Logfile of random's system information tool 1.09 (written by random/random)
Run by HP at 2012-01-31 19:26:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 193 GB (81%) free of 238 GB
Total RAM: 1015 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:11, on 31.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ7.6\ICQ.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSHDLL32.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
c:\program files\teamviewer\version7\TeamViewer_Desktop.exe
C:\Documents and Settings\HP\Plocha\honza instal\RSIT.exe
C:\Program Files\trend micro\HP.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.6\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Badoo Desktop] C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2000539937
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0222711328024351) (0222711328024351mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\022271~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9529 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://badoo.com/startpage/?source=bsb&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"fe_9.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
McSiteAdvisor.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\
badoo.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\progra~1\mcafee\sitead~1\mcieplg.dll [2011-08-11 258120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-03 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-03 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\progra~1\mcafee\sitead~1\mcieplg.dll [2011-08-11 258120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-13 16871936]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2009-08-05 2349664]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-06-09 2363392]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-18 17095048]
"ICQ"=C:\Program Files\ICQ7.6\ICQ.exe [2011-10-10 127040]
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-01-10 1083264]
""= []
"Badoo Desktop"=C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.6.48.1082\Badoo.Desktop.exe []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-01-31 19:26:48 ----D---- C:\Program Files\trend micro
2012-01-31 19:26:47 ----D---- C:\rsit
2012-01-31 16:38:56 ----D---- C:\WINDOWS\LastGood
2012-01-26 05:23:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-22 15:15:51 ----D---- C:\Documents and Settings\HP\Data aplikací\Uschovna
2012-01-22 15:15:50 ----D---- C:\Program Files\Uschovna.cz
2012-01-21 08:34:31 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2012-01-21 08:34:22 ----D---- C:\Program Files\PC Connectivity Solution
2012-01-11 19:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 19:17:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 19:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 19:10:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 19:10:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
======List of files/folders modified in the last 1 month======
2012-01-31 19:26:51 ----D---- C:\WINDOWS\Prefetch
2012-01-31 19:26:48 ----RD---- C:\Program Files
2012-01-31 19:11:42 ----D---- C:\Documents and Settings\HP\Data aplikací\Skype
2012-01-31 19:01:31 ----D---- C:\WINDOWS\Temp
2012-01-31 17:48:53 ----D---- C:\WINDOWS\system32
2012-01-31 16:39:00 ----HD---- C:\WINDOWS\inf
2012-01-31 16:38:56 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-31 16:38:56 ----D---- C:\WINDOWS
2012-01-31 16:38:54 ----D---- C:\Program Files\McAfee
2012-01-31 14:43:18 ----D---- C:\Documents and Settings\HP\Data aplikací\ICQ
2012-01-31 05:38:12 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-01-31 05:33:24 ----SHD---- C:\WINDOWS\Installer
2012-01-30 18:22:00 ----SD---- C:\Documents and Settings\HP\Data aplikací\Microsoft
2012-01-26 05:23:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-26 05:02:49 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-22 15:55:05 ----D---- C:\Program Files\TeamViewer
2012-01-21 08:37:18 ----D---- C:\Program Files\Nokia
2012-01-21 08:37:18 ----D---- C:\Program Files\Common Files\Nokia
2012-01-21 08:34:32 ----D---- C:\WINDOWS\system32\drivers
2012-01-21 08:34:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-01-14 08:22:08 ----D---- C:\WINDOWS\Debug
2012-01-11 19:16:31 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-11 19:16:27 ----RSD---- C:\WINDOWS\assembly
2012-01-11 19:10:59 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 18:01:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-11 18:01:36 ----D---- C:\WINDOWS\WinSxS
2012-01-09 18:56:25 ----A---- C:\WINDOWS\NeroDigital.ini
2012-01-08 16:50:24 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2011-08-17 42672]
R0 FSFW;F-Secure Firewall Driver; C:\WINDOWS\System32\drivers\fsdfw.sys [2011-05-08 82120]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-11-29 163328]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-17 4756992]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 cerc6;cerc6; C:\WINDOWS\system32\drivers\cerc6.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-07-23 112640]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102528]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-07-23 100480]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2009-08-05 186976]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2011-08-10 94880]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2011-05-08 522848]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2011-05-23 61088]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S2 0222711328024351mcinstcleanup;McAfee Application Installer Cleanup (0222711328024351); C:\WINDOWS\TEMP\022271~1.EXE [2012-01-10 827456]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-04 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-04 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Zdravim a pekny den preji 
Odinstalujte ICQ Toolbar
Mate tam dva bezpecnostni SW - MSE a F-Secure, jeden musi pryc jinak bude dochazet ke kolizi, takze ktery dame do pryc 
Odinstalujte ICQ Toolbar Mate tam dva bezpecnostni SW - MSE a F-Secure, jeden musi pryc jinak bude dochazet ke kolizi, takze ktery dame do pryc "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Také zdravím,je to počítač kamaráda, nechal jsem tam F-secure už včera
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku MSE
Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
OTL
OTL logfile created on: 1.2.2012 18:47:58 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 304,94 Mb Available Physical Memory | 30,04% Memory free
2,90 Gb Paging File | 2,19 Gb Available in Paging File | 75,69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 188,86 Gb Free Space | 81,10% Space Free | Partition Type: NTFS
Computer Name: HP-9F7B7EB68AE4 | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.02.01 18:45:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.01.19 12:47:20 | 002,698,624 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe
PRC - [2012.01.19 12:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.01.19 12:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012.01.10 18:36:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.01.08 16:50:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 13:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.01.04 13:32:02 | 000,142,376 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2011.11.08 09:38:18 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
PRC - [2011.09.08 14:11:07 | 001,008,296 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
PRC - [2011.09.08 14:11:07 | 000,512,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
PRC - [2011.05.23 14:43:04 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
PRC - [2011.05.08 20:01:34 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe
PRC - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSMA32.EXE
PRC - [2009.08.05 16:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSM32.EXE
PRC - [2009.08.05 16:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSHDLL32.EXE
PRC - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.14 00:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.10 18:38:40 | 000,423,808 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.01.10 18:38:38 | 000,058,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.01.10 18:38:34 | 000,095,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2012.01.10 18:38:32 | 000,272,768 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.01.10 18:38:00 | 000,384,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtCore.dll
MOD - [2012.01.10 18:38:00 | 000,165,248 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2012.01.10 18:37:58 | 002,557,312 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.01.10 18:37:56 | 000,346,496 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.01.10 18:37:54 | 010,843,520 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.01.10 18:37:48 | 000,196,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.01.10 18:37:46 | 001,294,208 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.01.10 18:37:44 | 000,682,880 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.01.10 18:37:42 | 000,919,936 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.01.10 18:37:40 | 000,517,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.01.10 18:37:38 | 008,172,928 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.01.10 18:37:36 | 002,252,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.01.10 18:37:34 | 002,288,512 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.01.10 18:37:32 | 000,422,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.01.10 18:37:22 | 000,202,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.01.10 18:37:20 | 000,034,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.01.10 18:37:18 | 000,032,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.01.10 18:36:38 | 000,388,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2012.01.10 18:36:24 | 000,437,632 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.01.10 18:36:02 | 001,037,696 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2012.01.10 18:35:06 | 000,758,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.01.08 16:50:05 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.05 16:00:24 | 000,112,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2011.06.09 04:09:35 | 000,030,888 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\minifilter\hashlib_x86.dll
MOD - [2011.05.19 18:36:46 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009.08.05 16:58:30 | 000,330,336 | ---- | M] () -- \\?\c:\program files\f-secure\hips\fshook32.dll
MOD - [2009.08.05 16:58:30 | 000,236,128 | ---- | M] () -- \\?\c:\program files\f-secure\hips\fsumi.dll
MOD - [2009.08.05 16:57:04 | 000,081,920 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\strres.eng
MOD - [2009.08.05 16:56:56 | 000,920,160 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\gres.dll
MOD - [2009.08.05 16:56:50 | 000,143,360 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\flyerres.eng
MOD - [2009.08.05 16:56:50 | 000,045,056 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\fsavures.eng
MOD - [2009.08.05 16:56:32 | 000,838,240 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\about.dll
MOD - [2009.08.05 16:56:32 | 000,088,672 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\aboutres.dll
MOD - [2009.08.05 16:56:08 | 000,036,864 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\fsavhres.eng
MOD - [2008.04.14 00:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.08.14 12:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 12:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 12:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.23 14:43:04 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2011.05.08 20:01:34 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
========== Driver Services (SafeList) ==========
DRV - [2011.09.08 14:12:18 | 000,148,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2011.08.17 14:11:47 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2011.05.08 20:01:57 | 000,082,120 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.07.23 10:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 10:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 10:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.17 16:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007.11.29 17:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://badoo.com/startpage/?source=bsb&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.21 08:37:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.08 16:50:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.01.21 08:37:57 | 000,000,000 | ---D | M]
[2010.12.28 09:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Extensions
[2012.01.04 18:09:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions
[2012.01.04 18:09:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.30 19:16:09 | 000,002,023 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\badoo.xml
[2012.01.30 05:18:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-1.xml
[2011.11.10 17:59:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-10.xml
[2012.01.08 16:50:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-11.xml
[2012.01.31 04:56:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-12.xml
[2011.07.03 14:49:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-2.xml
[2011.08.15 14:35:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-3.xml
[2011.08.20 10:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-4.xml
[2011.08.23 13:39:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-5.xml
[2011.09.06 17:15:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-6.xml
[2011.09.14 04:27:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-7.xml
[2011.10.04 18:39:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-8.xml
[2011.11.09 07:49:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin.xml
[2012.01.08 16:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\F0N4V6DB.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2012.01.21 08:37:48 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION_9.0
[2012.01.08 16:50:05 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.20 10:27:19 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.20 10:27:19 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.17 13:45:22 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.08.20 10:27:19 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.20 10:27:19 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.20 10:27:19 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Documents and Settings\HP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
O1 HOSTS File: ([2008.04.14 00:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2000539937 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7971DEDF-5ACA-4C34-800E-0C70D49B6EC4}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\HP\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.27 15:49:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\Shell - "" = AutoRun
O33 - MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\Shell - "" = AutoRun
O33 - MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\Shell - "" = AutoRun
O33 - MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.02.01 18:38:39 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012.02.01 18:32:26 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012.02.01 18:30:07 | 000,756,776 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HP\Plocha\OneCareCleanUp.exe
[2012.01.31 19:43:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP\Recent
[2012.01.31 19:42:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.31 19:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.31 19:26:47 | 000,000,000 | ---D | C] -- C:\rsit
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.02.01 18:51:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.02.01 18:42:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.01 18:41:31 | 000,012,712 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.01 18:40:58 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.01 18:40:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.01 18:34:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.01 18:32:45 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2012.02.01 18:30:07 | 000,756,776 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HP\Plocha\OneCareCleanUp.exe
[2012.02.01 18:29:54 | 000,899,584 | ---- | M] () -- C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
[2012.01.31 19:42:30 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012.01.31 16:27:52 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\HP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.27 17:04:19 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\HP\.recently-used.xbel
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.01 18:51:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.01 18:29:51 | 000,899,584 | ---- | C] () -- C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
[2012.01.27 17:04:19 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\HP\.recently-used.xbel
[2011.10.29 13:56:17 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2011.09.22 19:12:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2011.08.15 14:59:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.05.10 19:06:47 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\HP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.08 19:56:31 | 000,042,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2011.05.01 10:46:38 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.04.30 06:54:00 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\HP\Data aplikací\default.pls
[2011.04.29 07:57:49 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.28 16:40:52 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.28 16:38:28 | 000,213,672 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.28 09:41:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.12.27 16:22:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.12.27 16:22:14 | 000,001,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2010.12.27 15:50:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.12.27 15:46:30 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 00:00:00 | 000,440,056 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 00:00:00 | 000,436,588 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 00:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 00:00:00 | 000,081,732 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 00:00:00 | 000,071,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 00:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 10:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 10:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2005.04.15 04:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.04.15 04:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2011.10.29 14:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.05.08 19:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\f-secure
[2011.05.08 19:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fssg
[2011.10.04 19:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.14 10:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2011.11.08 18:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2011.09.08 14:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2011.09.01 18:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.04.26 18:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2011.09.25 08:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2011.04.26 18:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 00:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 00:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 00:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 00:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 00:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 00:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 00:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 00:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 00:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 00:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 00:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 00:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 00:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\*.tmp -> ]
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.04.05 10:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Adobe
[2011.09.25 14:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Ahead
[2011.10.29 14:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Ashampoo
[2011.09.04 11:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\CyberLink
[2011.04.26 18:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\FLEXnet
[2011.09.20 17:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\gtk-2.0
[2010.12.27 16:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Identities
[2011.04.28 13:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Macromedia
[2012.01.30 18:22:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\HP\Data aplikací\Microsoft
[2011.05.08 19:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Motive
[2010.12.28 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla
[2011.04.30 06:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nero
[2012.01.21 08:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nokia
[2011.09.01 18:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nokia Ovi Suite
[2011.11.07 21:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\PC Suite
[2012.02.01 18:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Skype
[2011.04.05 10:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Sun
[2011.11.06 15:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\TeamViewer
[2012.01.22 15:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Uschovna
[2011.12.30 14:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Vso
[2011.08.14 17:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.02.01 18:40:58 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.02.01 18:34:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.12.28 16:36:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.12.28 16:36:57 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.12.28 16:36:57 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.02.01 18:42:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2012.02.01 18:41:31 | 000,012,712 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 00:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2008.06.09 09:16:32 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.04.18 16:30:48 | 017,095,048 | R--- | M] (Skype Technologies S.A.)
"NokiaSuite.exe" = C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray -- [2012.01.10 18:36:34 | 001,083,264 | ---- | M] (Nokia)
"" =
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.01.08 16:50:05 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.01.20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.) MD5=697D3B09D8883F72265DA274E0972042 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.02.01 18:51:59 | 000,000,512 | ---- | M] () MD5=13D74B26F2E497C6594BF56BE39416CE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.10.04 21:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2007.06.27 18:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2008.04.14 00:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[6 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 00:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Files - Unicode (All) ==========
[2011.10.29 13:58:08 | 000,000,000 | ---D | M](C:\Documents and Settings\HP\Data aplikací\???????sAppData) -- C:\Documents and Settings\HP\Data aplikací\敎潲䍄敔灭慬整sAppData
[2011.10.29 13:58:08 | 000,000,000 | ---D | M](C:\Documents and Settings\HP\Data aplikací\???????sAppData) -- C:\Documents and Settings\HP\Data aplikací\敎潲䍄敔灭慬整sAppData
(C:\Documents and Settings\HP\Data aplikací\???????sAppData) -- C:\Documents and Settings\HP\Data aplikací\敎潲䍄敔灭慬整sAppData
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
OTL logfile created on: 1.2.2012 18:47:58 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 304,94 Mb Available Physical Memory | 30,04% Memory free
2,90 Gb Paging File | 2,19 Gb Available in Paging File | 75,69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 188,86 Gb Free Space | 81,10% Space Free | Partition Type: NTFS
Computer Name: HP-9F7B7EB68AE4 | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.02.01 18:45:36 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP\Dokumenty\Stažené soubory\OTL.exe
PRC - [2012.01.19 12:47:20 | 002,698,624 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe
PRC - [2012.01.19 12:47:18 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.01.19 12:26:18 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe
PRC - [2012.01.10 18:36:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.01.08 16:50:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 13:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.01.04 13:32:02 | 000,142,376 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2011.11.08 09:38:18 | 000,488,104 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
PRC - [2011.09.08 14:11:07 | 001,008,296 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
PRC - [2011.09.08 14:11:07 | 000,512,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
PRC - [2011.05.23 14:43:04 | 000,061,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
PRC - [2011.05.08 20:01:34 | 000,522,848 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\FWES\program\fsdfwd.exe
PRC - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSMA32.EXE
PRC - [2009.08.05 16:58:50 | 000,199,264 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSM32.EXE
PRC - [2009.08.05 16:58:50 | 000,088,672 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Common\FSHDLL32.EXE
PRC - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
PRC - [2008.08.15 17:33:08 | 001,473,536 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TO2SSM\McciTrayApp.exe
PRC - [2008.04.14 00:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.01.10 18:38:40 | 000,423,808 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.01.10 18:38:38 | 000,058,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.01.10 18:38:34 | 000,095,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2012.01.10 18:38:32 | 000,272,768 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.01.10 18:38:00 | 000,384,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtCore.dll
MOD - [2012.01.10 18:38:00 | 000,165,248 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2012.01.10 18:37:58 | 002,557,312 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.01.10 18:37:56 | 000,346,496 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.01.10 18:37:54 | 010,843,520 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.01.10 18:37:48 | 000,196,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.01.10 18:37:46 | 001,294,208 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.01.10 18:37:44 | 000,682,880 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.01.10 18:37:42 | 000,919,936 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.01.10 18:37:40 | 000,517,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.01.10 18:37:38 | 008,172,928 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.01.10 18:37:36 | 002,252,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.01.10 18:37:34 | 002,288,512 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.01.10 18:37:32 | 000,422,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.01.10 18:37:22 | 000,202,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.01.10 18:37:20 | 000,034,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.01.10 18:37:18 | 000,032,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.01.10 18:36:38 | 000,388,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2012.01.10 18:36:24 | 000,437,632 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.01.10 18:36:02 | 001,037,696 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2012.01.10 18:35:06 | 000,758,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.01.08 16:50:05 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.05 16:00:24 | 000,112,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2011.06.09 04:09:35 | 000,030,888 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\minifilter\hashlib_x86.dll
MOD - [2011.05.19 18:36:46 | 006,271,136 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2009.08.05 16:58:30 | 000,330,336 | ---- | M] () -- \\?\c:\program files\f-secure\hips\fshook32.dll
MOD - [2009.08.05 16:58:30 | 000,236,128 | ---- | M] () -- \\?\c:\program files\f-secure\hips\fsumi.dll
MOD - [2009.08.05 16:57:04 | 000,081,920 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\strres.eng
MOD - [2009.08.05 16:56:56 | 000,920,160 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\gres.dll
MOD - [2009.08.05 16:56:50 | 000,143,360 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\flyerres.eng
MOD - [2009.08.05 16:56:50 | 000,045,056 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\fsavures.eng
MOD - [2009.08.05 16:56:32 | 000,838,240 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\about.dll
MOD - [2009.08.05 16:56:32 | 000,088,672 | ---- | M] () -- C:\Program Files\F-Secure\FSGUI\aboutres.dll
MOD - [2009.08.05 16:56:08 | 000,036,864 | ---- | M] () -- C:\Program Files\F-Secure\Anti-Virus\fsavhres.eng
MOD - [2008.04.14 00:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.08.14 12:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 12:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 12:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2012.01.04 13:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.23 14:43:04 | 000,061,088 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2011.05.08 20:01:34 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009.08.05 16:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Common\FSMA32.EXE -- (FSMA)
SRV - [2009.08.05 16:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
========== Driver Services (SafeList) ==========
DRV - [2011.09.08 14:12:18 | 000,148,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2011.08.17 14:11:47 | 000,042,672 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2011.05.08 20:01:57 | 000,082,120 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009.08.05 16:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\F-Secure\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009.07.23 10:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 10:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 10:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.17 16:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007.11.29 17:35:44 | 000,163,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/
IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://badoo.com/startpage/?source=bsb&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.01.21 08:37:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.08 16:50:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012.01.21 08:37:57 | 000,000,000 | ---D | M]
[2010.12.28 09:41:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Extensions
[2012.01.04 18:09:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions
[2012.01.04 18:09:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.01.30 19:16:09 | 000,002,023 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\badoo.xml
[2012.01.30 05:18:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-1.xml
[2011.11.10 17:59:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-10.xml
[2012.01.08 16:50:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-11.xml
[2012.01.31 04:56:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-12.xml
[2011.07.03 14:49:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-2.xml
[2011.08.15 14:35:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-3.xml
[2011.08.20 10:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-4.xml
[2011.08.23 13:39:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-5.xml
[2011.09.06 17:15:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-6.xml
[2011.09.14 04:27:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-7.xml
[2011.10.04 18:39:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-8.xml
[2011.11.09 07:49:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-9.xml
[2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin.xml
[2012.01.08 16:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\F0N4V6DB.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
[2012.01.21 08:37:48 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION_9.0
[2012.01.08 16:50:05 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.08.20 10:27:19 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.08.20 10:27:19 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.10.17 13:45:22 | 000,002,036 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.08.20 10:27:19 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.08.20 10:27:19 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.08.20 10:27:19 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Documents and Settings\HP\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
O1 HOSTS File: ([2008.04.14 00:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2000539937 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7971DEDF-5ACA-4C34-800E-0C70D49B6EC4}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\HP\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\HP\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.27 15:49:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\Shell - "" = AutoRun
O33 - MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\Shell - "" = AutoRun
O33 - MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\Shell - "" = AutoRun
O33 - MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.02.01 18:38:39 | 000,000,000 | ---D | C] -- C:\WINSSLog
[2012.02.01 18:32:26 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012.02.01 18:30:07 | 000,756,776 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HP\Plocha\OneCareCleanUp.exe
[2012.01.31 19:43:31 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\HP\Recent
[2012.01.31 19:42:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.31 19:26:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.01.31 19:26:47 | 000,000,000 | ---D | C] -- C:\rsit
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.02.01 18:51:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.02.01 18:42:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.01 18:41:31 | 000,012,712 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.01 18:40:58 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.01 18:40:55 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.01 18:34:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.01 18:32:45 | 000,000,213 | -HS- | M] () -- C:\boot.ini
[2012.02.01 18:30:07 | 000,756,776 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HP\Plocha\OneCareCleanUp.exe
[2012.02.01 18:29:54 | 000,899,584 | ---- | M] () -- C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
[2012.01.31 19:42:30 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012.01.31 16:27:52 | 000,053,248 | ---- | M] () -- C:\Documents and Settings\HP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.27 17:04:19 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\HP\.recently-used.xbel
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.01 18:51:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.02.01 18:29:51 | 000,899,584 | ---- | C] () -- C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
[2012.01.27 17:04:19 | 000,000,855 | ---- | C] () -- C:\Documents and Settings\HP\.recently-used.xbel
[2011.10.29 13:56:17 | 000,000,391 | ---- | C] () -- C:\WINDOWS\COVERE~1.INI
[2011.09.22 19:12:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2011.08.15 14:59:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.05.10 19:06:47 | 000,053,248 | ---- | C] () -- C:\Documents and Settings\HP\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.08 19:56:31 | 000,042,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2011.05.01 10:46:38 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.04.30 06:54:00 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\HP\Data aplikací\default.pls
[2011.04.29 07:57:49 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.28 16:40:52 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.12.28 16:38:28 | 000,213,672 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.28 09:41:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.12.27 16:22:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.12.27 16:22:14 | 000,001,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2010.12.27 15:50:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.12.27 15:46:30 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.04.14 00:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 00:00:00 | 000,440,056 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 00:00:00 | 000,436,588 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2008.04.14 00:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 00:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2008.04.14 00:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 00:00:00 | 000,081,732 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2008.04.14 00:00:00 | 000,071,128 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 00:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 00:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2008.04.14 00:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 00:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 00:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 00:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 10:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 10:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2005.04.15 04:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005.04.15 04:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003.04.09 14:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2011.10.29 14:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.05.08 19:56:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\f-secure
[2011.05.08 19:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fssg
[2011.10.04 19:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.07.14 10:12:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2011.11.08 18:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2011.09.08 14:09:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2011.09.01 18:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.04.26 18:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2011.09.25 08:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\vsosdk
[2011.04.26 18:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2008.04.14 00:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 00:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 00:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2008.04.14 00:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 00:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 00:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 00:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 00:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 00:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 00:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SVCHOST.EXE >
[2008.04.14 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 00:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 00:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 00:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 00:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 00:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\*.tmp -> ]
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.04.05 10:35:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Adobe
[2011.09.25 14:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Ahead
[2011.10.29 14:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Ashampoo
[2011.09.04 11:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\CyberLink
[2011.04.26 18:17:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\FLEXnet
[2011.09.20 17:27:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\gtk-2.0
[2010.12.27 16:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Identities
[2011.04.28 13:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Macromedia
[2012.01.30 18:22:00 | 000,000,000 | --SD | M] -- C:\Documents and Settings\HP\Data aplikací\Microsoft
[2011.05.08 19:57:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Motive
[2010.12.28 09:41:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Mozilla
[2011.04.30 06:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nero
[2012.01.21 08:39:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nokia
[2011.09.01 18:14:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Nokia Ovi Suite
[2011.11.07 21:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\PC Suite
[2012.02.01 18:52:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Skype
[2011.04.05 10:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Sun
[2011.11.06 15:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\TeamViewer
[2012.01.22 15:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Uschovna
[2011.12.30 14:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\Vso
[2011.08.14 17:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\HP\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2012.02.01 18:40:58 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.02.01 18:34:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010.12.28 16:36:57 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.12.28 16:36:57 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.12.28 16:36:57 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.02.01 18:42:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2012.02.01 18:41:31 | 000,012,712 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 00:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 08:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"LightScribe Control Panel" = C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden -- [2008.06.09 09:16:32 | 002,363,392 | ---- | M] (Hewlett-Packard Company)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.04.18 16:30:48 | 017,095,048 | R--- | M] (Skype Technologies S.A.)
"NokiaSuite.exe" = C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray -- [2012.01.10 18:36:34 | 001,083,264 | ---- | M] (Nokia)
"" =
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.01.08 16:50:05 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=11CCA710674739E3DB8F7450A5B650B6 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.01.20 06:35:36 | 001,047,024 | ---- | M] (Google Inc.) MD5=697D3B09D8883F72265DA274E0972042 -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.02.01 18:51:59 | 000,000,512 | ---- | M] () MD5=13D74B26F2E497C6594BF56BE39416CE -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.10.04 21:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
< *keygen* /s >
< *loader* /s >
[2007.06.27 18:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011.09.01 12:13:30 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 17:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 17:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 17:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 17:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 17:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 17:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 17:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 17:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 17:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 17:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 17:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 17:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 17:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 17:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 17:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 19:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2008.04.14 00:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[6 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 00:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
========== Files - Unicode (All) ==========
[2011.10.29 13:58:08 | 000,000,000 | ---D | M](C:\Documents and Settings\HP\Data aplikací\???????sAppData) -- C:\Documents and Settings\HP\Data aplikací\敎潲䍄敔灭慬整sAppData
[2011.10.29 13:58:08 | 000,000,000 | ---D | M](C:\Documents and Settings\HP\Data aplikací\???????sAppData) -- C:\Documents and Settings\HP\Data aplikací\敎潲䍄敔灭慬整sAppData
(C:\Documents and Settings\HP\Data aplikací\???????sAppData) -- C:\Documents and Settings\HP\Data aplikací\敎潲䍄敔灭慬整sAppData
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Extras
OTL Extras logfile created on: 1.2.2012 18:47:58 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 304,94 Mb Available Physical Memory | 30,04% Memory free
2,90 Gb Paging File | 2,19 Gb Available in Paging File | 75,69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 188,86 Gb Free Space | 81,10% Space Free | Partition Type: NTFS
Computer Name: HP-9F7B7EB68AE4 | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Uschovna.cz] -- C:\Program Files\Uschovna.cz\Uschovna_cz.exe /sendto: %1 (Capsa)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{3248F0A8-6813-11D6-A77B-00B0D0150220}" = J2SE Runtime Environment 5.0 Update 22
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{8531A154-5045-4E32-885A-391F750C5DE2}_is1" = Uschovna.cz 1.0.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Premium
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.3
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom NetXtreme Ethernet Controller
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 v.10.0.15
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"F-Secure Product 277" = F-Secure Profi Antivirus
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia Suite" = Nokia Suite
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.1.2012 12:28:52 | Computer Name = HP-9F7B7EB68AE4 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 26.1.2012 10:20:29 | Computer Name = HP-9F7B7EB68AE4 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 26.1.2012 12:35:29 | Computer Name = HP-9F7B7EB68AE4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.1.2012 1:40:29 | Computer Name = HP-9F7B7EB68AE4 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 1.2.2012 13:39:55 | Computer Name = HP-9F7B7EB68AE4 | Source = MsiInstaller | ID = 1008
Description = Instalace C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
není povolena z důvodu chyby při zpracování zásad omezení softwaru. Objekt není
důvěryhodný
Error - 1.2.2012 13:40:04 | Computer Name = HP-9F7B7EB68AE4 | Source = MsiInstaller | ID = 1008
Description = Instalace C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
není povolena z důvodu chyby při zpracování zásad omezení softwaru. Objekt není
důvěryhodný
[ System Events ]
Error - 1.2.2012 13:39:22 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:23 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:24 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:24 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:25 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:25 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:26 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:40:18 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 1.2.2012 13:41:26 | Computer Name = HP-9F7B7EB68AE4 | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%3
Error - 1.2.2012 13:41:27 | Computer Name = HP-9F7B7EB68AE4 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: i8042prt
< End of report >
OTL Extras logfile created on: 1.2.2012 18:47:58 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\HP\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1015,23 Mb Total Physical Memory | 304,94 Mb Available Physical Memory | 30,04% Memory free
2,90 Gb Paging File | 2,19 Gb Available in Paging File | 75,69% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 188,86 Gb Free Space | 81,10% Space Free | Partition Type: NTFS
Computer Name: HP-9F7B7EB68AE4 | User Name: HP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Uschovna.cz] -- C:\Program Files\Uschovna.cz\Uschovna_cz.exe /sendto: %1 (Capsa)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{3248F0A8-6813-11D6-A77B-00B0D0150220}" = J2SE Runtime Environment 5.0 Update 22
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{8531A154-5045-4E32-885A-391F750C5DE2}_is1" = Uschovna.cz 1.0.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Premium
"{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}" = Nokia Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.3
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom NetXtreme Ethernet Controller
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10 v.10.0.15
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"F-Secure Product 277" = F-Secure Profi Antivirus
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia Suite" = Nokia Suite
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.1.2012 12:28:52 | Computer Name = HP-9F7B7EB68AE4 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 26.1.2012 10:20:29 | Computer Name = HP-9F7B7EB68AE4 | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
Error - 26.1.2012 12:35:29 | Computer Name = HP-9F7B7EB68AE4 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.1.2012 1:40:29 | Computer Name = HP-9F7B7EB68AE4 | Source = WmiAdapter | ID = 4099
Description = Otevření služby se nezdařil
Error - 1.2.2012 13:39:55 | Computer Name = HP-9F7B7EB68AE4 | Source = MsiInstaller | ID = 1008
Description = Instalace C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
není povolena z důvodu chyby při zpracování zásad omezení softwaru. Objekt není
důvěryhodný
Error - 1.2.2012 13:40:04 | Computer Name = HP-9F7B7EB68AE4 | Source = MsiInstaller | ID = 1008
Description = Instalace C:\Documents and Settings\HP\Plocha\MicrosoftFixit50535.msi
není povolena z důvodu chyby při zpracování zásad omezení softwaru. Objekt není
důvěryhodný
[ System Events ]
Error - 1.2.2012 13:39:22 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:23 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:24 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:24 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:25 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:25 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:39:26 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 1.2.2012 13:40:18 | Computer Name = HP-9F7B7EB68AE4 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 1.2.2012 13:41:26 | Computer Name = HP-9F7B7EB68AE4 | Source = Service Control Manager | ID = 7000
Description = Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku
následující chyby: %%3
Error - 1.2.2012 13:41:27 | Computer Name = HP-9F7B7EB68AE4 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: i8042prt
< End of report >
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - File not found [Auto | Stopped] -- -- (McAfee SiteAdvisor Service) SRV - File not found [Disabled | Stopped] -- -- (HidServ) IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/ IE - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\..\URLSearchHook: - No CLSID value found FF - prefs.js..browser.search.defaultenginename: "Search" FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=" FF - prefs.js..keyword.URL: "http://badoo.com/startpage/?source=bsb&q=" [2012.01.04 18:09:59 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.01.30 19:16:09 | 000,002,023 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\badoo.xml [2012.01.30 05:18:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-1.xml [2011.11.10 17:59:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-10.xml [2012.01.08 16:50:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-11.xml [2012.01.31 04:56:37 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-12.xml [2011.07.03 14:49:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-2.xml [2011.08.15 14:35:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-3.xml [2011.08.20 10:28:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-4.xml [2011.08.23 13:39:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-5.xml [2011.09.06 17:15:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-6.xml [2011.09.14 04:27:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-7.xml [2011.10.04 18:39:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-8.xml [2011.11.09 07:49:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-9.xml [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin.xml [2012.01.08 16:50:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\HP\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\F0N4V6DB.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07} O4 - HKU\S-1-5-21-1957994488-1177238915-1417001333-1003..\Run: [] File not found O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O33 - MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\Shell - "" = AutoRun O33 - MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\Shell - "" = AutoRun O33 - MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\Shell - "" = AutoRun [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [11 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\*.tmp -> ] [1 C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\*.tmp -> ] [6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] [1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ] [1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ] [2012.02.01 18:40:58 | 000,000,928 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2012.02.01 18:34:42 | 000,000,932 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job @Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT :services gupdate gupdatem JavaQuickStarterService NBService :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- "RemoteControl"=- "NeroFilterCheck"=- "SunJavaUpdateSched"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=- "MSMSGS"=- "Skype"=- "ICQ"=- "NokiaSuite.exe"=- ""=- :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Provedeno
All processes killed
========== OTL ==========
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1957994488-1177238915-1417001333-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.9&q=" removed from browser.search.defaulturl
Prefs.js: "http://badoo.com/startpage/?source=bsb&q=" removed from keyword.URL
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\badoo.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1957994488-1177238915-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bce6822a-7026-11e0-a3a2-001b78825001}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bce6822b-7026-11e0-a3a2-001b78825001}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\ not found.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP125.tmp\ReachFramework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP125.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AC.tmp\PresentationCore.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP206.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP209.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP56.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI34.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3D.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\BIT5E.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\BIT4.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\BIT3F.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\BIT5.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\BIT34.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\SET42.tmp deleted successfully.
C:\WINDOWS\system32\SET44.tmp deleted successfully.
C:\WINDOWS\system32\SET49.tmp deleted successfully.
C:\WINDOWS\system32\SET50.tmp deleted successfully.
C:\WINDOWS\system32\SET52.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_0D520.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_0D520.tmp folder deleted successfully.
C:\WINDOWS\Temp\fsaua.tmp folder deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service NBService stopped successfully!
Service NBService deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: HP
->Temp folder emptied: 33246161 bytes
->Temporary Internet Files folder emptied: 2791334 bytes
->Java cache emptied: 96168 bytes
->FireFox cache emptied: 58354789 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 861 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 653818 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 120694470 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 140055128 bytes
Total Files Cleaned = 340,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: HP
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 02012012_204307
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
HKU\S-1-5-21-1957994488-1177238915-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1957994488-1177238915-1417001333-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Prefs.js: "Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.9&q=" removed from browser.search.defaulturl
Prefs.js: "http://badoo.com/startpage/?source=bsb&q=" removed from keyword.URL
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\badoo.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\HP\Data aplikací\Mozilla\Firefox\Profiles\f0n4v6db.default\searchplugins\icqplugin.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Registry value HKEY_USERS\S-1-5-21-1957994488-1177238915-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bce6822a-7026-11e0-a3a2-001b78825001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bce6822a-7026-11e0-a3a2-001b78825001}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bce6822b-7026-11e0-a3a2-001b78825001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bce6822b-7026-11e0-a3a2-001b78825001}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ccfa00a8-70ce-11e0-a3a8-001b78825001}\ not found.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP125.tmp\ReachFramework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP125.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AC.tmp\PresentationCore.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP206.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP209.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP56.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI34.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3D.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\7637054e3790581331a70fdfbb010acf\BIT5E.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\a7280e831cded7f9bf117b33d4bb1532\BIT4.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\d2c7b842c7a00c3c698f6e28cc9fe06a\BIT3F.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\e4ac189db79fdf4ce93fddf073991184\BIT5.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\f36a5b2ba2e764bdcd9047016764d1c9\BIT34.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\SET42.tmp deleted successfully.
C:\WINDOWS\system32\SET44.tmp deleted successfully.
C:\WINDOWS\system32\SET49.tmp deleted successfully.
C:\WINDOWS\system32\SET50.tmp deleted successfully.
C:\WINDOWS\system32\SET52.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_0D520.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\CR_0D520.tmp folder deleted successfully.
C:\WINDOWS\Temp\fsaua.tmp folder deleted successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service NBService stopped successfully!
Service NBService deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: HP
->Temp folder emptied: 33246161 bytes
->Temporary Internet Files folder emptied: 2791334 bytes
->Java cache emptied: 96168 bytes
->FireFox cache emptied: 58354789 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 861 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 653818 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 120694470 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 140055128 bytes
Total Files Cleaned = 340,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: HP
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 02012012_204307
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Co nas pacient
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Majitel to odzkoušel, a telefonoval mi,. že zrychlení nastalo určitě o 50% .
Protože je technický antitalent, a co se týká počítače je jenom uživatel, tak jsem mu tohle prováděl já na dálku . Moc děkuji za ochotu . jako vždy nejlepší
Protože je technický antitalent, a co se týká počítače je jenom uživatel, tak jsem mu tohle prováděl já na dálku . Moc děkuji za ochotu . jako vždy nejlepší
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Tak jeste uklidime
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
A je to 
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A je to "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Už se odpojil ,ale zítra dle instrukcí dodělám, moc moc díky ..... 
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Neni zac, rado se stalo 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Hotovo, skvělá práce
Re: Prosím o preventivku proběhlyZMĚNY V DOMOVSKÉ STRÁNCE
Jeste jednou, neni zac
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?