VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomalé PC - seká se Firefox

https://forum.viry.cz:443/viewtopic.php?t=127265

Stránka 1 z 3

Pomalé PC - seká se Firefox

Napsal: 15 led 2013 00:05
od Valda09
Dobrý den, prosím o kontrolu logu, začal semi zpomalovat NB a ve Firefoxu nejde vůbec pracovat, seká se kurzor myši... Díky za kontrolu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Valda at 2013-01-15 00:01:11
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 14 GB (10%) free of 142 GB
Total RAM: 1014 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:01:31, on 15.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\PersistenceThread.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Valda\Plocha\RSIT.exe
C:\Program Files\trend micro\Valda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w87i15600
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [snp2uvc] rundll32.exe C:\WINDOWS\system32\csnp2uvc.dll,ResetCIDS
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

--
End of file - 7971 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-05-01 137752]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-05-01 354840]
"PersistenceThread"=C:\WINDOWS\system32\PersistenceThread.exe [2009-05-01 92696]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"snp2uvc"=C:\WINDOWS\system32\csnp2uvc.dll [2008-11-03 196608]
"PLFSetL"=C:\WINDOWS\PLFSetL.exe [2008-07-03 94208]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-27 1434920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2012-11-08 6756048]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2009-02-20 817672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Valda^Nabídka Start^Programy^Po spuštění^PdaNet Desktop.lnk]
C:\PROGRA~1\PDANET~1\PdaNetPC.exe [2012-03-09 484976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igdlogin]
C:\WINDOWS\system32\igdlogin.dll [2009-04-28 65536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Acer\Acer VCM\VC.exe"="C:\Program Files\Acer\Acer VCM\VC.exe:*:Enabled:Acer Video Quality Enhancement"
"C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-01-15 00:01:13 ----D---- C:\Program Files\trend micro
2013-01-15 00:01:11 ----D---- C:\rsit
2013-01-13 21:43:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2013-01-13 20:48:06 ----D---- C:\Program Files\gs
2013-01-11 23:28:59 ----D---- C:\Program Files\GIMP 2
2013-01-11 11:57:01 ----D---- C:\Program Files\Mozilla Firefox
2012-12-31 22:03:39 ----D---- C:\Documents and Settings\Valda\Data aplikací\vlc
2012-12-31 22:01:45 ----D---- C:\Program Files\VideoLAN

======List of files/folders modified in the last 1 month======

2013-01-15 00:01:13 ----D---- C:\Program Files
2013-01-14 23:56:44 ----D---- C:\WINDOWS\temp
2013-01-14 23:46:28 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-14 23:46:13 ----SD---- C:\WINDOWS\Tasks
2013-01-14 23:45:21 ----AD---- C:\WINDOWS\system32
2013-01-14 23:45:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-01-14 23:45:10 ----D---- C:\WINDOWS
2013-01-14 07:41:37 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-01-13 16:56:07 ----RSD---- C:\WINDOWS\Fonts
2013-01-11 10:16:41 ----SD---- C:\Documents and Settings\Valda\Data aplikací\Microsoft
2013-01-11 10:16:41 ----D---- C:\Documents and Settings\Valda\Data aplikací\Adobe
2013-01-11 10:16:01 ----D---- C:\Config.Msi
2013-01-10 21:29:04 ----D---- C:\Documents and Settings\Valda\Data aplikací\Skype
2013-01-10 13:01:24 ----SHD---- C:\WINDOWS\Installer
2013-01-10 13:00:42 ----D---- C:\Program Files\Common Files\Adobe
2013-01-10 13:00:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-01-10 12:59:53 ----D---- C:\Program Files\Adobe
2013-01-10 09:46:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2012-12-31 23:54:08 ----D---- C:\Documents and Settings\Valda\Data aplikací\Media Player Classic
2012-12-28 20:34:13 ----A---- C:\LOGFILE.TXT
2012-12-20 20:58:40 ----D---- C:\Documents and Settings\Valda\Data aplikací\Dropbox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2012-11-08 99080]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2012-11-08 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2012-11-08 32640]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl91d544c5;MpKsl91d544c5; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7009F505-90AC-4E3F-9CF0-C2F79CA5D71E}\MpKsl91d544c5.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-02-20 1952512]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-05 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-04-16 991136]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 igd;igd; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-04-28 5096544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-29 5870080]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pneteth;PdaNet Broadband; C:\WINDOWS\system32\DRIVERS\pneteth.sys [2011-11-24 13440]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-04-16 132480]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-02-27 205360]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-06-19 533024]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-25 156816]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-06-19 45984]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2009-03-12 164864]
S3 RtsUIR;Realtek IR Driver; C:\WINDOWS\system32\DRIVERS\Rts516xIR.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\RtsUCcid.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WinUSB;Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2008-04-14 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-06-20 349528]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2012-11-08 1990464]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-22 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]

-----------------EOF-----------------

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 10:10
od Márty84
Zdravim :)

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 10:48
od Valda09
Zdravím, díky za pomoc. Log je tady:

# AdwCleaner v2.105 - Logfile created 01/15/2013 at 10:31:32
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Valda - NOTEBOOK-ACER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Valda\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\Valda\Data aplikací\yourfiledownloader
Folder Found : C:\Program Files\yourfiledownloader

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKU\S-1-5-21-460486182-1710738407-2939153371-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=116775&tt=311012_ctrl_4412_8&babsrc=NT_ss&mntrId=0643e197000000000000002637bd3942

-\\ Opera v12.2.1578.0

File : C:\Documents and Settings\Valda\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1693 octets] - [15/01/2013 10:31:32]

########## EOF - C:\AdwCleaner[R1].txt - [1753 octets] ##########

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 10:56
od Márty84
:arrow: Znovu ukoncete vsechny programy a spustte AdwCleaner.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.


:arrow: Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 13:48
od Valda09
Zde log Adw MBAM za chvíli

# AdwCleaner v2.105 - Logfile created 01/15/2013 at 13:42:47
# Updated 08/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Valda - NOTEBOOK-ACER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Valda\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Valda\Data aplikací\yourfiledownloader
Folder Deleted : C:\Program Files\yourfiledownloader

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=116775&tt=311012_ctrl_4412_8&babsrc=NT_ss&mntrId=0643e197000000000000002637bd3942 --> hxxp://www.google.com

-\\ Opera v12.2.1578.0

File : C:\Documents and Settings\Valda\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1822 octets] - [15/01/2013 10:31:32]
AdwCleaner[S1].txt - [1658 octets] - [15/01/2013 13:42:47]

########## EOF - C:\AdwCleaner[S1].txt - [1718 octets] ##########

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 17:52
od Valda09
MBAM log zde:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.15.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Valda :: NOTEBOOK-ACER [administrátor]

15.1.2013 14:11:05
mbam-log-2013-01-15 (14-11-05).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 289055
Uplynulý čas: 2 hodin, 23 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 19:08
od Márty84
:arrow: MBAM odinstalujte.


:arrow: Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte



:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 19:48
od Valda09
Crystaldisk:

----------------------------------------------------------------------------
CrystalDiskInfo 5.2.2 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/01/15 19:48:06

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- Hitachi HTS543216L9SA00
- Sekundární kanál IDE (1)

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS543216L9SA00 : 160,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS543216L9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS543216L9SA00
Firmware : FB2OC40C
Serial Number : 090808FB22015CELVWUA
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 7114 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : SATA/150
Power On Hours : 2639 hod.
Power On Count : 2048 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000700000000 Čas na roztočení ploten
04 _99 _99 __0 000000000805 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _94 _94 __0 000000000A4F Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 000000000800 Počet cyklů zapnutí zařízení
BF _97 _97 __0 000000020004 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000035 Počet vypnutí disku
C1 _94 _94 __0 000000010913 Počet cyklů načítání/vymazání
C2 157 157 __0 003200060023 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3039 3038 3038 4642 3232 3031 3543 454C 5657 5541
020: 0003 3795 0004 4642 324F 4334 3043 4869 7461 6368
030: 6920 4854 5335 3433 3231 364C 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0002 0000 0000 0000
080: 01FC 0042 746B 7F69 6163 7469 BC49 6163 207F 0021
090: 0022 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 8848 5000 CCA5
110: E5E4 C2A8 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 3250 0000 0000 4646 5555 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 FD FD 00
020: 00 00 00 07 00 00 04 12 00 63 63 05 08 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 5E 5E 4F 0A 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 00 08 00 00 00 00 00 BF 0A 00 61 61 04
080: 00 02 00 00 00 00 C0 32 00 64 64 35 00 00 00 00
090: 00 00 C1 12 00 5E 5E 13 09 01 00 00 00 00 C2 02
0A0: 00 9D 9D 23 00 06 00 32 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 22 00 64 64 00 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 C8 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 85 02 01 5B
170: 03 00 01 00 02 43 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C3

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 20:37
od Valda09
OTL logfile created on: 15.1.2013 19:50:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Valda\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,20 Mb Total Physical Memory | 337,06 Mb Available Physical Memory | 33,23% Memory free
2,38 Gb Paging File | 1,80 Gb Available in Paging File | 75,46% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 13,40 Gb Free Space | 9,64% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK-ACER | User Name: Valda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.01.15 19:47:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valda\Plocha\OTL.exe
PRC - [2013.01.15 13:45:57 | 000,879,080 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013.01.07 17:17:00 | 001,186,232 | ---- | M] (Crystal Dew World) -- C:\Program Files\CrystalDiskInfo\DiskInfo.exe
PRC - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012.11.08 00:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2010.11.30 12:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010.11.11 11:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2009.05.01 04:13:34 | 000,092,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\PersistenceThread.exe
PRC - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012.10.26 14:33:08 | 009,814,968 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2010.11.21 15:54:34 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.08 00:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.04.22 07:37:55 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.11 11:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.02.05 07:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - [2012.11.08 00:38:17 | 000,099,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012.11.08 00:38:16 | 000,032,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012.11.08 00:38:14 | 000,497,952 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.11.24 23:26:04 | 000,013,440 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pneteth.sys -- (pneteth)
DRV - [2009.07.29 07:49:04 | 005,870,080 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.06.19 04:48:12 | 000,533,024 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2009.06.19 04:48:06 | 000,045,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009.04.16 04:10:06 | 000,132,480 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.04.16 02:13:34 | 000,991,136 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2009.03.12 08:55:32 | 000,164,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.02.20 09:53:18 | 001,952,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008.08.05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.07.25 01:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008.02.05 01:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007.10.01 13:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2006.11.02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.01.04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w87i15600
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... 1I7ACAW_cs
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7ACAW_cs
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={se ... chr-comodo
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Google)"
FF - prefs.js..browser.search.order.1: "Search the web (Google)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3
FF - prefs.js..extensions.enabledAddons: intgcal%40egarracingteam.com.ar:1.2.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: FirefoxAddon@similarWeb.com:1.2.06
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.10
FF - prefs.js..keyword.URL: "http://www.google.com/search?hl=cz&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Valda\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Valda\Local Settings\Data aplikací\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.03.14 00:25:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.12\extensions\\Components: C:\Program Files\SeaMonkey\components [2012.08.31 21:32:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\SeaMonkey 2.12\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2013.01.10 13:00:43 | 000,000,000 | ---D | M]

[2010.07.19 17:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Extensions
[2010.05.23 16:00:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.05.27 22:46:05 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
[2013.01.13 20:00:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Firefox\Profiles\x269e853.default\extensions
[2010.08.05 08:37:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Firefox\Profiles\x269e853.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.01.11 15:59:39 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Firefox\Profiles\x269e853.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.04 07:52:21 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Firefox\Profiles\x269e853.default\extensions\foxmarks@kei.com
[2012.09.16 13:37:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\SeaMonkey\Profiles\z4ct0m4w.default\extensions
[2012.04.16 08:07:22 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\SeaMonkey\Profiles\z4ct0m4w.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2012.04.02 19:23:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\SeaMonkey\Profiles\z4ct0m4w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.09.16 13:35:31 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\SeaMonkey\Profiles\z4ct0m4w.default\extensions\inspector@mozilla.org
[2012.09.16 13:37:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\SeaMonkey\Profiles\z4ct0m4w.default\extensions\staged
[2012.12.30 22:21:58 | 000,025,955 | ---- | M] () (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Firefox\Profiles\x269e853.default\extensions\intgcal@egarracingteam.com.ar.xpi
[2012.11.25 08:50:38 | 000,804,627 | ---- | M] () (No name found) -- C:\Documents and Settings\Valda\Data aplikací\Mozilla\Firefox\Profiles\x269e853.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VALDA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\X269E853.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VALDA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\X269E853.DEFAULT\EXTENSIONS\FOXMARKS@KEI.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VALDA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\X269E853.DEFAULT\EXTENSIONS\INTGCAL@EGARRACINGTEAM.COM.AR.XPI

========== Chrome ==========

CHR - homepage: http://us.yahoo.com?fr=fpc-comodo
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://us.yahoo.com?fr=fpc-comodo
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Valda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Valda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Valda\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Valda\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_228.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Valda\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Valda\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Valda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Valda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Valda\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.07.19 20:39:16 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe (Intel Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67ED3CE4-FC81-4183-B85C-DC9703FD9B88}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igdlogin: DllName - (igdlogin.dll) - C:\WINDOWS\System32\igdlogin.dll ()
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.01.15 19:47:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Valda\Plocha\OTL.exe
[2013.01.15 19:47:07 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013.01.15 13:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Data aplikací\Malwarebytes
[2013.01.15 13:53:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.01.15 00:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2013.01.15 00:01:13 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.15 00:01:11 | 000,000,000 | ---D | C] -- C:\rsit
[2013.01.14 23:45:10 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Valda\Recent
[2013.01.13 21:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2013.01.13 21:17:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Ghostscript
[2013.01.13 20:48:06 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2013.01.13 20:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Plocha\Letáky OF
[2013.01.13 20:04:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Plocha\Web laktační
[2013.01.12 00:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\.thumbnails
[2013.01.12 00:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Local Settings\Data aplikací\fontconfig
[2013.01.12 00:05:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\.gimp-2.8
[2013.01.12 00:05:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Local Settings\Data aplikací\gegl-0.2
[2013.01.11 23:28:59 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.01.11 11:57:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.31 22:03:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Data aplikací\vlc
[2012.12.31 22:03:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2012.12.31 22:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.12.22 14:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Dokumenty\CyberLink
[2012.12.22 14:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Dokumenty\The KMPlayer
[2012.12.21 11:23:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Dokumenty\Domácí
[2012.12.21 11:23:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Valda\Dokumenty\Pracovní
[1 C:\Documents and Settings\Valda\Plocha\*.tmp files -> C:\Documents and Settings\Valda\Plocha\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.01.15 19:53:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.15 19:47:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Valda\Plocha\OTL.exe
[2013.01.15 19:47:12 | 000,001,647 | ---- | M] () -- C:\Documents and Settings\Valda\Plocha\CrystalDiskInfo.lnk
[2013.01.15 19:40:44 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013.01.15 19:39:39 | 000,434,480 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.15 19:39:39 | 000,431,030 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.01.15 19:39:39 | 000,079,534 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.01.15 19:39:39 | 000,068,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.01.15 19:35:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.15 19:35:16 | 1063,538,688 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.15 10:29:33 | 000,554,087 | ---- | M] () -- C:\Documents and Settings\Valda\Plocha\adwcleaner.exe
[2013.01.15 00:00:31 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Valda\Plocha\RSIT.exe
[2013.01.14 07:09:14 | 001,627,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.01.13 21:12:07 | 000,007,735 | ---- | M] () -- C:\Documents and Settings\Valda\Local Settings\Data aplikací\recently-used.xbel
[2013.01.13 19:44:43 | 001,173,231 | ---- | M] () -- C:\Documents and Settings\Valda\Plocha\web-laktacni.jpg
[2013.01.13 16:19:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.12 10:25:08 | 000,200,978 | ---- | M] () -- C:\Documents and Settings\Valda\Dokumenty\text.jpg
[2013.01.11 17:45:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.01.08 11:01:15 | 000,038,704 | ---- | M] () -- C:\Documents and Settings\Valda\Plocha\Ilča příběh - kojení.rtf
[2012.12.31 22:04:01 | 000,235,520 | ---- | M] () -- C:\Documents and Settings\Valda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.28 22:19:16 | 001,080,066 | ---- | M] () -- C:\Documents and Settings\Valda\Plocha\Grundtvig_Partnership_Project_Application.pdf
[1 C:\Documents and Settings\Valda\Plocha\*.tmp files -> C:\Documents and Settings\Valda\Plocha\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.15 19:53:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.15 19:47:12 | 000,001,647 | ---- | C] () -- C:\Documents and Settings\Valda\Plocha\CrystalDiskInfo.lnk
[2013.01.15 10:29:08 | 000,554,087 | ---- | C] () -- C:\Documents and Settings\Valda\Plocha\adwcleaner.exe
[2013.01.15 00:00:23 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Valda\Plocha\RSIT.exe
[2013.01.13 21:12:07 | 000,007,735 | ---- | C] () -- C:\Documents and Settings\Valda\Local Settings\Data aplikací\recently-used.xbel
[2013.01.13 19:30:45 | 001,173,231 | ---- | C] () -- C:\Documents and Settings\Valda\Plocha\web-laktacni.jpg
[2013.01.12 10:25:03 | 000,200,978 | ---- | C] () -- C:\Documents and Settings\Valda\Dokumenty\text.jpg
[2013.01.11 23:37:48 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\GIMP 2.lnk
[2013.01.10 13:00:44 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
[2013.01.08 11:01:14 | 000,038,704 | ---- | C] () -- C:\Documents and Settings\Valda\Plocha\Ilča příběh - kojení.rtf
[2012.12.28 21:27:48 | 001,080,066 | ---- | C] () -- C:\Documents and Settings\Valda\Plocha\Grundtvig_Partnership_Project_Application.pdf
[2012.08.02 10:57:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.07.19 12:34:50 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.02.16 22:20:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.03 00:11:46 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012.01.03 00:11:46 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012.01.03 00:11:42 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.11.05 21:21:12 | 000,000,071 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2011.11.05 21:07:33 | 000,516,096 | ---- | C] () -- C:\WINDOWS\UN32.EXE
[2011.11.05 21:07:33 | 000,004,550 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2011.11.05 21:06:57 | 000,001,678 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2011.11.05 21:06:56 | 000,002,476 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2011.11.05 21:06:47 | 000,002,025 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2011.11.05 21:06:46 | 000,004,192 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2011.04.10 18:35:24 | 000,000,126 | ---- | C] () -- C:\WINDOWS\USB downloader.INI
[2010.10.10 22:52:14 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Valda\Data aplikací\wklnhst.dat
[2010.07.19 20:25:37 | 000,235,520 | ---- | C] () -- C:\Documents and Settings\Valda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.05 03:25:50 | 006,815,744 | ---- | C] () -- C:\Documents and Settings\Valda\NTUSER.bak

========== ZeroAccess Check ==========

[2009.07.29 23:17:19 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.07.19 19:45:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
[2011.11.05 21:01:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.05.23 16:03:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\eSobi
[2012.11.06 08:57:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2010.09.24 11:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PDF Writer
[2010.05.23 16:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2009.07.30 02:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Acer
[2009.07.30 02:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\Acer GameZone Console
[2010.05.04 21:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\SACore
[2010.05.23 16:18:15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Valda\Data aplikací\.#
[2009.07.30 02:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Acer
[2009.07.30 02:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Acer GameZone Console
[2010.10.22 13:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\AnvSoft
[2010.10.22 13:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\avidemux
[2010.11.13 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\BSplayer
[2010.11.13 13:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\BSplayer Pro
[2012.05.24 07:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2012.11.05 17:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\com.prezi.PreziDesktop
[2012.06.12 21:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\DAEMON Tools Lite
[2013.01.15 00:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Dropbox
[2010.05.23 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\eSobi
[2012.06.12 21:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\FileZilla
[2012.06.19 22:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\GHISLER
[2012.06.19 22:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\GlarySoft
[2012.11.06 08:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\LangSoft
[2010.07.25 21:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\OpenOffice.org
[2010.05.23 15:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Opera
[2010.09.24 11:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\PDF Writer
[2010.10.10 22:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Template
[2010.05.23 16:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Thunderbird
[2012.06.12 21:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Wise Registry Cleaner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.29 23:15:36 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.07.30 08:43:55 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.06.19 22:31:14 | 000,000,308 | ---- | C] () -- C:\WINDOWS\Tasks\GlaryInitialize.job
[2012.06.24 21:36:59 | 000,000,424 | -H-- | C] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\i386\AUTOCHK.EXE
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\$NtUninstallKB932716-v2$\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 13:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\i386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\WINDOWS\Installer\{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7}\*.tmp files -> C:\WINDOWS\Installer\{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7}\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.05.23 16:18:15 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Valda\Data aplikací\.#
[2009.07.30 02:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Acer
[2009.07.30 02:15:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Acer GameZone Console
[2013.01.11 10:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Adobe
[2010.10.22 13:00:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\AnvSoft
[2010.10.22 13:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\avidemux
[2010.11.13 13:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\BSplayer
[2010.11.13 13:54:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\BSplayer Pro
[2012.05.24 07:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1
[2012.11.05 17:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\com.prezi.PreziDesktop
[2010.05.16 15:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\CyberLink
[2012.06.12 21:05:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\DAEMON Tools Lite
[2013.01.15 00:57:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Dropbox
[2010.05.23 16:07:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\eSobi
[2012.06.12 21:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\FileZilla
[2012.06.19 22:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\GHISLER
[2012.06.19 22:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\GlarySoft
[2010.05.04 22:04:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Google
[2009.07.29 23:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Identities
[2010.05.05 03:27:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\InstallShield
[2012.11.06 08:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\LangSoft
[2010.05.04 21:43:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Macromedia
[2013.01.15 13:54:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Malwarebytes
[2012.12.31 23:54:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Media Player Classic
[2013.01.11 10:16:41 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Valda\Data aplikací\Microsoft
[2010.07.19 17:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Mozilla
[2010.07.25 21:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\OpenOffice.org
[2010.05.23 15:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Opera
[2010.09.24 11:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\PDF Writer
[2013.01.10 21:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Skype
[2011.08.16 12:24:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\skypePM
[2010.10.10 22:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Template
[2010.05.23 16:00:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Thunderbird
[2012.05.31 12:04:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\U3
[2012.12.31 22:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\vlc
[2012.06.12 21:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Valda\Data aplikací\Wise Registry Cleaner

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2013.01.04 23:29:06 | 028,539,232 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\Dropbox.exe
[2013.01.04 23:29:42 | 000,203,416 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2012.05.24 19:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\Uninstall.exe
[2012.11.05 20:38:29 | 000,053,664 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Valda\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2006.08.15 09:15:04 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\U3\0700077C14A100A3\cleanup.exe
[2007.02.02 18:06:18 | 003,489,792 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\U3\0700077C14A100A3\Launchpad.exe
[2006.10.12 15:38:42 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\U3\0700077C14A100A3\U3AccessGrant.exe
[2006.08.15 09:15:04 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Valda\Data aplikací\U3\temp\cleanup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.07.30 00:59:58 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.07.30 00:59:58 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.07.30 00:59:58 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.14 07:09:14 | 001,627,984 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.01.15 19:39:39 | 000,079,534 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.01.15 19:39:39 | 000,068,766 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.01.15 19:39:39 | 000,431,030 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.01.15 19:39:39 | 000,434,480 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.01.15 19:39:39 | 001,026,334 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.01.13 16:19:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.15 19:53:45 | 000,000,512 | ---- | M] () MD5=D5173E179CE687A751EFAECCE5E348AB -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.08.23 23:11:14 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >

< *loader* /s >
[2012.12.10 16:41:00 | 000,306,992 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Adobe\AIH.58a31cf28bdb9cebe8886a898dfb80f6b7a28d62\downloader.bundle
[2012.12.10 08:23:00 | 000,511,944 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Adobe\AIH.58a31cf28bdb9cebe8886a898dfb80f6b7a28d62\downloader.dll
[2012.02.29 07:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 07:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.11.04 20:14:28 | 001,358,208 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\YourFileDownloader.zip
[2012.11.04 20:14:29 | 005,800,531 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\YourFileDownloader1.zip
[2012.11.04 20:14:30 | 000,002,417 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\YourFileDownloader2.zip
[2012.11.04 20:14:30 | 000,000,665 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\YourFileDownloader3.zip
[2012.11.04 20:14:31 | 000,000,734 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\YourFileDownloader4.zip
[2008.04.14 13:00:00 | 000,017,421 | ---- | M] () -- \i386\DMLOADER.DL_
[2008.04.14 13:00:00 | 000,115,367 | ---- | M] () -- \i386\OSLOADER.EX_
[2008.04.14 13:00:00 | 000,133,029 | ---- | M] () -- \i386\OSLOADER.NT_
[2007.03.14 18:21:36 | 004,937,904 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\Photodownloader.exe
[2007.03.14 16:07:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\Photodownloader.ini
[2007.03.14 16:07:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2007.03.14 16:07:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2007.03.16 08:49:16 | 000,002,745 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\Scripts\Export As Xhtml\Startup Scripts\XHTMLExportMenuItemLoader.jsx
[2007.03.16 08:49:16 | 000,002,078 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\Scripts\XHTML For Digital Editions\Startup Scripts\OEBExportMenuItemLoader.jsx
[2007.03.14 16:10:18 | 000,088,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ar_AE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:20 | 000,025,188 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\cs_CZ\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:26 | 000,032,022 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\da_DK\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:28 | 000,032,216 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\de_DE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:30 | 000,027,655 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\el_GR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:36 | 000,030,891 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\en_US\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:38 | 000,032,399 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\es_ES\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,333 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fi_FI\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:42 | 000,032,393 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\fr_FR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:46 | 000,022,871 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\he_IL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:48 | 000,025,272 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\hu_HU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,109 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\it_IT\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:50 | 000,032,441 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ja_JP\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:52 | 000,032,499 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ko_KR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:54 | 000,032,074 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nb_NO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:56 | 000,032,110 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\nl_NL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:10:58 | 000,024,996 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pl_PL\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:00 | 000,031,772 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\pt_BR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:02 | 000,024,463 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ro_RO\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:04 | 000,025,054 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\ru_RU\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,032,171 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\sv_SE\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:06 | 000,024,411 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\tr_TR\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:08 | 000,025,525 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\uk_UA\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,741 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_CN\Bridge\2.0\images\br_photo_downloader.png
[2007.03.14 16:11:10 | 000,032,833 | ---- | M] () -- \Program Files\Common Files\Adobe\Help\zh_TW\Bridge\2.0\images\br_photo_downloader.png
[2007.03.08 15:35:32 | 000,004,239 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS3\Adobe Version Cue\VersionCueSDKLoader.jsx
[2011.03.08 09:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2011.04.10 18:35:27 | 000,000,126 | ---- | M] () -- \WINDOWS\USB downloader.INI
[2009.07.30 01:59:51 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 14:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2009.12.13 10:25:55 | 000,000,500 | ---- | M] () -- \Documents and Settings\Valda\Dokumenty\Stažené soubory\PC Translator instalace\PC Translator 2010 CZ\serial.txt
[2012.12.13 00:01:35 | 000,000,104 | ---- | M] () -- \Documents and Settings\Valda\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp
[2008.04.14 13:00:00 | 000,024,957 | ---- | M] () -- \i386\DPSERIAL.DL_
[2008.04.14 13:00:00 | 000,030,259 | ---- | M] () -- \i386\SERIAL.SY_
[2008.04.14 13:00:00 | 000,006,549 | ---- | M] () -- \i386\SERIALUI.DL_
[2007.03.14 16:05:52 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\BadSerialNumberAlert.exv
[2007.03.14 16:05:52 | 000,001,545 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007.03.14 16:05:52 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 16:05:52 | 000,000,833 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ReserializeAlert.exv
[2007.03.14 16:05:52 | 000,028,474 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\SerializationWF.exv
[2007.03.14 16:05:52 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\BadSerialNumberAlert.exv
[2007.03.14 16:05:52 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2007.03.14 16:05:52 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 16:05:52 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\ReserializeAlert.exv
[2007.03.14 16:05:52 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\ar_AE\SerializationWF.exv
[2007.03.14 16:05:54 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\BadSerialNumberAlert.exv
[2007.03.14 16:05:54 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2007.03.14 16:05:54 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 16:05:54 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\ReserializeAlert.exv
[2007.03.14 16:05:54 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS3\LMResources\he_IL\SerializationWF.exv
[2007.03.14 22:11:42 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\BadSerialNumberAlert.exv
[2007.03.14 22:11:42 | 000,001,545 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\CantChangeSerialNumberAlert.exv
[2007.03.14 22:11:42 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 22:11:42 | 000,000,833 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\ReserializeAlert.exv
[2007.03.14 22:11:42 | 000,028,474 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\SerializationWF.exv
[2007.03.14 22:11:42 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\Ar_AE\BadSerialNumberAlert.exv
[2007.03.14 22:11:42 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\Ar_AE\CantChangeSerialNumberAlert.exv
[2007.03.14 22:11:42 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\Ar_AE\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 22:11:44 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\Ar_AE\ReserializeAlert.exv
[2007.03.14 22:11:44 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\Ar_AE\SerializationWF.exv
[2007.03.14 22:11:44 | 000,001,695 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\He_IL\BadSerialNumberAlert.exv
[2007.03.14 22:11:44 | 000,001,567 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\He_IL\CantChangeSerialNumberAlert.exv
[2007.03.14 22:11:44 | 000,001,661 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\He_IL\InValidUpGradeSerialNumberAlert.exv
[2007.03.14 22:11:44 | 000,000,855 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\He_IL\ReserializeAlert.exv
[2007.03.14 22:11:44 | 000,028,485 | ---- | M] () -- \Program Files\Adobe\Adobe InDesign CS3\LMResources\He_IL\SerializationWF.exv
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.02.17 00:34:26 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.07.02 11:20:39 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.02.19 20:17:16 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.02.19 20:05:40 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.04.07 22:48:30 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 13:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D6A1EE83
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2

< End of report >

Re: Pomalé PC - seká se Firefox

Napsal: 15 led 2013 20:38
od Valda09
OTL Extras logfile created on: 15.1.2013 19:50:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Valda\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,20 Mb Total Physical Memory | 337,06 Mb Available Physical Memory | 33,23% Memory free
2,38 Gb Paging File | 1,80 Gb Available in Paging File | 75,46% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 139,05 Gb Total Space | 13,40 Gb Free Space | 9,64% Space Free | Partition Type: NTFS

Computer Name: NOTEBOOK-ACER | User Name: Valda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Acer\Acer VCM\VC.exe" = C:\Program Files\Acer\Acer VCM\VC.exe:*:Enabled:Acer Video Quality Enhancement -- (Acer Incoporated)
"C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Valda\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{010C7F73-28E3-2B39-A847-03F39B4AD222}" = Autoškola testy
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = WebCam
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3F9B2FD2-1C83-4401-9967-C3636638E958}" = Adobe SING CS3
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56B8B892-317E-4FDE-9E4D-44B189848A27}" = Adobe Setup
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}" = Microsoft Security Client
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = Software Bluetooth WIDCOMM
"{859B9BCA-5376-4566-9F88-C6C9DAA7A925}" = Microsoft Security Client CS-CZ Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = USB2.0 Card Reader Software
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye webcam 2.2.0.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6197679-051D-4E3E-9757-4D5CDA6D658B}" = Microsoft Antimalware Service CS-CZ Language Pack
"7-Zip" = 7-Zip 4.65
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_05ba3a63f36684fe0c5dde2ebe6f8f5" = Adobe InDesign CS3
"Any Video Converter_is1" = Any Video Converter 3.0.7
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1212
"CCleaner" = CCleaner
"CobBackup9" = Cobian Backup 9
"com.amsoft.Autoskola-user.F7413B326E7EE190C62FFECB0195DD73C683900A.1" = Autoškola testy
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.2.2
"Defraggler" = Defraggler
"FileZilla Client" = FileZilla Client 3.3.5.1
"FreeCommander_is1" = FreeCommander 2009.02b
"GIMP-2_is1" = GIMP 2.8.2
"Glary Utilities_is1" = Glary Utilities 2.46.0.1518
"GPL Ghostscript 9.06" = GPL Ghostscript
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.1.0
"LManager" = Launch Manager
"LPCO" = Intel(R) Graphics Media Accelerator 500
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Thunderbird 12.0.1 (x86 cs)" = Mozilla Thunderbird 12.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Opera 12.12.1707" = Opera 12.12
"PdaNet_is1" = PdaNet for Android 3.50
"Picasa 3" = Picasa 3
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"SeaMonkey 2.12 (x86 cs)" = SeaMonkey 2.12 (x86 cs)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.0.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"winusb0100" = Microsoft WinUsb 1.0
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.31
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Zet Switch_is1" = Zet Switch

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.6.2012 10:19:25 | Computer Name = NOTEBOOK-ACER | Source = Application Error | ID = 1000
Description = Chybující aplikace regrepair.exe, verze 2.46.0.1518, chybující modul
rtl70.bpl, verze 7.0.4.453, adresa chyby 0x000057b0.

Error - 19.6.2012 2:31:15 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 20.6.2012 9:15:16 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 20.6.2012 15:49:18 | Computer Name = NOTEBOOK-ACER | Source = MsiInstaller | ID = 11316
Description = Product: VIPlayer -- Error 1316. A network error occurred while attempting
to read from the file: C:\DOCUME~1\Valda\LOCALS~1\Temp\Dočasný adresář 2 pro VIPlayer_Setup.zip\VIPlayer_Setup.msi

Error - 21.6.2012 2:47:30 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.7.2012 6:32:41 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.7.2012 6:33:16 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.7.2012 6:33:17 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 19.7.2012 6:38:24 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.7.2012 6:48:09 | Computer Name = NOTEBOOK-ACER | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

[ OSession Events ]
Error - 6.10.2010 9:49:34 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8926
seconds with 900 seconds of active time. This session ended with a crash.

Error - 9.11.2011 12:18:17 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 6034 seconds with 4620 seconds of active time. This session ended with a
crash.

Error - 21.1.2012 20:31:59 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 14305 seconds with 6960 seconds of active time. This session ended with
a crash.

Error - 12.4.2012 10:22:30 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 3538 seconds with 1740 seconds of active time. This session ended with a
crash.

Error - 3.6.2012 16:16:07 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 6659 seconds with 1260 seconds of active time. This session ended with a
crash.

Error - 20.6.2012 3:01:45 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 4087 seconds with 660 seconds of active time. This session ended with a
crash.

Error - 3.7.2012 3:03:49 | Computer Name = NOTEBOOK-ACER | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 1081 seconds with 780 seconds of active time. This session ended with a
crash.

[ System Events ]
Error - 8.1.2013 16:00:21 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.0.100 pro síťovou kartu s adresou 00269E2BEACC
byla serverem DHCP 192.168.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 8.1.2013 16:08:21 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.0.100 pro síťovou kartu s adresou 00269E2BEACC
byla serverem DHCP 192.168.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 9.1.2013 6:50:04 | Computer Name = NOTEBOOK-ACER | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Hardware vloženého řadiče (EC) neodpověděl v daném
časovém limitu. To může znamenat, že došlo k chybě v hardwaru řadiče nebo ve firmwaru
nebo že je nesprávně navržen systém BIOS, který k vloženému řadiči přistupuje nebezpečným
způsobem. Řadič EC v případě možnosti zopakuje transakci, která se nezdařila.

Error - 9.1.2013 11:30:46 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 0C607615AEF7 byla ukončena.

Error - 9.1.2013 17:43:05 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 0C607615AEF7 byla ukončena.

Error - 9.1.2013 19:56:30 | Computer Name = NOTEBOOK-ACER | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Hardware vloženého řadiče (EC) neodpověděl v daném
časovém limitu. To může znamenat, že došlo k chybě v hardwaru řadiče nebo ve firmwaru
nebo že je nesprávně navržen systém BIOS, který k vloženému řadiči přistupuje nebezpečným
způsobem. Řadič EC v případě možnosti zopakuje transakci, která se nezdařila.

Error - 10.1.2013 7:32:36 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.102.248 pro síťovou kartu se síťovou
adresou 0C607615AEF7 byla ukončena.

Error - 12.1.2013 8:08:13 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.102 pro síťovou kartu se síťovou
adresou 0C607615AEF7 byla ukončena.

Error - 13.1.2013 13:36:37 | Computer Name = NOTEBOOK-ACER | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.102 pro síťovou kartu se síťovou
adresou 0C607615AEF7 byla ukončena.

Error - 14.1.2013 18:41:13 | Computer Name = NOTEBOOK-ACER | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Hardware vloženého řadiče (EC) neodpověděl v daném
časovém limitu. To může znamenat, že došlo k chybě v hardwaru řadiče nebo ve firmwaru
nebo že je nesprávně navržen systém BIOS, který k vloženému řadiči přistupuje nebezpečným
způsobem. Řadič EC v případě možnosti zopakuje transakci, která se nezdařila.


< End of report >

Re: Pomalé PC - seká se Firefox

Napsal: 16 led 2013 14:45
od Márty84
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\Program Files\Spybot - Search & Destroy

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-460486182-1710738407-2939153371-1005\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
CHR - homepage: http://us.yahoo.com?fr=fpc-comodo
CHR - homepage: http://us.yahoo.com?fr=fpc-comodo
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
[1 C:\Documents and Settings\Valda\Plocha\*.tmp files -> C:\Documents and Settings\Valda\Plocha\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[12 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp files -> C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\*.tmp -> ]
[1 C:\WINDOWS\Installer\{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7}\*.tmp files -> C:\WINDOWS\Installer\{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7}\*.tmp -> ]
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:D6A1EE83
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728
@Alternate Data Stream - 135 bytes -> C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: Pomalé PC - seká se Firefox

Napsal: 16 led 2013 16:03
od Valda09
Díky, log je zde: v

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 470698 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Translator

User: Valda
->Temp folder emptied: 1189888 bytes
->Temporary Internet Files folder emptied: 131599 bytes
->FireFox cache emptied: 79014933 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 52196 bytes
->Flash cache emptied: 57371 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 32626 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 10156344 bytes

Total Files Cleaned = 87,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: Translator

User: Valda
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GlaryInitialize.job moved successfully.
C:\WINDOWS\tasks\MP Scheduled Scan.job moved successfully.
C:\Program Files\Spybot - Search & Destroy\Updates folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Skins folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Plugins folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Languages folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Includes folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Help folder moved successfully.
C:\Program Files\Spybot - Search & Destroy\Dummies folder moved successfully.
C:\Program Files\Spybot - Search & Destroy folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-460486182-1710738407-2939153371-1005\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-460486182-1710738407-2939153371-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-460486182-1710738407-2939153371-1005\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}\ not found.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
File C:\Program Files\Spybot - Search & Destroy\SDHelper.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}\ not found.
File C:\Program Files\Spybot - Search & Destroy\SDHelper.dll not found.
C:\Documents and Settings\Valda\Plocha\~WRL3500.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP160.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP245.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP281.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4FE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP763.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP77E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP78F.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI151.tmp deleted successfully.
C:\WINDOWS\Installer\MSI46.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC6.tmp deleted successfully.
C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B}\upd81.tmp deleted successfully.
C:\WINDOWS\Installer\{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7}\upd82.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:D6A1EE83 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:798A3728 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\Temp:4D066AD2 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01162013_155846

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Pomalé PC - seká se Firefox

Napsal: 16 led 2013 18:59
od Márty84
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Re: Pomalé PC - seká se Firefox

Napsal: 16 led 2013 20:27
od Valda09
Rogue killer zde:

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Valda [Práva správce]
Mód : Kontrola -- Datum : 01/16/2013 20:25:59

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU] HKLM\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS543216L9SA00 +++++
--- User ---
[MBR] d5173e179ce687a751efaecce5e348ab
[BSP] af9eb7196eaebf96b2e771bb2e792a24 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 2048 | Size: 10240 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20973568 | Size: 142385 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_01162013_02d2025.txt >>
RKreport[1]_S_01162013_02d2025.txt

Re: Pomalé PC - seká se Firefox

Napsal: 17 led 2013 02:43
od Márty84
:arrow: Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz