Pomalé a staré PC
Napsal: 30 črc 2014 12:07
Dobrý den, rodiče si stěžují na zpomalený počítač s winXP. Přiznám se, že této platformě příliš nerozumím, sám používám Gentoo, a tak se mi toto fórum zdá jako ideální místo pro radu. Zajímá mě, zda je počítadlo nějak nemocné, nebo prostě už jen staré. Nerad bych kupoval nový hardware zbytečně.
Předem díky za pomoc!
Vít Musil
EDIT: přkládám log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by corado (administrator) on KRECIK on 30-07-2014 12:55:17
Running from C:\Documents and Settings\corado\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Kerio Technologies) C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Kerio Technologies) C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(Kerio Technologies) C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\corado\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-343818398-1897051121-839522115-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [17360520 2011-08-18] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 9225B9C631
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 9225B9C631
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: http://www.idnes.cz
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Garmin Communicator - C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: All-in-One Sidebar - C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2011-06-24]
FF Extension: Adblock Plus - C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-22]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\corado\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\corado\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-04-09]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\corado\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-12-28] (Macrovision Europe Ltd.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
R2 KPF4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [1617920 2005-10-10] (Kerio Technologies) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-06-21] (Hewlett-Packard Company) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2010-12-26] () [File not signed]
R1 fwdrv; C:\WINDOWS\system32\drivers\fwdrv.sys [286720 2005-09-26] (Kerio Technologies) [File not signed]
S3 genmcmnUSB; C:\WINDOWS\System32\DRIVERS\gflmouhid.sys [6834 2002-09-20] ()
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider) [File not signed]
R1 khips; C:\WINDOWS\system32\drivers\khips.sys [81920 2005-09-26] () [File not signed]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-11] ()
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54016 2007-11-17] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2007-11-17] (NVIDIA Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [664064 2010-12-26] () [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [215936 2008-01-02] (VIA Technologies, Inc.)
S3 catchme; \??\C:\DOCUME~1\corado\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-30 12:55 - 2014-07-30 12:55 - 00013164 _____ () C:\Documents and Settings\corado\Plocha\FRST.txt
2014-07-30 12:54 - 2014-07-30 12:54 - 00029696 _____ () C:\Documents and Settings\corado\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-30 12:54 - 2014-07-30 12:54 - 00015327 _____ () C:\Documents and Settings\corado\Plocha\LM.bat
2014-07-30 12:44 - 2014-07-30 12:55 - 00000000 ____D () C:\FRST
2014-07-30 12:43 - 2014-07-30 12:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\corado\Plocha\FRSTLauncher.exe
2014-07-30 12:41 - 2014-07-30 12:41 - 01084416 _____ (Farbar) C:\Documents and Settings\corado\Plocha\FRST.exe
2014-07-30 12:36 - 2014-07-30 12:36 - 19178160 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-30 11:47 - 2014-07-30 12:55 - 00000000 ____D () C:\Documents and Settings\corado\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-07-30 11:25 - 2014-07-30 11:25 - 00000000 _RSHD () C:\cmdcons
2014-07-30 11:25 - 2013-10-27 15:53 - 00000211 _____ () C:\Boot.bak
2014-07-30 11:25 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2014-07-30 11:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-30 11:21 - 2014-07-30 12:01 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-30 11:21 - 2014-07-30 11:21 - 00000000 ___RD () C:\Documents and Settings\corado\Nabídka Start\Programy\Nástroje pro správu
2014-07-30 11:11 - 2014-07-30 11:19 - 00000000 ____D () C:\Documents and Settings\corado\Data aplikací\Systweak
2014-07-30 11:10 - 2014-07-16 17:49 - 00018280 _____ () C:\WINDOWS\system32\roboot.exe
2014-07-03 13:39 - 2014-07-03 13:39 - 00000000 ____D () C:\WINDOWS\Minidump
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-30 12:55 - 2014-07-30 12:55 - 00013164 _____ () C:\Documents and Settings\corado\Plocha\FRST.txt
2014-07-30 12:55 - 2014-07-30 12:44 - 00000000 ____D () C:\FRST
2014-07-30 12:55 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\corado\Local Settings\temp
2014-07-30 12:55 - 2010-12-26 11:37 - 00000000 ___HD () C:\Documents and Settings\corado\Local Settings\Data aplikací
2014-07-30 12:55 - 2010-12-26 11:37 - 00000000 ____D () C:\Documents and Settings\corado\Plocha
2014-07-30 12:54 - 2014-07-30 12:54 - 00029696 _____ () C:\Documents and Settings\corado\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-30 12:54 - 2014-07-30 12:54 - 00015327 _____ () C:\Documents and Settings\corado\Plocha\LM.bat
2014-07-30 12:54 - 2010-12-26 12:02 - 00001340 _____ () C:\WINDOWS\wincmd.ini
2014-07-30 12:44 - 2010-12-26 12:03 - 00000000 ____D () C:\Documents and Settings\corado\Nabídka Start\Programy\hardware
2014-07-30 12:43 - 2014-07-30 12:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\corado\Plocha\FRSTLauncher.exe
2014-07-30 12:41 - 2014-07-30 12:41 - 01084416 _____ (Farbar) C:\Documents and Settings\corado\Plocha\FRST.exe
2014-07-30 12:36 - 2014-07-30 12:36 - 19178160 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-30 12:36 - 2012-08-20 18:16 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-30 12:36 - 2012-08-20 18:16 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-30 12:36 - 2011-06-04 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-30 12:07 - 2011-02-08 22:58 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-07-30 12:07 - 2011-02-08 22:55 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 12:03 - 2011-02-08 22:55 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-30 12:03 - 2010-12-26 11:59 - 00280795 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-30 12:01 - 2014-07-30 11:21 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-30 12:01 - 2010-12-26 12:19 - 01018950 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-30 11:58 - 2010-12-28 15:55 - 00000000 ____D () C:\Documents and Settings\corado\Data aplikací\Skype
2014-07-30 11:57 - 2010-12-26 12:21 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-30 11:57 - 2010-12-26 12:21 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-30 11:57 - 2010-12-26 11:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-30 11:53 - 2010-12-26 11:36 - 00032596 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-07-30 11:44 - 2001-10-25 16:00 - 00000277 _____ () C:\WINDOWS\system.ini
2014-07-30 11:27 - 2010-12-26 11:37 - 00000000 __RHD () C:\Documents and Settings\corado\Data aplikací
2014-07-30 11:25 - 2014-07-30 11:25 - 00000000 _RSHD () C:\cmdcons
2014-07-30 11:25 - 2010-12-26 12:17 - 00000327 __RSH () C:\boot.ini
2014-07-30 11:21 - 2014-07-30 11:21 - 00000000 ___RD () C:\Documents and Settings\corado\Nabídka Start\Programy\Nástroje pro správu
2014-07-30 11:21 - 2010-12-26 11:37 - 00000000 ___RD () C:\Documents and Settings\corado\Nabídka Start\Programy
2014-07-30 11:19 - 2014-07-30 11:11 - 00000000 ____D () C:\Documents and Settings\corado\Data aplikací\Systweak
2014-07-30 11:19 - 2010-12-26 12:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-30 11:19 - 2010-12-26 12:19 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-30 10:47 - 2010-12-27 20:35 - 00000000 ____D () C:\Program Files\AdmWin
2014-07-29 12:06 - 2012-01-25 10:24 - 00000000 ____D () C:\Documents and Settings\corado\Plocha\Zakázky
2014-07-29 09:11 - 2001-10-25 16:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-27 00:06 - 2010-12-26 11:37 - 00000000 ___RD () C:\Documents and Settings\corado\Dokumenty\Obrázky
2014-07-16 17:49 - 2014-07-30 11:10 - 00018280 _____ () C:\WINDOWS\system32\roboot.exe
2014-07-03 13:39 - 2014-07-03 13:39 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 13:39 - 2010-12-26 12:15 - 938729472 _____ () C:\WINDOWS\MEMORY.DMP
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Předem díky za pomoc!
Vít Musil
EDIT: přkládám log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by corado (administrator) on KRECIK on 30-07-2014 12:55:17
Running from C:\Documents and Settings\corado\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 6
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Kerio Technologies) C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Kerio Technologies) C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(Kerio Technologies) C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\corado\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-343818398-1897051121-839522115-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [17360520 2011-08-18] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 9225B9C631
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 9225B9C631
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: http://www.idnes.cz
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Garmin Communicator - C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-20]
FF Extension: All-in-One Sidebar - C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2011-06-24]
FF Extension: Adblock Plus - C:\Documents and Settings\corado\Data aplikací\Mozilla\Firefox\Profiles\0effa9tb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]
FF Extension: Click to call with Skype - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-22]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\corado\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8153_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\corado\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-04-09]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\corado\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-12-28] (Macrovision Europe Ltd.) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
R2 KPF4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [1617920 2005-10-10] (Kerio Technologies) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [53248 2005-06-21] (Hewlett-Packard Company) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R3 dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [223128 2010-12-26] () [File not signed]
R1 fwdrv; C:\WINDOWS\system32\drivers\fwdrv.sys [286720 2005-09-26] (Kerio Technologies) [File not signed]
S3 genmcmnUSB; C:\WINDOWS\System32\DRIVERS\gflmouhid.sys [6834 2002-09-20] ()
R3 HDAudBus; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [138752 2005-01-07] (Windows (R) Server 2003 DDK provider) [File not signed]
R1 khips; C:\WINDOWS\system32\drivers\khips.sys [81920 2005-09-26] () [File not signed]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-11] ()
R3 NVENETFD; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [54016 2007-11-17] (NVIDIA Corporation)
R3 nvnetbus; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [22016 2007-11-17] (NVIDIA Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [664064 2010-12-26] () [File not signed]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [215936 2008-01-02] (VIA Technologies, Inc.)
S3 catchme; \??\C:\DOCUME~1\corado\LOCALS~1\Temp\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-30 12:55 - 2014-07-30 12:55 - 00013164 _____ () C:\Documents and Settings\corado\Plocha\FRST.txt
2014-07-30 12:54 - 2014-07-30 12:54 - 00029696 _____ () C:\Documents and Settings\corado\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-30 12:54 - 2014-07-30 12:54 - 00015327 _____ () C:\Documents and Settings\corado\Plocha\LM.bat
2014-07-30 12:44 - 2014-07-30 12:55 - 00000000 ____D () C:\FRST
2014-07-30 12:43 - 2014-07-30 12:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\corado\Plocha\FRSTLauncher.exe
2014-07-30 12:41 - 2014-07-30 12:41 - 01084416 _____ (Farbar) C:\Documents and Settings\corado\Plocha\FRST.exe
2014-07-30 12:36 - 2014-07-30 12:36 - 19178160 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-30 11:47 - 2014-07-30 12:55 - 00000000 ____D () C:\Documents and Settings\corado\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-07-30 11:25 - 2014-07-30 11:25 - 00000000 _RSHD () C:\cmdcons
2014-07-30 11:25 - 2013-10-27 15:53 - 00000211 _____ () C:\Boot.bak
2014-07-30 11:25 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2014-07-30 11:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-07-30 11:21 - 2014-07-30 12:01 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-30 11:21 - 2014-07-30 11:21 - 00000000 ___RD () C:\Documents and Settings\corado\Nabídka Start\Programy\Nástroje pro správu
2014-07-30 11:11 - 2014-07-30 11:19 - 00000000 ____D () C:\Documents and Settings\corado\Data aplikací\Systweak
2014-07-30 11:10 - 2014-07-16 17:49 - 00018280 _____ () C:\WINDOWS\system32\roboot.exe
2014-07-03 13:39 - 2014-07-03 13:39 - 00000000 ____D () C:\WINDOWS\Minidump
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-30 12:55 - 2014-07-30 12:55 - 00013164 _____ () C:\Documents and Settings\corado\Plocha\FRST.txt
2014-07-30 12:55 - 2014-07-30 12:44 - 00000000 ____D () C:\FRST
2014-07-30 12:55 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\corado\Local Settings\temp
2014-07-30 12:55 - 2010-12-26 11:37 - 00000000 ___HD () C:\Documents and Settings\corado\Local Settings\Data aplikací
2014-07-30 12:55 - 2010-12-26 11:37 - 00000000 ____D () C:\Documents and Settings\corado\Plocha
2014-07-30 12:54 - 2014-07-30 12:54 - 00029696 _____ () C:\Documents and Settings\corado\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-30 12:54 - 2014-07-30 12:54 - 00015327 _____ () C:\Documents and Settings\corado\Plocha\LM.bat
2014-07-30 12:54 - 2010-12-26 12:02 - 00001340 _____ () C:\WINDOWS\wincmd.ini
2014-07-30 12:44 - 2010-12-26 12:03 - 00000000 ____D () C:\Documents and Settings\corado\Nabídka Start\Programy\hardware
2014-07-30 12:43 - 2014-07-30 12:43 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\corado\Plocha\FRSTLauncher.exe
2014-07-30 12:41 - 2014-07-30 12:41 - 01084416 _____ (Farbar) C:\Documents and Settings\corado\Plocha\FRST.exe
2014-07-30 12:36 - 2014-07-30 12:36 - 19178160 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-30 12:36 - 2012-08-20 18:16 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-30 12:36 - 2012-08-20 18:16 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-30 12:36 - 2011-06-04 18:53 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-30 12:07 - 2011-02-08 22:58 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-07-30 12:07 - 2011-02-08 22:55 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 12:03 - 2011-02-08 22:55 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-30 12:03 - 2010-12-26 11:59 - 00280795 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-30 12:01 - 2014-07-30 11:21 - 00000000 ____D () C:\WINDOWS\erdnt
2014-07-30 12:01 - 2010-12-26 12:19 - 01018950 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-30 11:58 - 2010-12-28 15:55 - 00000000 ____D () C:\Documents and Settings\corado\Data aplikací\Skype
2014-07-30 11:57 - 2010-12-26 12:21 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-30 11:57 - 2010-12-26 12:21 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-30 11:57 - 2010-12-26 11:34 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-30 11:53 - 2010-12-26 11:36 - 00032596 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\temp
2014-07-30 11:44 - 2001-10-25 16:00 - 00000277 _____ () C:\WINDOWS\system.ini
2014-07-30 11:27 - 2010-12-26 11:37 - 00000000 __RHD () C:\Documents and Settings\corado\Data aplikací
2014-07-30 11:25 - 2014-07-30 11:25 - 00000000 _RSHD () C:\cmdcons
2014-07-30 11:25 - 2010-12-26 12:17 - 00000327 __RSH () C:\boot.ini
2014-07-30 11:21 - 2014-07-30 11:21 - 00000000 ___RD () C:\Documents and Settings\corado\Nabídka Start\Programy\Nástroje pro správu
2014-07-30 11:21 - 2010-12-26 11:37 - 00000000 ___RD () C:\Documents and Settings\corado\Nabídka Start\Programy
2014-07-30 11:19 - 2014-07-30 11:11 - 00000000 ____D () C:\Documents and Settings\corado\Data aplikací\Systweak
2014-07-30 11:19 - 2010-12-26 12:19 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-30 11:19 - 2010-12-26 12:19 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-30 10:47 - 2010-12-27 20:35 - 00000000 ____D () C:\Program Files\AdmWin
2014-07-29 12:06 - 2012-01-25 10:24 - 00000000 ____D () C:\Documents and Settings\corado\Plocha\Zakázky
2014-07-29 09:11 - 2001-10-25 16:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-27 00:06 - 2010-12-26 11:37 - 00000000 ___RD () C:\Documents and Settings\corado\Dokumenty\Obrázky
2014-07-16 17:49 - 2014-07-30 11:10 - 00018280 _____ () C:\WINDOWS\system32\roboot.exe
2014-07-03 13:39 - 2014-07-03 13:39 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-03 13:39 - 2010-12-26 12:15 - 938729472 _____ () C:\WINDOWS\MEMORY.DMP
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================