zdravim a prosím o radu.Opět jsem někde něco nasál do pc
1,sítový štít Avastu mi hlásí zablokování spojení na nebezpečnou adresu gangrenablin.ru,contonskovkiys.ru.At koukám na jakýkoliv web,pořád to má nutkání otvírat tyhle dvě stránky
2,od té doby mi nefunguje psaní háčků nad písmeny,resp.chci napsat třeba "blbost" P s háčkem udělá to tohle ˇˇp
díky za radu
ComboFix 13-05-08.02 - Honzik 08.05.2013 21:25:34.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1023.365 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honzik\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 130506-0] *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-08 do 2013-05-08 )))))))))))))))))))))))))))))))
.
.
2013-05-08 19:00 . 2013-05-08 19:00 -------- d-----w- c:\documents and settings\Honzik\Local Settings\Data aplikací\Identities
2013-05-08 18:58 . 2013-05-08 18:59 -------- d-----w- c:\documents and settings\Honzik\Data aplikací\Erivz
2013-05-08 18:58 . 2013-05-08 18:58 -------- d-----w- c:\documents and settings\Honzik\Data aplikací\Meyqi
2013-05-08 18:58 . 2013-05-08 18:58 -------- d-----w- c:\documents and settings\Honzik\Data aplikací\Isbo
2013-05-07 19:07 . 2013-05-07 19:07 -------- d-----w- c:\program files\Common Files\Skype
2013-04-24 15:52 . 2013-04-24 15:52 -------- d-----w- c:\windows\system32\wbem\Repository
2013-04-18 19:11 . 2013-04-18 19:11 -------- d-----w- c:\program files\trend micro
2013-04-18 19:11 . 2013-04-18 19:11 -------- d-----w- C:\rsit
2013-04-16 17:25 . 2013-04-19 13:23 -------- d-sh--r- c:\documents and settings\Honzik\Data aplikací\System32
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Omfyhi"="c:\documents and settings\Honzik\Data aplikací\Meyqi\xukuy.exe" [2012-04-24 226816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Jet Detection"="c:\program files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 28672]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-10-20 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-02-23 1297728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-03-01 18:43 90112 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
2003-06-09 02:07 28672 ----a-w- c:\windows\system32\CTHELPER.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX100 Series]
2008-02-05 15:00 188928 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIEDE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Vietcong\\vietcong.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Documents and Settings\\Honzik\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"Client Server Runtime Process"= c:\documents and settings\Honzik\Data aplikací\System32\csrss.exe
"Host-process Windows (Rundll32.exe)"= c:\documents and settings\Honzik\Data aplikací\csrss.exe
"Service Host Process for Windows"= c:\documents and settings\Honzik\Data aplikací\System32\svchost.exe
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1.1.2010 21:58 685816]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31.12.2009 19:57 114768]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [23.2.2013 17:54 805752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31.12.2009 21:37 20560]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [3.7.2012 12:46 47616]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 V1310VID;1.3M DigitalCAM;c:\windows\system32\drivers\V1310vid.sys [23.10.2011 17:04 434784]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-30 c:\windows\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-10-20 08:21]
.
2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 10:52]
.
2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-31 10:52]
.
2013-05-08 c:\windows\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout položku pomocí FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Stáhnout všechny položky pomocí FlashGet - c:\program files\FlashGet\jc_all.htm
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-Cmaudio - cmicnfg.cpl
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-08 21:39
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(884)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msls31.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-05-08 21:44:19
ComboFix-quarantined-files.txt 2013-05-08 19:44
ComboFix2.txt 2013-04-20 20:07
ComboFix3.txt 2013-04-19 13:27
.
Před spuštěním: Volných bajtů: 24 337 080 320
Po spuštění: Volných bajtů: 24 407 928 832
.
- - End Of File - - 7861ACEE1E0164587C12EDE8257445A5
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Avast - sítový štít
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Avast - sítový štít
Zdravim 
Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?
licencni podminky hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)? licencni podminky hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby" Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Avast - sítový štít
no pěkný s CF pracovat neumím,ale jednou jsem tu řešil nějaký problém s kterym mi pomáhal zdejší admin měl jsem si stáhnout tento progral kvuli logu a tak jsem si myslel že ho mám použít i teˇˇd.No asi chyba nebo ne?Mám pocit že ty licenční podmínky mám nanglicky,ale nejsem si jestej,a angl. já neumět a neznalost zákona neomlouvá,já vim,poradíte mi??
s CF pracovat neumím,ale jednou jsem tu řešil nějaký problém s kterym mi pomáhal zdejší admin měl jsem si stáhnout tento progral kvuli logu a tak jsem si myslel že ho mám použít i teˇˇd.No asi chyba nebo ne?Mám pocit že ty licenční podmínky mám nanglicky,ale nejsem si jestej,a angl. já neumět a neznalost zákona neomlouvá,já vim,poradíte mi??Re: Avast - sítový štít
Ano, CF tu doporucujeme pouzivat ale az na nas pokyn... Jelikoz je log z CF cesky, musely byt i licencni podminky cesky a kdyby ne, pravidla fora cesky jsou Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Avast - sítový štít
ok,zkusim,ale bohužel nevím jestli XP jsou 64bit operační systém 
Re: Avast - sítový štít
Dle logu z CF mate 32bit, takze ta moznost pro 64-bit tam nepujde
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Avast - sítový štít
při prohledávání OTL jsem měl spuštěnou rezidentní ochranu a našlo to trojskýho koně,u CF to chtělo abych rezidentní ochranu vypínal.Může to mít nějakou spojitost že by třeba Avast bral OTL jako vir?
OTL log
OTL logfile created on: 11.5.2013 13:20:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Honzik\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 302,70 Mb Available Physical Memory | 29,58% Memory free
2,40 Gb Paging File | 1,50 Gb Available in Paging File | 62,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 22,69 Gb Free Space | 15,23% Space Free | Partition Type: NTFS
Computer Name: SEABEES | User Name: Honzik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.05.11 13:09:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honzik\Plocha\OTL.exe
PRC - [2013.02.23 20:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe
PRC - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2006.09.14 18:29:48 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.09.14 01:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004.08.18 00:49:11 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Honzik\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (agk7rnnq)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.01 21:58:59 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.07.15 06:20:10 | 004,407,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.07.13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005.04.20 10:44:12 | 000,124,672 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
DRV - [2004.08.04 08:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.11.13 20:19:48 | 000,210,304 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003.11.13 20:18:36 | 000,679,808 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003.11.13 20:17:00 | 001,042,816 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003.06.09 03:45:04 | 000,116,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003.06.09 03:44:52 | 000,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003.06.09 03:44:36 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003.06.09 03:44:32 | 000,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003.06.09 03:44:22 | 000,494,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2003.06.09 03:42:58 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003.06.09 03:42:44 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003.06.09 03:42:28 | 000,819,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003.03.05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002.08.12 17:20:22 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023k.sys -- (USB_RNDIS)
DRV - [2002.08.05 10:27:32 | 000,434,784 | R--- | M] (Unknown) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V1310vid.sys -- (V1310VID)
DRV - [2001.08.17 22:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes,DefaultScope = {9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}: "URL" = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}: "URL" = http://us.yhs4.search.yahoo.com/yhs/sea ... earchTerms}
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
O1 HOSTS File: ([2013.04.20 22:00:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll File not found
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll File not found
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O3 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-789336058-1202660629-725345543-1004..\Run: [Omfyhi] C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Stáhnout položku pomocí FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Stáhnout všechny položky pomocí FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2283545140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC9D07EE-EE15-4449-85E0-D5ADC5598EDE}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.31 19:10:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ctmp3 - C:\WINDOWS\system32\ctmp3.acm (Creative Technology Ltd.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\Dvc.dll (Adaptec)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VQC5 - C:\WINDOWS\System32\V1310dec.dll ( )
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.05.11 13:09:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honzik\Plocha\OTL.exe
[2013.05.08 21:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities
[2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi
[2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo
[2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz
[2013.05.07 21:07:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.05.07 21:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.05.11 13:23:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.11 13:20:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.11 13:09:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honzik\Plocha\OTL.exe
[2013.05.11 11:14:48 | 003,386,255 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-0000000B-00001102-00000002-80671102}.CDF
[2013.05.11 11:14:48 | 003,386,255 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-0000000B-00001102-00000002-80671102}.BAK
[2013.05.11 10:07:24 | 000,468,596 | ---- | M] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00495.jpg
[2013.05.11 10:07:11 | 000,480,194 | ---- | M] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00496.jpg
[2013.05.11 10:06:31 | 000,814,002 | ---- | M] () -- C:\Documents and Settings\Honzik\Dokumenty\007.jpg
[2013.05.11 08:27:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.11 08:26:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.10 20:51:43 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
[2013.05.10 20:46:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.08 21:18:44 | 005,067,786 | R--- | M] (Swearware) -- C:\Documents and Settings\Honzik\Plocha\ComboFix.exe
[2013.05.07 21:07:49 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.05.04 17:30:48 | 000,142,848 | ---- | M] () -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.04 17:08:59 | 000,000,131 | ---- | M] () -- C:\Documents and Settings\Honzik\default.pls
[2013.05.04 17:08:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.11 13:23:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.11 10:07:23 | 000,468,596 | ---- | C] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00495.jpg
[2013.05.11 10:07:11 | 000,480,194 | ---- | C] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00496.jpg
[2013.05.11 10:06:31 | 000,814,002 | ---- | C] () -- C:\Documents and Settings\Honzik\Dokumenty\007.jpg
[2013.05.07 21:07:49 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.04.19 15:12:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.04.19 15:12:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.04.19 15:12:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.04.19 15:12:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.04.19 15:12:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.01.24 19:16:32 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2013.01.24 19:16:22 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\Fpl.dll
[2013.01.24 19:16:21 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2013.01.24 19:16:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2013.01.24 19:16:21 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2012.11.21 11:24:46 | 000,663,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.10.30 21:27:55 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Honzik\Data aplikací\Adobe Formát BMP CS5 – předvolby
[2012.05.08 10:39:11 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2011.11.03 17:44:39 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\tcusbdrv.dll
[2011.10.23 17:04:35 | 000,102,400 | R--- | C] () -- C:\WINDOWS\VQFLICK.exe
[2011.10.23 17:04:34 | 000,225,741 | R--- | C] () -- C:\WINDOWS\98sysupd.exe
[2011.10.23 17:04:33 | 000,028,672 | R--- | C] () -- C:\WINDOWS\vqsetup.dll
[2011.10.23 17:04:31 | 000,074,105 | R--- | C] () -- C:\WINDOWS\System32\V1310LOC.exe
[2011.10.23 17:04:30 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\unV1310.exe
[2011.10.23 17:04:29 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\V1310dec.dll
[2010.03.24 23:01:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Honzik\jagex__preferences3.dat
[2010.01.10 17:27:55 | 000,000,099 | ---- | C] () -- C:\Documents and Settings\Honzik\jagex_runescape_preferences2.dat
[2010.01.10 17:27:49 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\Honzik\jagex_runescape_preferences.dat
[2010.01.02 15:19:07 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Honzik\Data aplikací\PnkBstrK.sys
[2010.01.01 23:20:13 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Honzik\default.pls
[2010.01.01 21:10:44 | 000,142,848 | ---- | C] () -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2012.11.21 11:20:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006.09.23 14:12:34 | 001,497,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004.08.18 00:49:19 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.07.09 19:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\529C5327000441090003E6D02830ACA8
[2010.06.07 11:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2013.01.24 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MGI
[2012.10.20 10:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.10.15 19:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.07 12:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2012.07.09 17:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2012.05.30 20:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
[2011.08.12 16:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\EPSON
[2013.05.08 22:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz
[2012.04.14 23:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\ICQ
[2009.12.31 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\InterTrust
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi
[2013.01.24 19:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\MGI
[2010.01.01 22:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Nokia Multimedia Player
[2010.01.07 00:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\progeSOFT
[2013.03.13 12:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Search Settings
[2012.10.20 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.04.19 15:23:35 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Honzik\Data aplikací\System32
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.12.31 19:08:28 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.31 19:10:12 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.01.04 11:36:43 | 000,000,468 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
[2011.01.31 12:52:24 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.31 12:52:24 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.20 11:41:55 | 000,000,344 | ---- | C] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job
< >
< MD5 for: ATAPI.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2004.08.04 07:59:19 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 07:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.04 07:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\HAL.DLL
< MD5 for: SCECLI.DLL >
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\erdnt\cache\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\services.exe
[2004.08.18 00:49:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2004.08.18 00:49:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
< MD5 for: SVCHOST.EXE >
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\erdnt\cache\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2GDR\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2002.09.23 14:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtUninstallKB917953_0$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.04 08:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.04 08:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\erdnt\cache\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.20 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Adobe
[2012.10.20 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Adobe Mini Bridge CS5
[2010.05.05 17:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Ahead
[2012.11.21 12:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Corel
[2009.12.31 19:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Creative
[2011.11.27 17:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\CyberLink
[2011.08.12 16:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\EPSON
[2013.05.08 22:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz
[2011.01.31 12:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Google
[2012.04.14 23:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\ICQ
[2009.12.31 19:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Identities
[2010.01.20 13:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\InstallShield
[2009.12.31 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\InterTrust
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo
[2010.01.01 21:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Macromedia
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi
[2013.01.24 19:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\MGI
[2013.05.08 21:00:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honzik\Data aplikací\Microsoft
[2010.01.01 22:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Nokia Multimedia Player
[2010.01.07 00:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\progeSOFT
[2013.03.13 12:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Search Settings
[2013.05.07 21:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Skype
[2011.07.03 17:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\skypePM
[2012.10.20 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.01.05 00:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Sun
[2013.04.19 15:23:35 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Honzik\Data aplikací\System32
< %APPDATA%\*.exe /s >
[2012.04.24 21:53:19 | 000,226,816 | ---- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe
[2013.04.16 19:24:57 | 000,119,296 | RHS- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe
[2013.04.16 19:24:57 | 000,119,296 | RHS- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\System32\rundll32.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2013.04.30 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job
[2013.05.11 08:27:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.11 13:20:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.10 20:51:43 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.01 21:58:59 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.12.31 20:03:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.31 20:03:05 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.31 20:03:05 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\system32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\system32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\system32\BMXState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\system32\BMXStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\system32\settings.sfm
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\system32\settingsbkup.sfm
[2013.05.10 20:46:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Omfyhi" = "C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe" -- [2012.04.24 21:53:19 | 000,226,816 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.18 00:49:22 | 000,015,360 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.11 13:23:40 | 000,000,512 | ---- | M] () MD5=2598FDEFDCD531A6A4C1DBD8D7244E33 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2009.09.18 12:10:09 | 002,178,644 | ---- | M] () -- \Documents and Settings\Honzik\Dokumenty\Hudba\David Bowie\nezálohováno\Alladin Sane\05_david_bowie_cracked_actor.mp3
[2012.05.13 11:35:41 | 006,633,918 | ---- | M] () -- \Documents and Settings\Honzik\Dokumenty\Hudba\David Bowie\nezálohováno\Tin Machine\04_david_bowie_crack_city.mp3
[2005.03.08 12:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X5\Custom Data\Bumpmap\Cracks.cpt
[2008.07.14 11:02:56 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X5\Custom Data\Canvas\cracks2c.bmp
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
< *keygen* /s >
[2005.12.04 16:03:34 | 000,071,680 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\clone DVD\CloneDVD 1.3.10.1 CZ + crack\o-edvd13\Keygen-CloneDVD.exe
[2012.11.21 12:35:26 | 553,849,526 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\corel draw\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.rar
[2007.09.19 18:53:22 | 000,142,336 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\Keygen power dvd7\Keygen.exe
[2012.10.21 00:39:16 | 000,063,365 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\photoshop\keygen_photoshop_CS5.exe
[2005.12.02 18:27:33 | 000,232,064 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\Power DVD6\PowerDVD6-Keygen.zip
[2012.11.21 12:41:00 | 000,000,602 | ---- | M] () -- \Documents and Settings\Honzik\Recent\CorelDRAW X5 CZ+Keygen.lnk
[2013.02.24 20:24:43 | 000,000,980 | ---- | M] () -- \Documents and Settings\Honzik\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!! (2).lnk
[2012.11.21 12:02:45 | 000,000,812 | ---- | M] () -- \Documents and Settings\Honzik\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.lnk
< *loader* /s >
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2012.07.09 17:34:35 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader\YTD Video Downloader Help.url
[2012.07.09 17:34:35 | 000,001,753 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader\YTD Video Downloader.lnk
[2012.07.09 17:34:34 | 000,000,833 | ---- | M] () -- \Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.05.11 12:36:55 | 000,000,219 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\2YAJISE3\uploader[1].htm
[2013.05.11 12:40:15 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\2YAJISE3\uploader[2].htm
[2013.05.11 12:38:12 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\69RDREW3\uploader[1].htm
[2013.05.11 12:41:49 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\69RDREW3\uploader[2].htm
[2013.05.11 12:37:56 | 000,000,219 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\EIA2KVU6\uploader[1].htm
[2013.05.11 12:40:46 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\EIA2KVU6\uploader[2].htm
[2013.05.11 12:35:50 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\U8WUDPG4\uploader[1].htm
[2013.05.11 12:38:36 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\U8WUDPG4\uploader[2].htm
[2013.05.11 12:41:59 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\U8WUDPG4\uploader[3].htm
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2000.07.17 10:08:36 | 000,077,824 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4CatalogLoader.dll
[2000.07.17 10:50:02 | 000,114,688 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderBMP.dll
[2000.07.17 10:51:48 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderEPS.dll
[2000.07.17 10:53:48 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderFPX.dll
[2001.09.24 14:25:26 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderGIF.dll
[2000.07.17 10:57:58 | 000,073,728 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderIMG.dll
[2000.07.17 11:01:32 | 000,212,992 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderJPG.dll
[2000.07.17 11:07:08 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderKQP.dll
[2000.07.17 11:09:06 | 000,102,400 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderMSC.dll
[2000.07.17 11:05:14 | 000,094,208 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPCD.dll
[2000.07.17 11:10:56 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPCX.dll
[2000.07.17 11:12:58 | 000,167,936 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPNG.dll
[2000.07.17 11:14:52 | 000,065,536 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPSD.dll
[2000.07.17 11:16:44 | 000,110,592 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderRAS.dll
[2000.07.17 11:18:44 | 000,110,592 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderSFW.dll
[2000.07.17 11:20:40 | 000,630,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderSTNG.dll
[2000.07.17 11:22:32 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderTemp.dll
[2000.07.17 11:24:24 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderTGA.dll
[2001.09.24 14:27:00 | 000,143,360 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderTIFF.dll
[2000.07.17 11:28:52 | 000,081,920 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderWav.dll
[2000.07.17 11:30:42 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderWMF.dll
[2000.07.17 12:55:10 | 000,081,920 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4PhotonetUploader.dll
[2000.07.17 13:00:18 | 000,180,224 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4PSFLoader.dll
[2008.07.30 11:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2008.07.29 04:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2011.04.06 01:22:14 | 000,012,688 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\ReflectionLoader.dll
[2003.09.15 14:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003.09.15 13:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\models\loader.mdl
[2003.09.15 13:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 13:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2007.10.23 17:52:22 | 000,114,688 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.23 17:52:22 | 000,069,632 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.23 17:52:22 | 000,102,400 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2011.04.07 15:48:18 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.04.07 15:48:19 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.04.07 15:48:18 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.16 20:39:18 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.04.07 15:49:38 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.04.07 15:49:37 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2005.06.07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 00:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.04 07:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.04 07:59:37 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2004.08.18 00:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2004.08.04 07:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2004.08.18 00:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< End of report >
OTL log
OTL logfile created on: 11.5.2013 13:20:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Honzik\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 302,70 Mb Available Physical Memory | 29,58% Memory free
2,40 Gb Paging File | 1,50 Gb Available in Paging File | 62,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 22,69 Gb Free Space | 15,23% Space Free | Partition Type: NTFS
Computer Name: SEABEES | User Name: Honzik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.05.11 13:09:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honzik\Plocha\OTL.exe
PRC - [2013.02.23 20:16:58 | 001,297,728 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) -- C:\WINDOWS\system32\LGScsiCommandService.exe
PRC - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.11.25 01:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2006.09.14 18:29:48 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.09.14 01:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2004.08.18 00:49:11 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2010.04.12 05:01:42 | 000,047,616 | R--- | M] (Mobile Leader Co.,Ltd.) [Auto | Running] -- C:\WINDOWS\system32\LGScsiCommandService.exe -- (LGScsiCommandService)
SRV - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.25 01:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 01:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 01:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 01:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Honzik\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (agk7rnnq)
DRV - [2010.01.21 01:59:58 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.01.21 01:59:56 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.01.21 01:59:56 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.01.01 21:58:59 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.11.25 01:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 01:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 01:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2009.09.15 13:56:14 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.09.15 13:55:30 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.09.15 13:55:19 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.07.15 06:20:10 | 004,407,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.07.13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2005.04.20 10:44:12 | 000,124,672 | R--- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SiSGbeXP.sys -- (SiSGbeXP)
DRV - [2004.08.04 08:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.11.13 20:19:48 | 000,210,304 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003.11.13 20:18:36 | 000,679,808 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003.11.13 20:17:00 | 001,042,816 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003.06.09 03:45:04 | 000,116,416 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2003.06.09 03:44:52 | 000,136,448 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2003.06.09 03:44:36 | 000,006,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2003.06.09 03:44:32 | 000,113,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2003.06.09 03:44:22 | 000,494,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2003.06.09 03:42:58 | 000,186,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2003.06.09 03:42:44 | 000,135,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HAP16V2K.SYS -- (hap16v2k)
DRV - [2003.06.09 03:42:28 | 000,819,984 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2003.03.05 13:19:28 | 000,015,840 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PFMODNT.SYS -- (PfModNT)
DRV - [2002.08.12 17:20:22 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023k.sys -- (USB_RNDIS)
DRV - [2002.08.05 10:27:32 | 000,434,784 | R--- | M] (Unknown) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V1310vid.sys -- (V1310VID)
DRV - [2001.08.17 22:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes,DefaultScope = {9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}: "URL" = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}: "URL" = http://us.yhs4.search.yahoo.com/yhs/sea ... earchTerms}
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
O1 HOSTS File: ([2013.04.20 22:00:00 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll File not found
O2 - BHO: (IeCatch2 Class) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\Jccatch.dll (Amaze Soft)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll File not found
O3 - HKLM\..\Toolbar: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O3 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\Toolbar\WebBrowser: (&S-Rank) - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll (Seznam.cz a.s.)
O3 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKU\S-1-5-21-789336058-1202660629-725345543-1004..\Run: [Omfyhi] C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Stáhnout položku pomocí FlashGet - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: Stáhnout všechny položky pomocí FlashGet - C:\Program Files\FlashGet\jc_all.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O9 - Extra 'Tools' menuitem : &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (Amaze Soft)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 2283545140 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC9D07EE-EE15-4449-85E0-D5ADC5598EDE}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.31 19:10:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ctmp3 - C:\WINDOWS\system32\ctmp3.acm (Creative Technology Ltd.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\Dvc.dll (Adaptec)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VQC5 - C:\WINDOWS\System32\V1310dec.dll ( )
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.05.11 13:09:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Honzik\Plocha\OTL.exe
[2013.05.08 21:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities
[2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi
[2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo
[2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz
[2013.05.07 21:07:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.05.07 21:07:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2013.05.11 13:23:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.11 13:20:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.11 13:09:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Honzik\Plocha\OTL.exe
[2013.05.11 11:14:48 | 003,386,255 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-0000000B-00001102-00000002-80671102}.CDF
[2013.05.11 11:14:48 | 003,386,255 | ---- | M] () -- C:\WINDOWS\{00000000-00000000-0000000B-00001102-00000002-80671102}.BAK
[2013.05.11 10:07:24 | 000,468,596 | ---- | M] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00495.jpg
[2013.05.11 10:07:11 | 000,480,194 | ---- | M] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00496.jpg
[2013.05.11 10:06:31 | 000,814,002 | ---- | M] () -- C:\Documents and Settings\Honzik\Dokumenty\007.jpg
[2013.05.11 08:27:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.11 08:26:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.10 20:51:43 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
[2013.05.10 20:46:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.08 21:18:44 | 005,067,786 | R--- | M] (Swearware) -- C:\Documents and Settings\Honzik\Plocha\ComboFix.exe
[2013.05.07 21:07:49 | 000,001,896 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.05.04 17:30:48 | 000,142,848 | ---- | M] () -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.04 17:08:59 | 000,000,131 | ---- | M] () -- C:\Documents and Settings\Honzik\default.pls
[2013.05.04 17:08:59 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.11 13:23:40 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.11 10:07:23 | 000,468,596 | ---- | C] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00495.jpg
[2013.05.11 10:07:11 | 000,480,194 | ---- | C] () -- C:\Documents and Settings\Honzik\Dokumenty\DSC00496.jpg
[2013.05.11 10:06:31 | 000,814,002 | ---- | C] () -- C:\Documents and Settings\Honzik\Dokumenty\007.jpg
[2013.05.07 21:07:49 | 000,001,896 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.04.19 15:12:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.04.19 15:12:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.04.19 15:12:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.04.19 15:12:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.04.19 15:12:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.01.24 19:16:32 | 000,000,002 | ---- | C] () -- C:\WINDOWS\PhotoSuite.ini
[2013.01.24 19:16:22 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\Fpl.dll
[2013.01.24 19:16:21 | 000,332,800 | ---- | C] () -- C:\WINDOWS\System32\FPXLIB.DLL
[2013.01.24 19:16:21 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\JPEGLIB.DLL
[2013.01.24 19:16:21 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\CPUINF32.DLL
[2012.11.21 11:24:46 | 000,663,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.10.30 21:27:55 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Honzik\Data aplikací\Adobe Formát BMP CS5 – předvolby
[2012.05.08 10:39:11 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2011.11.03 17:44:39 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\tcusbdrv.dll
[2011.10.23 17:04:35 | 000,102,400 | R--- | C] () -- C:\WINDOWS\VQFLICK.exe
[2011.10.23 17:04:34 | 000,225,741 | R--- | C] () -- C:\WINDOWS\98sysupd.exe
[2011.10.23 17:04:33 | 000,028,672 | R--- | C] () -- C:\WINDOWS\vqsetup.dll
[2011.10.23 17:04:31 | 000,074,105 | R--- | C] () -- C:\WINDOWS\System32\V1310LOC.exe
[2011.10.23 17:04:30 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\unV1310.exe
[2011.10.23 17:04:29 | 000,131,072 | R--- | C] ( ) -- C:\WINDOWS\System32\V1310dec.dll
[2010.03.24 23:01:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Honzik\jagex__preferences3.dat
[2010.01.10 17:27:55 | 000,000,099 | ---- | C] () -- C:\Documents and Settings\Honzik\jagex_runescape_preferences2.dat
[2010.01.10 17:27:49 | 000,000,046 | ---- | C] () -- C:\Documents and Settings\Honzik\jagex_runescape_preferences.dat
[2010.01.02 15:19:07 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Honzik\Data aplikací\PnkBstrK.sys
[2010.01.01 23:20:13 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Honzik\default.pls
[2010.01.01 21:10:44 | 000,142,848 | ---- | C] () -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2012.11.21 11:20:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2006.09.23 14:12:34 | 001,497,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004.08.18 00:49:19 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.07.09 19:08:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\529C5327000441090003E6D02830ACA8
[2010.06.07 11:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2013.01.24 19:44:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MGI
[2012.10.20 10:47:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.10.15 19:45:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.07 12:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2012.07.09 17:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD Video Downloader
[2012.05.30 20:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
[2011.08.12 16:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\EPSON
[2013.05.08 22:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz
[2012.04.14 23:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\ICQ
[2009.12.31 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\InterTrust
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi
[2013.01.24 19:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\MGI
[2010.01.01 22:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Nokia Multimedia Player
[2010.01.07 00:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\progeSOFT
[2013.03.13 12:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Search Settings
[2012.10.20 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.04.19 15:23:35 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Honzik\Data aplikací\System32
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.12.31 19:08:28 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.31 19:10:12 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.01.04 11:36:43 | 000,000,468 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
[2011.01.31 12:52:24 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.31 12:52:24 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.10.20 11:41:55 | 000,000,344 | ---- | C] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job
< >
< MD5 for: ATAPI.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.04 07:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2004.08.18 00:49:21 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
< MD5 for: CDROM.SYS >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2004.08.04 07:59:52 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2004.08.18 00:49:22 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2002.09.23 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.12.31 21:00:52 | 022,286,602 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2009.12.31 23:14:46 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2004.08.04 07:59:19 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 07:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.04 07:59:09 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\HAL.DLL
< MD5 for: SCECLI.DLL >
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.18 00:49:16 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 11:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\$hf_mig$\KB956572\SP2QFE\services.exe
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\erdnt\cache\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\system32\services.exe
[2004.08.18 00:49:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2004.08.18 00:49:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\$hf_mig$\KB956572\SP3GDR\services.exe
< MD5 for: SVCHOST.EXE >
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\erdnt\cache\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.18 00:49:27 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2GDR\tcpip.sys
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2002.09.23 14:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtUninstallKB917953_0$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004.08.04 08:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2004.08.04 08:14:40 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\erdnt\cache\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.18 00:49:27 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.18 00:49:27 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.10.20 19:44:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Adobe
[2012.10.20 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Adobe Mini Bridge CS5
[2010.05.05 17:51:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Ahead
[2012.11.21 12:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Corel
[2009.12.31 19:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Creative
[2011.11.27 17:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\CyberLink
[2011.08.12 16:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\EPSON
[2013.05.08 22:42:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz
[2011.01.31 12:53:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Google
[2012.04.14 23:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\ICQ
[2009.12.31 19:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Identities
[2010.01.20 13:04:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\InstallShield
[2009.12.31 19:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\InterTrust
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo
[2010.01.01 21:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Macromedia
[2013.05.08 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi
[2013.01.24 19:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\MGI
[2013.05.08 21:00:06 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Honzik\Data aplikací\Microsoft
[2010.01.01 22:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Nokia Multimedia Player
[2010.01.07 00:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\progeSOFT
[2013.03.13 12:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Search Settings
[2013.05.07 21:10:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Skype
[2011.07.03 17:51:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\skypePM
[2012.10.20 11:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.01.05 00:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Sun
[2013.04.19 15:23:35 | 000,000,000 | RHSD | M] -- C:\Documents and Settings\Honzik\Data aplikací\System32
< %APPDATA%\*.exe /s >
[2012.04.24 21:53:19 | 000,226,816 | ---- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe
[2013.04.16 19:24:57 | 000,119,296 | RHS- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe
[2013.04.16 19:24:57 | 000,119,296 | RHS- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\System32\rundll32.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2013.04.30 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job
[2013.05.11 08:27:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.11 13:20:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.10 20:51:43 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.01 21:58:59 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2009.12.31 20:03:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.31 20:03:05 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.31 20:03:05 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\system32\BMXBkpCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,029,004 | ---- | M] () -- C:\WINDOWS\system32\BMXCtrlState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\system32\BMXState-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,017,860 | ---- | M] () -- C:\WINDOWS\system32\BMXStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.rfx
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.11 00:03:13 | 000,000,288 | ---- | M] () -- C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000B-00001102-00000002-80671102}.dat
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\system32\settings.sfm
[2013.05.11 00:03:13 | 000,001,080 | ---- | M] () -- C:\WINDOWS\system32\settingsbkup.sfm
[2013.05.10 20:46:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Omfyhi" = "C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe" -- [2012.04.24 21:53:19 | 000,226,816 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.18 00:49:22 | 000,015,360 | ---- | M] (Microsoft Corporation)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.11 13:23:40 | 000,000,512 | ---- | M] () MD5=2598FDEFDCD531A6A4C1DBD8D7244E33 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2009.09.18 12:10:09 | 002,178,644 | ---- | M] () -- \Documents and Settings\Honzik\Dokumenty\Hudba\David Bowie\nezálohováno\Alladin Sane\05_david_bowie_cracked_actor.mp3
[2012.05.13 11:35:41 | 006,633,918 | ---- | M] () -- \Documents and Settings\Honzik\Dokumenty\Hudba\David Bowie\nezálohováno\Tin Machine\04_david_bowie_crack_city.mp3
[2005.03.08 12:30:56 | 000,092,827 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X5\Custom Data\Bumpmap\Cracks.cpt
[2008.07.14 11:02:56 | 000,017,870 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X5\Custom Data\Canvas\cracks2c.bmp
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
< *keygen* /s >
[2005.12.04 16:03:34 | 000,071,680 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\clone DVD\CloneDVD 1.3.10.1 CZ + crack\o-edvd13\Keygen-CloneDVD.exe
[2012.11.21 12:35:26 | 553,849,526 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\corel draw\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.rar
[2007.09.19 18:53:22 | 000,142,336 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\Keygen power dvd7\Keygen.exe
[2012.10.21 00:39:16 | 000,063,365 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\photoshop\keygen_photoshop_CS5.exe
[2005.12.02 18:27:33 | 000,232,064 | ---- | M] () -- \Documents and Settings\Honzik\Plocha\Downloads\Power DVD6\PowerDVD6-Keygen.zip
[2012.11.21 12:41:00 | 000,000,602 | ---- | M] () -- \Documents and Settings\Honzik\Recent\CorelDRAW X5 CZ+Keygen.lnk
[2013.02.24 20:24:43 | 000,000,980 | ---- | M] () -- \Documents and Settings\Honzik\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!! (2).lnk
[2012.11.21 12:02:45 | 000,000,812 | ---- | M] () -- \Documents and Settings\Honzik\Recent\CorelDRAW-X5-CZ+Keygen+CZ-návod-jak-správně-instalovat!!!.lnk
< *loader* /s >
[2013.02.20 16:28:38 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.02.20 16:28:38 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.02.20 16:28:38 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2012.07.09 17:34:35 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader\YTD Video Downloader Help.url
[2012.07.09 17:34:35 | 000,001,753 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YTD Video Downloader\YTD Video Downloader.lnk
[2012.07.09 17:34:34 | 000,000,833 | ---- | M] () -- \Documents and Settings\All Users\Plocha\YTD Video Downloader.lnk
[2013.05.11 12:36:55 | 000,000,219 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\2YAJISE3\uploader[1].htm
[2013.05.11 12:40:15 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\2YAJISE3\uploader[2].htm
[2013.05.11 12:38:12 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\69RDREW3\uploader[1].htm
[2013.05.11 12:41:49 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\69RDREW3\uploader[2].htm
[2013.05.11 12:37:56 | 000,000,219 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\EIA2KVU6\uploader[1].htm
[2013.05.11 12:40:46 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\EIA2KVU6\uploader[2].htm
[2013.05.11 12:35:50 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\U8WUDPG4\uploader[1].htm
[2013.05.11 12:38:36 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\U8WUDPG4\uploader[2].htm
[2013.05.11 12:41:59 | 000,000,215 | ---- | M] () -- \Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\U8WUDPG4\uploader[3].htm
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2000.07.17 10:08:36 | 000,077,824 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4CatalogLoader.dll
[2000.07.17 10:50:02 | 000,114,688 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderBMP.dll
[2000.07.17 10:51:48 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderEPS.dll
[2000.07.17 10:53:48 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderFPX.dll
[2001.09.24 14:25:26 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderGIF.dll
[2000.07.17 10:57:58 | 000,073,728 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderIMG.dll
[2000.07.17 11:01:32 | 000,212,992 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderJPG.dll
[2000.07.17 11:07:08 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderKQP.dll
[2000.07.17 11:09:06 | 000,102,400 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderMSC.dll
[2000.07.17 11:05:14 | 000,094,208 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPCD.dll
[2000.07.17 11:10:56 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPCX.dll
[2000.07.17 11:12:58 | 000,167,936 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPNG.dll
[2000.07.17 11:14:52 | 000,065,536 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderPSD.dll
[2000.07.17 11:16:44 | 000,110,592 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderRAS.dll
[2000.07.17 11:18:44 | 000,110,592 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderSFW.dll
[2000.07.17 11:20:40 | 000,630,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderSTNG.dll
[2000.07.17 11:22:32 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderTemp.dll
[2000.07.17 11:24:24 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderTGA.dll
[2001.09.24 14:27:00 | 000,143,360 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderTIFF.dll
[2000.07.17 11:28:52 | 000,081,920 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderWav.dll
[2000.07.17 11:30:42 | 000,118,784 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4FormatLoaderWMF.dll
[2000.07.17 12:55:10 | 000,081,920 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4PhotonetUploader.dll
[2000.07.17 13:00:18 | 000,180,224 | ---- | M] () -- \Program Files\Common Files\MGI Shared\Photo\PS4PSFLoader.dll
[2008.07.30 11:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2008.07.29 04:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2011.04.06 01:22:14 | 000,012,688 | ---- | M] () -- \Program Files\Corel\CorelDRAW Graphics Suite X5\Programs\ReflectionLoader.dll
[2003.09.15 14:02:00 | 000,169,384 | ---- | M] () -- \Program Files\Counter-Strike 1.6\cstrike\models\qloader.mdl
[2003.09.15 13:55:50 | 000,352,548 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\models\loader.mdl
[2003.09.15 13:56:04 | 000,012,764 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_hydra1.wav
[2003.09.15 13:56:04 | 000,012,164 | ---- | M] () -- \Program Files\Counter-Strike 1.6\valve\sound\ambience\loader_step1.wav
[2007.10.23 17:52:22 | 000,114,688 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.23 17:52:22 | 000,069,632 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.23 17:52:22 | 000,102,400 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2011.04.07 15:48:18 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.04.07 15:48:19 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.04.07 15:48:18 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.16 20:39:18 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.04.07 15:49:38 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.04.07 15:49:37 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2005.06.07 13:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 00:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.04 07:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.04 07:59:37 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2004.08.18 00:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2004.08.04 07:59:37 | 000,230,400 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2004.08.18 00:49:04 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< End of report >
Re: Avast - sítový štít
Extras log
OTL Extras logfile created on: 11.5.2013 13:20:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Honzik\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 302,70 Mb Available Physical Memory | 29,58% Memory free
2,40 Gb Paging File | 1,50 Gb Available in Paging File | 62,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 22,69 Gb Free Space | 15,23% Space Free | Partition Type: NTFS
Computer Name: SEABEES | User Name: Honzik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Vietcong\vietcong.exe" = C:\Program Files\Vietcong\vietcong.exe:*:Enabled:vietcong -- ()
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"Client Server Runtime Process" = C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe -- ()
"Host-process Windows (Rundll32.exe)" = C:\Documents and Settings\Honzik\Data aplikací\csrss.exe
"Service Host Process for Windows" = C:\Documents and Settings\Honzik\Data aplikací\System32\svchost.exe
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Průzkumník Windows -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C1B3A6B-B467-474D-97E4-D8BAC3E839CD}" = YTD Toolbar v7.0
"{0D09E359-0C98-4D93-B6F9-1FF68ED4B27C}" = Nokia Multimedia Player
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 19
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{9115E7DB-3B29-445A-802D-11E0AA945B7F}" = Sound Blaster Live!
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B246C325-1C49-4572-8665-7691EFE1D06B}" = MGI VideoWave 4
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C75DCDD3-16CB-610E-E121-DEB798A61029}" = Nero 7 Demo
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Ad-aware 6 Personal" = Ad-aware 6 Personal
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AIDA32_is1" = AIDA32 v3.80
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BSPlayer1" = BSPlayer
"CAM-IN SUITE III" = CAM-IN SUITE III
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"Counter-Strike 1.6_is1" = Counter-Strike 1.6
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"FlashGet(JetCar)" = FlashGet(JetCar)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{0D09E359-0C98-4D93-B6F9-1FF68ED4B27C}" = Nokia Multimedia Player
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Language Pack for Ad-aware 6" = Language Pack for Ad-aware 6
"MGI_PRISM_V4_0" = MGI PhotoSuite 4 (Remove Only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"SMail" = Seznam Pošťák
"V1310" = 1.3M DigitalCAM
"Vietcong" = Vietcong
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR
"winusb0200" = Microsoft WinUsb 2.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JNLP" = JNLP
========== Last 20 Event Log Errors ==========
[ Antivirus Events ]
Error - 31.12.2009 16:18:56 | Computer Name = SEABEES | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://download.microsoft.com/download/ ... e_spcd.iso
failed, 0000001E.
Error - 18.11.2011 15:47:01 | Computer Name = SEABEES | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of K:\DCIM\100OLYMP\P7240131.JPG failed, 00000015.
[ Application Events ]
Error - 10.4.2013 4:29:18 | Computer Name = SEABEES | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module msxml3.dll, version 8.100.1050.0, stamp 4a727a44, debug? 0, fault
address 0x00005dfe.
Error - 11.4.2013 5:25:47 | Computer Name = SEABEES | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
AcroPDF.dll, verze 9.5.0.270, adresa chyby 0x00006d09.
Error - 24.4.2013 11:34:55 | Computer Name = SEABEES | Source = EventSystem | ID = 4614
Description = Systém událostí modelu COM+ zjistil nekonzistenci vnitřního stavu.
Výraz GetLastError() == 122L selhal na řádku 162 v d:\comxp_sp2\com\com1x\src\events\shared\sectools.cpp.
Obraťte se na služby odborné pomoci společnosti Microsoft a informujte je o této
chyb
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 15:16:59 | Computer Name = SEABEES | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 3.5.2013 6:19:19 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 5.5.2013 6:19:20 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 7.5.2013 11:53:20 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 8.5.2013 15:15:51 | Computer Name = SEABEES | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.34 pro síťovou kartu s adresou 0014855C1F09
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 9.5.2013 14:01:16 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
< End of report >
co teˇˇd?
OTL Extras logfile created on: 11.5.2013 13:20:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Honzik\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1023,48 Mb Total Physical Memory | 302,70 Mb Available Physical Memory | 29,58% Memory free
2,40 Gb Paging File | 1,50 Gb Available in Paging File | 62,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 22,69 Gb Free Space | 15,23% Space Free | Partition Type: NTFS
Computer Name: SEABEES | User Name: Honzik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()
"C:\Program Files\Vietcong\vietcong.exe" = C:\Program Files\Vietcong\vietcong.exe:*:Enabled:vietcong -- ()
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"Client Server Runtime Process" = C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe -- ()
"Host-process Windows (Rundll32.exe)" = C:\Documents and Settings\Honzik\Data aplikací\csrss.exe
"Service Host Process for Windows" = C:\Documents and Settings\Honzik\Data aplikací\System32\svchost.exe
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Průzkumník Windows -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0C1B3A6B-B467-474D-97E4-D8BAC3E839CD}" = YTD Toolbar v7.0
"{0D09E359-0C98-4D93-B6F9-1FF68ED4B27C}" = Nokia Multimedia Player
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 19
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{356658C7-8C60-4A43-AF50-75CA8E642934}" = CorelDRAW Graphics Suite X5 - CZ
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{5BE3BF62-D432-4D47-A712-CD4DF91CABFB}" = ZyXEL USB ADSL Modem/Router
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{9115E7DB-3B29-445A-802D-11E0AA945B7F}" = Sound Blaster Live!
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B246C325-1C49-4572-8665-7691EFE1D06B}" = MGI VideoWave 4
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C75DCDD3-16CB-610E-E121-DEB798A61029}" = Nero 7 Demo
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Ad-aware 6 Personal" = Ad-aware 6 Personal
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AIDA32_is1" = AIDA32 v3.80
"ATI Display Driver" = ATI Display Driver
"avast!" = avast! Antivirus
"BSPlayer1" = BSPlayer
"CAM-IN SUITE III" = CAM-IN SUITE III
"C-Media Audio Driver" = C-Media WDM Audio Driver
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"Counter-Strike 1.6_is1" = Counter-Strike 1.6
"EPSON Stylus SX100_TX100 Uživatelská příručka" = EPSON Stylus SX100_TX100 Manuál
"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall
"FlashGet(JetCar)" = FlashGet(JetCar)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{0D09E359-0C98-4D93-B6F9-1FF68ED4B27C}" = Nokia Multimedia Player
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Language Pack for Ad-aware 6" = Language Pack for Ad-aware 6
"MGI_PRISM_V4_0" = MGI PhotoSuite 4 (Remove Only)
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"SMail" = Seznam Pošťák
"V1310" = 1.3M DigitalCAM
"Vietcong" = Vietcong
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR
"winusb0200" = Microsoft WinUsb 2.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JNLP" = JNLP
========== Last 20 Event Log Errors ==========
[ Antivirus Events ]
Error - 31.12.2009 16:18:56 | Computer Name = SEABEES | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of http://download.microsoft.com/download/ ... e_spcd.iso
failed, 0000001E.
Error - 18.11.2011 15:47:01 | Computer Name = SEABEES | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of K:\DCIM\100OLYMP\P7240131.JPG failed, 00000015.
[ Application Events ]
Error - 10.4.2013 4:29:18 | Computer Name = SEABEES | Source = Microsoft Office 11 | ID = 1000
Description = Faulting application ois.exe, version 11.0.8161.0, stamp 46031e2f,
faulting module msxml3.dll, version 8.100.1050.0, stamp 4a727a44, debug? 0, fault
address 0x00005dfe.
Error - 11.4.2013 5:25:47 | Computer Name = SEABEES | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
AcroPDF.dll, verze 9.5.0.270, adresa chyby 0x00006d09.
Error - 24.4.2013 11:34:55 | Computer Name = SEABEES | Source = EventSystem | ID = 4614
Description = Systém událostí modelu COM+ zjistil nekonzistenci vnitřního stavu.
Výraz GetLastError() == 122L selhal na řádku 162 v d:\comxp_sp2\com\com1x\src\events\shared\sectools.cpp.
Obraťte se na služby odborné pomoci společnosti Microsoft a informujte je o této
chyb
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 14:51:04 | Computer Name = SEABEES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.
Error - 8.5.2013 15:16:59 | Computer Name = SEABEES | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.
[ System Events ]
Error - 3.5.2013 6:19:19 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 5.5.2013 6:19:20 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 7.5.2013 11:53:20 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 8.5.2013 15:15:51 | Computer Name = SEABEES | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.34 pro síťovou kartu s adresou 0014855C1F09
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 9.5.2013 14:01:16 | Computer Name = SEABEES | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
< End of report >
co teˇˇd?
Re: Avast - sítový štít
prosim o radu co s tim vsim mam teda delat?dekuju
Re: Avast - sítový štít
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - [2013.02.23 17:54:28 | 000,805,752 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\ctdvda2k.sys -- (ctdvda2k) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Honzik\LOCALS~1\Temp\catchme.sys -- (catchme) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (agk7rnnq) IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes,DefaultScope = {9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2} IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}: "URL" = http://search.seznam.cz/searchScreen?w={searchTerms}&mod=f IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}: "URL" = http://us.yhs4.search.yahoo.com/yhs/sea ... =937811&p={searchTerms} IE - HKU\S-1-5-21-789336058-1202660629-725345543-1004\..\SearchScopes\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKU\S-1-5-21-789336058-1202660629-725345543-1004..\Run: [Omfyhi] C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) [2013.05.08 21:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities [2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi [2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Isbo [2013.05.08 20:58:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Honzik\Data aplikací\Erivz [2013.05.04 17:30:48 | 000,142,848 | ---- | M] () -- C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.03.13 12:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\Search Settings [2013.01.24 19:16:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Honzik\Data aplikací\MGI [2012.04.24 21:53:19 | 000,226,816 | ---- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe [2013.04.16 19:24:57 | 000,119,296 | RHS- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe [2013.04.16 19:24:57 | 000,119,296 | RHS- | M] () -- C:\Documents and Settings\Honzik\Data aplikací\System32\rundll32.exe [2013.04.30 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job [2013.05.11 08:27:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [2013.05.11 13:20:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [2013.05.10 20:51:43 | 000,000,468 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job :files c:\Documents and Settings\Honzik\*keygen.* /s C:\Program Files\Common Files\Spigot C:\Program Files\Application Updater %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Avast - sítový štít
Zase mi to při opravování chyb našlo dva trojský koně.jinak háčky fungujou
All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service ctdvda2k stopped successfully!
Service ctdvda2k deleted successfully!
File System32\drivers\ctdvda2k.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\Honzik\LOCALS~1\Temp\catchme.sys not found.
Error: No service named agk7rnnq was found to stop!
Service\Driver key agk7rnnq not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Omfyhi deleted successfully.
C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities\{1ED63F3B-3E43-4FDD-9F7C-D7F7EF1DFE7F}\Microsoft\Outlook Express folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities\{1ED63F3B-3E43-4FDD-9F7C-D7F7EF1DFE7F}\Microsoft folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities\{1ED63F3B-3E43-4FDD-9F7C-D7F7EF1DFE7F} folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Meyqi folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Isbo folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Erivz folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\MGI\PhotoSuite4\Temp folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\MGI\PhotoSuite4 folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\MGI folder moved successfully.
File C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe not found.
C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\System32\rundll32.exe moved successfully.
C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job moved successfully.
========== FILES ==========
c:\Documents and Settings\Honzik\Plocha\Downloads\Keygen power dvd7\Keygen.exe moved successfully.
c:\Documents and Settings\Honzik\Plocha\Downloads\Power DVD6\PowerDVD6-Keygen.zip moved successfully.
c:\Documents and Settings\Honzik\Recent\CorelDRAW X5 CZ+Keygen.lnk moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot\GC folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002191_.tmp moved successfully.
C:\WINDOWS\005162_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Honzik
->Temp folder emptied: 6881763 bytes
->Temporary Internet Files folder emptied: 82294065 bytes
->Java cache emptied: 43629421 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 735314 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 218905 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 128,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Honzik
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: Honzik
->Java cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05132013_190621
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Honzik\Local Settings\Temp\~DF7565.tmp not found!
File\Folder C:\Documents and Settings\Honzik\Local Settings\Temp\~DF82A3.tmp not found!
C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\IACTZ53F\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\EIA2KVU6\afr[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_674.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
co teď?
All processes killed
========== OTL ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service ctdvda2k stopped successfully!
Service ctdvda2k deleted successfully!
File System32\drivers\ctdvda2k.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\Honzik\LOCALS~1\Temp\catchme.sys not found.
Error: No service named agk7rnnq was found to stop!
Service\Driver key agk7rnnq not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EE3D0D5-1BD8-465A-AAE9-AFACF24063AA}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B97D13A-2F45-46E2-AC13-53625F2DEC27}\ not found.
Registry key HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9619598D-DD8A-4DCD-9D9B-C72FCCB2ADB2}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-789336058-1202660629-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Omfyhi deleted successfully.
C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File Animation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab not found.
Starting removal of ActiveX control DirectAnimation Java Classes
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\DirectAnimation Java Classes\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\DirectAnimation Java Classes\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities\{1ED63F3B-3E43-4FDD-9F7C-D7F7EF1DFE7F}\Microsoft\Outlook Express folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities\{1ED63F3B-3E43-4FDD-9F7C-D7F7EF1DFE7F}\Microsoft folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities\{1ED63F3B-3E43-4FDD-9F7C-D7F7EF1DFE7F} folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\Identities folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Meyqi folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Isbo folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Erivz folder moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Search Settings\temp folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Search Settings\res folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\MGI\PhotoSuite4\Temp folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\MGI\PhotoSuite4 folder moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\MGI folder moved successfully.
File C:\Documents and Settings\Honzik\Data aplikací\Meyqi\xukuy.exe not found.
C:\Documents and Settings\Honzik\Data aplikací\System32\csrss.exe moved successfully.
C:\Documents and Settings\Honzik\Data aplikací\System32\rundll32.exe moved successfully.
C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-SEABEES-Honzik.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{CE045FB7-2D9E-4766-AEC1-9818C6EACDD3}.job moved successfully.
========== FILES ==========
c:\Documents and Settings\Honzik\Plocha\Downloads\Keygen power dvd7\Keygen.exe moved successfully.
c:\Documents and Settings\Honzik\Plocha\Downloads\Power DVD6\PowerDVD6-Keygen.zip moved successfully.
c:\Documents and Settings\Honzik\Recent\CorelDRAW X5 CZ+Keygen.lnk moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Lang folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot\GC folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
C:\Program Files\Application Updater folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002191_.tmp moved successfully.
C:\WINDOWS\005162_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SETA.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes
User: Honzik
->Temp folder emptied: 6881763 bytes
->Temporary Internet Files folder emptied: 82294065 bytes
->Java cache emptied: 43629421 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 735314 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 218905 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33728 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 128,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Honzik
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default User
User: Honzik
->Java cache emptied: 0 bytes
User: LocalService
User: NetworkService
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05132013_190621
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Honzik\Local Settings\Temp\~DF7565.tmp not found!
File\Folder C:\Documents and Settings\Honzik\Local Settings\Temp\~DF82A3.tmp not found!
C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\IACTZ53F\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Honzik\Local Settings\Temporary Internet Files\Content.IE5\EIA2KVU6\afr[1].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_674.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
co teď?
Re: Avast - sítový štít
teď koukám že mi přestal fungovat vyhledávač vpravo nahoře a ještě se mi tu zobrazuje jedna věc,mám to vyfocený print sreenem,dá se to sem nějak vložit?
vyhledávač se mi podařilo dát dokupy,tak teda jenom to níže od avastu,že mi končí licence.Zobrazuje se mi to celkem dlouho i po nové registraci a změně aktivačního klíče
vyhledávač se mi podařilo dát dokupy,tak teda jenom to níže od avastu,že mi končí licence.Zobrazuje se mi to celkem dlouho i po nové registraci a změně aktivačního klíče
Naposledy upravil(a) seabees dne 13 kvě 2013 18:25, celkem upraveno 1 x.
Re: Avast - sítový štít
A pouzivate Avast Free nebo zakoupenou licenci (Avast Internet Security)?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Avast - sítový štít
používám free verzi Avast Home
Přispějete na provoz fóra?
