaderForYouTube).rtf
[2009.11.10 11:55:32 | 000,011,264 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\de\MovieUploaderForYouTube.resources.dll
[2007.06.01 09:20:26 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2001.01.16 05:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 03:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2009.09.30 17:06:10 | 000,010,789 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2009.09.30 17:06:18 | 000,003,500 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2009.09.30 17:06:18 | 000,013,383 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2004.04.21 16:09:00 | 000,069,632 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader.dll
[2006.02.28 18:02:04 | 000,102,400 | ---- | M] () -- \Program Files\epson\Creativity Suite\Easy Photo Print\EpAPFLoader2006.dll
[2011.12.19 17:47:18 | 000,001,676 | ---- | M] () -- \Program Files\HappyFoto-Designer\Loader.elf
[2011.12.19 17:47:08 | 000,602,816 | ---- | M] () -- \Program Files\HappyFoto-Designer\Loader.exe
[2009.11.11 16:05:02 | 000,001,567 | ---- | M] () -- \Program Files\NAVIGON\NAVIGON Fresh\res\xml\UploaderSettings.xml
[2008.08.12 14:31:48 | 000,143,360 | ---- | M] () -- \Program Files\Share Rapid Uploader\sr_uploader.exe
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2008.06.20 18:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 12:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *TemDono* /s >

< *AutoKMS* /s >

< *KMSEmulator* /s >

< *activator* /s >

< *serial* /s >
[2011.12.26 11:40:33 | 000,032,768 | ---- | M] () -- \Documents and Settings\COMPAQ\Local Settings\Data aplikací\HappyFoto-Designer\{C4FD8023-DF2E-48BC-9FA3-A3C08F178B39}\mdbu\Locations!IX_VolumeSerialNumber_Location.ind
[2011.12.26 11:40:34 | 000,008,192 | ---- | M] () -- \Documents and Settings\COMPAQ\Local Settings\Data aplikací\HappyFoto-Designer\{C4FD8023-DF2E-48BC-9FA3-A3C08F178B39}\mdbu\Media!IX_VolumeSerialNumber.ind
[2010.12.03 22:45:10 | 000,000,452 | ---- | M] () -- \Documents and Settings\COMPAQ\Oblíbené položky\Svět hardware - Funkčnost, rozhraní a technologie pevných disků - Serial ATA (SATA).url
[2010.03.14 21:34:10 | 000,595,240 | ---- | M] () -- \Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\SetSerial.exe
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.03.02 12:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2012.01.01 16:06:04 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.07.10 19:06:36 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2011.10.13 17:22:36 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\81096bfe85eb0da5f05e8a127ffa43b2\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2011.10.13 17:20:46 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\afd6134c090faf8c29cd64d4835142b2\System.Runtime.Serialization.ni.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.03.02 12:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 12:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2006.03.02 12:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 12:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< *AutoRearm* /s >

< HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HotKeysCmds" = C:\WINDOWS\system32\hkcmd.exe -- [2007.09.05 16:13:26 | 000,166,424 | ---- | M] (Intel Corporation)
"AESTFltr" = %SystemRoot%\system32\AESTFltr.exe /NoDlg -- [2009.02.18 12:41:56 | 000,737,280 | ---- | M] (Andrea Electronics Corporation)
"WirelessAssistant" = C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe -- [2009.02.18 08:20:38 | 000,506,424 | ---- | M] (Hewlett-Packard)
"AVG9_TRAY" = C:\PROGRA~1\AVG\AVG9\avgtray.exe -- [2011.10.24 16:19:49 | 002,078,048 | ---- | M] (AVG Technologies CZ, s.r.o.)
"PDVD9LanguageShortcut" = "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe" -- [2009.04.27 16:50:24 | 000,050,472 | ---- | M] (CyberLink Corp.)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
"" =
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"" =
"Installed" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"" =
"Installed" = 1
"NoChange" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"" =
"Installed" = 1

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"A1_Dashboard" = "C:\Program Files\A1 Dashboard\Dashboard.exe" -- [2009.12.04 11:36:33 | 008,078,704 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
"EPSON Stylus DX4400 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\WINDOWS\TEMP\E_S256.tmp" /EF "HKCU" -- [2007.03.01 07:01:00 | 000,180,736 | ---- | M] (SEIKO EPSON CORPORATION)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 09:27:14 | 017,351,304 | R--- | M] (Skype Technologies S.A.)

< HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.01.18 17:17:28 | 000,000,512 | ---- | M] () MD5=2136AE9088B2BA739EE29906D6C83799 -- C:\PhysicalMBR.bin

========== Files - Unicode (All) ==========
[2011.11.21 17:17:56 | 000,000,000 | ---D | M](C:\Documents and Settings\COMPAQ\Data aplikací\???????sAppData) -- C:\Documents and Settings\COMPAQ\Data aplikací\敎潲䍄敔灭慬整sAppData
[2011.11.21 17:17:56 | 000,000,000 | ---D | M](C:\Documents and Settings\COMPAQ\Data aplikací\???????sAppData) -- C:\Documents and Settings\COMPAQ\Data aplikací\敎潲䍄敔灭慬整sAppData
(C:\Documents and Settings\COMPAQ\Data aplikací\???????sAppData) -- C:\Documents and Settings\COMPAQ\Data aplikací\敎潲䍄敔灭慬整sAppData

< End of report >

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 18 led 2012 17:34
od Sidlo.N
log Extras.txt

OTL Extras logfile created on: 18.1.2012 17:15:18 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\COMPAQ\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1015,23 Mb Total Physical Memory | 269,54 Mb Available Physical Memory | 26,55% Memory free
2,38 Gb Paging File | 1,63 Gb Available in Paging File | 68,44% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 102,71 Gb Free Space | 68,91% Space Free | Partition Type: NTFS

Computer Name: OEM-754A07F847C | User Name: COMPAQ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with FastStone] -- "G:\FastStone Image Viewer\FSViewer.exe" "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\COMPAQ\Dokumenty\Downloads\SweetImSetup.exe" = C:\Documents and Settings\COMPAQ\Dokumenty\Downloads\SweetImSetup.exe:*:Enabled:SweetIM Installer
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SweetImSetup.exe" = C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SweetImSetup.exe:*:Enabled:SweetIM Installer
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe" = C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}" = Camera RAW Plug-In for EPSON Creativity Suite
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91130405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Basic Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}" = EPSON Easy Photo Print
"{BC61F51E-8AF7-46B9-AF20-B33B5EE81029}" = Nero 7 Essentials
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DC28A406-462D-4A08-A125-3EAF8A64DE4E}" = HP Wireless Assistant
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"{FBB55C5E-2548-4511-A6F5-8CBCDE16484C}" = A1 Dashboard
"A1 Dashboard" = A1 Dashboard
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVG9Uninstall" = AVG Free 9.0
"Broadcom 802.11b Network Adapter" = Bezdrátový adaptér Broadcom 802.11 LAN
"CAL" = Canon Camera Access Library
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"CX4300_5500_DX4400 Handbuch" = CX4300_5500_DX4400 Handbuch
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"FastStone Image Viewer" = FastStone Image Viewer 4.4
"HappyFoto-Designer_is1" = HappyFoto-Designer 4.4
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.1.0
"Ledové drahokamy" = Ledové drahokamy
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyCamera" = Canon Utilities MyCamera
"NAVIGON Fresh" = NAVIGON Fresh 2.0.2
"NAVIGON Sync" = NAVIGON Sync 2.0.0
"PhotoStitch" = Canon Utilities PhotoStitch
"Share Rapid Uploader_is1" = Uploader 1.0
"The KMPlayer" = The KMPlayer (remove only)
"VLC media player" = VLC media player 1.1.7
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.97.8
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.12.2011 16:12:31 | Computer Name = OEM-754A07F847C | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.1.7.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.12.2011 16:26:05 | Computer Name = OEM-754A07F847C | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SRDownloader.exe, verze 2.1.4.9, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.12.2011 9:46:32 | Computer Name = OEM-754A07F847C | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.1.7.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.12.2011 9:46:33 | Computer Name = OEM-754A07F847C | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace vlc.exe, verze 1.1.7.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 1.1.2012 5:10:09 | Computer Name = OEM-754A07F847C | Source = ESENT | ID = 490
Description = svchost (1176) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 1.1.2012 5:10:09 | Computer Name = OEM-754A07F847C | Source = ESENT | ID = 439
Description = Catalog Database (1176) Pro soubor C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
nelze zapsat stínové záhlaví. Chyba -1032

Error - 1.1.2012 5:10:13 | Computer Name = OEM-754A07F847C | Source = ESENT | ID = 473
Description = Catalog Database (1176) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
byla částečně odpojena. Při aktualizaci záhlaví databáze došlo k chybě -1032.

Error - 11.1.2012 12:15:56 | Computer Name = OEM-754A07F847C | Source = ESENT | ID = 490
Description = svchost (1176) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 11.1.2012 12:16:06 | Computer Name = OEM-754A07F847C | Source = ESENT | ID = 490
Description = svchost (1176) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 11.1.2012 12:26:58 | Computer Name = OEM-754A07F847C | Source = ESENT | ID = 490
Description = svchost (1176) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

[ System Events ]
Error - 13.1.2012 20:58:31 | Computer Name = OEM-754A07F847C | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby avg9wd.

Error - 14.1.2012 4:34:07 | Computer Name = OEM-754A07F847C | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby avg9wd.

Error - 14.1.2012 5:57:08 | Computer Name = OEM-754A07F847C | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby avg9wd.

Error - 14.1.2012 8:20:25 | Computer Name = OEM-754A07F847C | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {A0A992A7-071B-44EA-B9BF-5759998F0362}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 14.1.2012 10:34:02 | Computer Name = OEM-754A07F847C | Source = PSched | ID = 14103
Description = Služba QoS [Adaptér {A0A992A7-071B-44EA-B9BF-5759998F0362}]: Ovladači
síťové karty se nezdařil dotaz na OID_GEN_LINK_SPEED.

Error - 14.1.2012 10:45:09 | Computer Name = OEM-754A07F847C | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{A0A992A7-071B-44EA-B9BF-5759998F0362},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 14.1.2012 16:08:13 | Computer Name = OEM-754A07F847C | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby avg9wd.

Error - 15.1.2012 11:09:15 | Computer Name = OEM-754A07F847C | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby avg9wd.

Error - 16.1.2012 1:41:05 | Computer Name = OEM-754A07F847C | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 0.0.0.0 pro síťovou kartu s adresou 0C6076041902
byla serverem DHCP 0.0.0.0 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 16.1.2012 13:00:12 | Computer Name = OEM-754A07F847C | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{A0A992A7-071B-44EA-B9BF-5759998F0362},
protože jiný počítač v síti má stejný název. Server nelze spustit.


< End of report >

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 19 led 2012 06:28
od Mc_Murphy
:arrow: Znovu spusť OTL.
  • Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
  • Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
  • Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[resethosts]
[purity]
[clearallrestorepoints]

:Services
gupdate
gupdatem
NBService
NMIndexingService

:OTL
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/home.php?ref=hp [binary data]
IE - HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "iLivid Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="
[2011.05.02 18:50:52 | 000,002,868 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\amazonat.xml
[2010.09.28 21:39:14 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\askcom.xml
[2011.11.03 13:35:54 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\conduit.xml
[2011.11.04 14:32:34 | 000,002,507 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\SearchResults.xml
[2011.10.30 10:03:54 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\SweetIM Search.xml
[2011.10.30 10:03:47 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\sweetim.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\SFX05Q00.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.COM.XPI
[2011.11.19 21:12:30 | 000,002,311 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.11.19 21:35:37 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.11.04 14:32:34 | 000,002,507 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=100581&babsrc=SP_def&mntrId=90de74430000000000000c6076041902
O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-602162358-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-73586283-602162358-1801674531-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

:Files
C:\Documents and Settings\COMPAQ\Data aplikací\searchquband
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004Core.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004UA.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
""=-
"Installed" = 1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
""=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
""=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\COMPAQ\Dokumenty\Downloads\SweetImSetup.exe"=-
"C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SweetImSetup.exe"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4Sync]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
  • Klikni na tlačítko [Opravit].
  • Po dokončení skenu se objeví log, ten mi sem vlož.
  • Pokud se log nevejde do jednoho příspěvku, rozděl jej na více částí.

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 19 led 2012 18:08
od Sidlo.N
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: COMPAQ
->Temp folder emptied: 26376 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 12657193 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 12,00 mb


[EMPTYFLASH]

User: All Users

User: COMPAQ
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore points cleared and new OTL Restore Point set!
========== SERVICES/DRIVERS ==========
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named NBService was found to stop!
Service\Driver key NBService not found.
Error: No service named NMIndexingService was found to stop!
Service\Driver key NMIndexingService not found.
========== OTL ==========
Error: No service named HidServ was found to stop!
Service\Driver key HidServ not found.
Error: No service named AppMgmt was found to stop!
Service\Driver key AppMgmt not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKU\S-1-5-21-73586283-602162358-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "DVDVideoSoftTB Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "iLivid Web Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "http://www.searchqu.com/406" removed from browser.startup.homepage
Prefs.js: "http://www.searchqu.com/web?src=ffb&app ... 06&sr=0&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\amazonat.xml moved successfully.
C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\SearchResults.xml moved successfully.
C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\SweetIM Search.xml moved successfully.
C:\Documents and Settings\COMPAQ\Data aplikací\Mozilla\Firefox\Profiles\sfx05q00.default\searchplugins\sweetim.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-73586283-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-73586283-602162358-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\WikiKomentáře Google...\ deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP178.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP222.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP37C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP39F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP485.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI1A.tmp deleted successfully.
========== FILES ==========
C:\Documents and Settings\COMPAQ\Data aplikací\searchquband folder moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-602162358-1801674531-1004UA.job moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL\\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL\\"Installed" | 1 /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\COMPAQ\Dokumenty\Downloads\SweetImSetup.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\COMPAQ\Dokumenty\Stažené soubory\SweetImSetup.exe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4Sync\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!

OTL by OldTimer - Version 3.2.31.0 log created on 01192012_214415

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
A přeji hezký den

Re: Prosím o preventivní kontrolu, děkuji

Napsal: 20 led 2012 08:12
od Mc_Murphy
OK, OTL provedlo, co mělo. Dočistíme...

:arrow: Spusť znovu OTL a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stáhni a spusť.
  • Klikni na Start a potvrď OK.
  • Program uklidí a může (nemusí) restartovat PC.
  • Po použití utilitu smaž.
:arrow: Pokud nemáš, stáhni CCleaner z tohoto odkazu.
  • Panel čistič
  • Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.
  • Panel registry
  • Klikni na Hledej problémy.
  • Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
  • Postup opakuj, dokud nebude bez problémů - většinou cca 3x.
  • Panel nástroje
  • Zde můžeš odinstalovat nepotřebné programy.
Obrázek CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše. :worship:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz