Preventivní kontrola, plus jakýsi SweetIM se nechová úplně korektně, ráda bych se ho komplet zbavila..
Logfile of random's system information tool 1.09 (written by random/random)
Run by Hanka at 2012-12-22 00:57:23
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 27 GB (22%) free of 120 GB
Total RAM: 2038 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:57:27, on 22.12.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Užovka\Desktop\RSIT.exe
C:\Program Files\trend micro\Hanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Del29693261] cmd.exe /c del "C:\Users\Hanka\AppData\Local\Temp\0.del"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2401629453-566057478-488908529-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Užovka')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\PROGRA~1\STARDO~1\sdie.htm
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files\GNU\GnuPG\dirmngr.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JYBOBQHN - Sysinternals - http://www.sysinternals.com - C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Unknown owner - C:\Program Files\Skype\Updater\Updater.exe (file missing)
O23 - Service: SUZG - Sysinternals - http://www.sysinternals.com - C:\Users\Hanka\AppData\Local\Temp\SUZG.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10928 bytes
======Scheduled tasks folder======
C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, firesheep@codebutler.com:0.1, ffxtlbr@babylon.com:1.2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP]
"Description"=Viewpoint Media Player for Mozilla
"Path"=C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
npdrmv2.dll
npdsplay.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npViewpoint.dll
npViewpoint.xpt
npwmsdrm.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\
ffxtlbr@babylon.com
firesheep@codebutler.com
{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\searchplugins\
sweetim.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-09-19 329032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-07-24 66880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-25 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-25 129560]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"Sweetpacks Communicator"=C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Del29693261"=cmd.exe /c del C:\Users\Hanka\AppData\Local\Temp\0.del []
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe [2012-08-22 690888]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-22 00:44:10 ----D---- C:\rsit
2012-12-22 00:29:55 ----A---- C:\ProgramData\rebootpending.txt
2012-12-21 23:45:46 ----D---- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
2012-12-21 23:44:43 ----D---- C:\Program Files\SweetIM
2012-12-21 23:44:42 ----D---- C:\ProgramData\SweetIM
======List of files/folders modified in the last 1 month======
2012-12-22 00:57:24 ----D---- C:\Windows\Temp
2012-12-22 00:57:24 ----D---- C:\Program Files\trend micro
2012-12-22 00:40:16 ----RD---- C:\Program Files
2012-12-22 00:37:59 ----D---- C:\MC
2012-12-22 00:29:55 ----HD---- C:\ProgramData
2012-12-22 00:28:57 ----SHD---- C:\System Volume Information
2012-12-22 00:28:32 ----D---- C:\Windows\system32\drivers
2012-12-21 23:46:07 ----SHD---- C:\Windows\Installer
2012-12-21 15:34:42 ----AD---- C:\Windows\System32
2012-12-21 15:34:37 ----A---- C:\Windows\system32\agremove.exe
2012-12-21 15:31:44 ----D---- C:\Windows
2012-12-14 03:01:14 ----A---- C:\Windows\system32\mrt.exe
2012-12-14 03:01:03 ----D---- C:\Windows\system32\catroot2
2012-12-10 23:22:28 ----D---- C:\Windows\Prefetch
2012-11-23 12:56:22 ----D---- C:\Windows\inf
2012-11-23 12:56:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2007-07-21 201288]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-14 231248]
R2 CoLinuxDriver;CoLinuxDriver; \??\C:\Portable_Ubuntu\linux.sys [2008-05-24 68096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2007-07-24 79304]
R3 mfebopk;McAfee Inc.; C:\Windows\system32\drivers\mfebopk.sys [2007-07-21 35240]
R3 mferkdk;McAfee Inc.; C:\Windows\system32\drivers\mferkdk.sys [2007-07-24 33800]
R3 mfesmfk;McAfee Inc.; C:\Windows\system32\drivers\mfesmfk.sys [2007-07-21 40488]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
R4 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-12-26 131584]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-11-29 74240]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 DirMngr;DirMngr; C:\Program Files\GNU\GnuPG\dirmngr.exe [2011-03-02 224256]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-08-24 23880]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-07-25 695624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-11 1836544]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 JYBOBQHN;JYBOBQHN; C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe [2012-02-10 519040]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-07-25 378184]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 SUZG;SUZG; C:\Users\Hanka\AppData\Local\Temp\SUZG.exe [2012-02-10 408448]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
S4 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Search
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
# AdwCleaner v2.101 - Logfile created 12/22/2012 at 02:32:27
# Updated 16/12/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# User : Hanka - HANKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Užovka\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
Found : Viewpoint Manager Service
***** [Files / Folders] *****
File Found : \user.js
File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\searchplugins\SweetIm.xml
File Found : C:\Users\Hanka\Desktop\Search The Web.url
File Found : C:\Users\Hanka\Desktop\sweetpcfix.url
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Viewpoint
Folder Found : C:\Users\Hanka\AppData\Local\Babylon
Folder Found : C:\Users\Hanka\AppData\Roaming\Babylon
Folder Found : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Found : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Users\Užovka\AppData\LocalLow\SweetIM
Folder Found : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registry] *****
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\SweetIM
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\Software\Viewpoint
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.19088
[OK] Registry is clean.
-\\ Mozilla Firefox v3.6.28 (cs)
Profile name : default
File : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\prefs.js
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=100762");
Found : user_pref("extensions.BabylonToolbar.bbDpng", 29);
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.id", "8671b035000000000000001f3c361305");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15358");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.lastDP", 29);
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1715:08:52");
Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Found : user_pref("extensions.BabylonToolbar.newTab", true);
Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.propectorlck", 69107101);
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Found : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1715:08:52");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100762");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "8671b035000000000000001f3c361305");
Found : user_pref("extensions.BabylonToolbar_i.id", "8671b035000000000000001f3c361305");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15358");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:08:52");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Profile name : default [Profil par défaut]
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\3txkse0e.default\prefs.js
[OK] File is clean.
Profile name : d2
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\r1hzgkc0.d2\prefs.js
[OK] File is clean.
Profile name : default
File : C:\Users\Prac\AppData\Roaming\Mozilla\Firefox\Profiles\4qk63zkd.default\prefs.js
[OK] File is clean.
-\\ Opera v11.64.1403.0
File : C:\Users\Hanka\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Users\Užovka\AppData\Roaming\Opera\Opera\operaprefs.ini
Found : application/x-mtx=6,,C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll,MetaStream 3 Plugin,mt[...]
*************************
AdwCleaner[R1].txt - [8449 octets] - [22/12/2012 01:42:52]
AdwCleaner[R2].txt - [8214 octets] - [22/12/2012 02:32:27]
########## EOF - \AdwCleaner[R2].txt - [8274 octets] ##########
# Updated 16/12/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# User : Hanka - HANKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Užovka\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
Found : Viewpoint Manager Service
***** [Files / Folders] *****
File Found : \user.js
File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\searchplugins\SweetIm.xml
File Found : C:\Users\Hanka\Desktop\Search The Web.url
File Found : C:\Users\Hanka\Desktop\sweetpcfix.url
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Viewpoint
Folder Found : C:\Users\Hanka\AppData\Local\Babylon
Folder Found : C:\Users\Hanka\AppData\Roaming\Babylon
Folder Found : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Found : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Users\Užovka\AppData\LocalLow\SweetIM
Folder Found : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registry] *****
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\SweetIM
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\Software\Viewpoint
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.19088
[OK] Registry is clean.
-\\ Mozilla Firefox v3.6.28 (cs)
Profile name : default
File : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\prefs.js
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.babExt", "");
Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=100762");
Found : user_pref("extensions.BabylonToolbar.bbDpng", 29);
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Found : user_pref("extensions.BabylonToolbar.hmpg", false);
Found : user_pref("extensions.BabylonToolbar.id", "8671b035000000000000001f3c361305");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15358");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.lastDP", 29);
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1715:08:52");
Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Found : user_pref("extensions.BabylonToolbar.newTab", true);
Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.propectorlck", 69107101);
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Found : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1715:08:52");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100762");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "8671b035000000000000001f3c361305");
Found : user_pref("extensions.BabylonToolbar_i.id", "8671b035000000000000001f3c361305");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15358");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:08:52");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Profile name : default [Profil par défaut]
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\3txkse0e.default\prefs.js
[OK] File is clean.
Profile name : d2
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\r1hzgkc0.d2\prefs.js
[OK] File is clean.
Profile name : default
File : C:\Users\Prac\AppData\Roaming\Mozilla\Firefox\Profiles\4qk63zkd.default\prefs.js
[OK] File is clean.
-\\ Opera v11.64.1403.0
File : C:\Users\Hanka\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Users\Užovka\AppData\Roaming\Opera\Opera\operaprefs.ini
Found : application/x-mtx=6,,C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll,MetaStream 3 Plugin,mt[...]
*************************
AdwCleaner[R1].txt - [8449 octets] - [22/12/2012 01:42:52]
AdwCleaner[R2].txt - [8214 octets] - [22/12/2012 02:32:27]
########## EOF - \AdwCleaner[R2].txt - [8274 octets] ##########
Re: Preventivka
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Delete
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
# AdwCleaner v2.101 - Logfile created 12/22/2012 at 10:37:18
# Updated 16/12/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# User : Hanka - HANKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Užovka\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : Viewpoint Manager Service
***** [Files / Folders] *****
File Deleted : \user.js
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Hanka\Desktop\Search The Web.url
File Deleted : C:\Users\Hanka\Desktop\sweetpcfix.url
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Hanka\AppData\Local\Babylon
Folder Deleted : C:\Users\Hanka\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Užovka\AppData\LocalLow\SweetIM
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registry] *****
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.19088
[OK] Registry is clean.
-\\ Mozilla Firefox v3.6.28 (cs)
Profile name : default
File : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\prefs.js
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\user.js ... Deleted !
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100762");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 29);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "8671b035000000000000001f3c361305");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15358");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 29);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1715:08:52");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 69107101);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1715:08:52");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100762");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "8671b035000000000000001f3c361305");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "8671b035000000000000001f3c361305");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15358");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:08:52");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Profile name : default [Profil par défaut]
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\3txkse0e.default\prefs.js
[OK] File is clean.
Profile name : d2
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\r1hzgkc0.d2\prefs.js
[OK] File is clean.
Profile name : default
File : C:\Users\Prac\AppData\Roaming\Mozilla\Firefox\Profiles\4qk63zkd.default\prefs.js
[OK] File is clean.
-\\ Opera v11.64.1403.0
File : C:\Users\Hanka\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Users\Užovka\AppData\Roaming\Opera\Opera\operaprefs.ini
Deleted : application/x-mtx=6,,C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll,MetaStream 3 Plugin,mt[...]
*************************
AdwCleaner[R1].txt - [8449 octets] - [22/12/2012 01:42:52]
AdwCleaner[R2].txt - [8341 octets] - [22/12/2012 02:32:27]
AdwCleaner[S1].txt - [8539 octets] - [22/12/2012 10:37:18]
########## EOF - \AdwCleaner[S1].txt - [8599 octets] ##########
# Updated 16/12/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# User : Hanka - HANKA-PC
# Boot Mode : Normal
# Running from : C:\Users\Užovka\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : Viewpoint Manager Service
***** [Files / Folders] *****
File Deleted : \user.js
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Hanka\Desktop\Search The Web.url
File Deleted : C:\Users\Hanka\Desktop\sweetpcfix.url
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Hanka\AppData\Local\Babylon
Folder Deleted : C:\Users\Hanka\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
Folder Deleted : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Užovka\AppData\LocalLow\SweetIM
Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
***** [Registry] *****
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.19088
[OK] Registry is clean.
-\\ Mozilla Firefox v3.6.28 (cs)
Profile name : default
File : C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\prefs.js
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\user.js ... Deleted !
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100762");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 29);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "8671b035000000000000001f3c361305");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15358");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 29);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1715:08:52");
Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6");
Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 69107101);
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1715:08:52");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100762");
Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "8671b035000000000000001f3c361305");
Deleted : user_pref("extensions.BabylonToolbar_i.id", "8671b035000000000000001f3c361305");
Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15358");
Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:08:52");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Profile name : default [Profil par défaut]
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\3txkse0e.default\prefs.js
[OK] File is clean.
Profile name : d2
File : C:\Users\Užovka\AppData\Roaming\Mozilla\Firefox\Profiles\r1hzgkc0.d2\prefs.js
[OK] File is clean.
Profile name : default
File : C:\Users\Prac\AppData\Roaming\Mozilla\Firefox\Profiles\4qk63zkd.default\prefs.js
[OK] File is clean.
-\\ Opera v11.64.1403.0
File : C:\Users\Hanka\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
File : C:\Users\Užovka\AppData\Roaming\Opera\Opera\operaprefs.ini
Deleted : application/x-mtx=6,,C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll,MetaStream 3 Plugin,mt[...]
*************************
AdwCleaner[R1].txt - [8449 octets] - [22/12/2012 01:42:52]
AdwCleaner[R2].txt - [8341 octets] - [22/12/2012 02:32:27]
AdwCleaner[S1].txt - [8539 octets] - [22/12/2012 10:37:18]
########## EOF - \AdwCleaner[S1].txt - [8599 octets] ##########
Re: Preventivka
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
OTL logfile created on: 22.12.2012 11:11:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Užovka\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,38% Memory free
4,21 Gb Paging File | 3,05 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,54 Gb Total Space | 28,90 Gb Free Space | 24,58% Space Free | Partition Type: NTFS
Drive E: | 113,88 Gb Total Space | 26,60 Gb Free Space | 23,36% Space Free | Partition Type: NTFS
Computer Name: HANKA-PC | User Name: Hanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.12.22 11:07:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Užovka\Desktop\OTL.exe
PRC - [2011.03.02 16:20:58 | 000,224,256 | ---- | M] () -- C:\Program Files\GNU\GnuPG\dirmngr.exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.25 14:43:22 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008.01.25 12:33:50 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008.01.25 10:24:08 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008.01.22 20:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008.01.22 13:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008.01.22 10:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.01.19 08:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2008.01.17 15:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008.01.09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2007.12.29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.10.29 14:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.25 16:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007.10.04 18:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.28 16:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007.08.24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007.08.15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007.08.03 22:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007.07.25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007.07.24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007.07.18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007.07.13 07:14:56 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
PRC - [2007.06.18 10:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
PRC - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2011.06.28 09:24:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2011.06.28 08:02:54 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011.06.28 08:02:28 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011.06.28 08:02:17 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011.06.28 08:01:10 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011.06.28 07:59:27 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.03.02 16:18:28 | 000,656,384 | ---- | M] () -- C:\Program Files\GNU\GnuPG\gpgex.dll
MOD - [2008.09.15 23:24:37 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008.09.15 23:24:37 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.01.22 10:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2007.12.29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
MOD - [2007.12.25 11:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007.12.14 20:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2007.12.14 20:28:38 | 004,726,784 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007.09.13 14:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007.01.18 09:30:00 | 000,094,208 | ---- | M] () -- C:\Program Files\IDM\Desktop SMS\oehook.dll
MOD - [2006.12.01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- c:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005.07.22 21:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.10 18:28:00 | 000,519,040 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe -- (JYBOBQHN)
SRV - [2012.02.10 18:21:10 | 000,408,448 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Hanka\AppData\Local\Temp\SUZG.exe -- (SUZG)
SRV - [2011.03.02 16:20:58 | 000,224,256 | ---- | M] () [Auto | Running] -- C:\Program Files\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2008.01.25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008.01.09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007.09.28 16:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.08.24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service)
SRV - [2007.08.15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007.07.25 02:16:16 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007.07.25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007.07.24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007.07.18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011.01.14 21:12:29 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010.06.25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009.12.08 20:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009.03.30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008.05.24 23:36:32 | 000,068,096 | ---- | M] () [Kernel | Auto | Running] -- C:\Portable_Ubuntu\linux.sys -- (CoLinuxDriver)
DRV - [2008.02.01 11:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2008.01.21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.15 10:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2007.12.26 14:11:30 | 000,131,584 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.12.17 10:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.11.29 16:47:36 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.11.29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.10.18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.10.02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.09.26 05:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.07.24 12:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007.07.24 07:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007.07.21 09:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007.07.21 09:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007.07.21 09:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007.07.13 09:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007.06.06 15:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2007.04.09 16:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.01.07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\SearchScopes,DefaultScope = {1184580E-75B1-4BDA-ADA0-2B7518384FA8}
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.03 18:42:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.05 13:32:09 | 000,000,000 | ---D | M]
[2010.05.12 13:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Extensions
[2010.05.12 13:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.12.22 10:37:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions
[2011.01.27 14:59:34 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\firesheep@codebutler.com
[2012.02.29 21:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008.10.10 11:42:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2011.01.24 18:29:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\HANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GN0DO0YH.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011.05.25 09:13:37 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npdrmv2.dll
[2011.05.25 09:13:18 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll
[2007.04.16 18:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011.05.25 09:13:28 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npwmsdrm.dll
[2012.02.29 21:24:52 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.29 21:24:52 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.02.29 21:24:52 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.29 21:24:52 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.29 21:24:52 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1001..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [Del29693261] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\PROGRA~1\STARDO~1\sdie.htm File not found
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..Trusted Ranges: GD ([http] in Místní intranet)
O15 - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C9848EF-F447-4899-B6DF-BF35A8774F0C}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCC7D105-D5BE-4991-A9A1-EDD1A3066195}: DhcpNameServer = 217.170.96.24 217.170.96.2
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Toshiba\WALLPAPERS\redfoxs.jpg
O24 - Desktop BackupWallPaper: C:\Toshiba\WALLPAPERS\redfoxs.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\Shell - "" = AutoRun
O33 - MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{f69a960d-d057-11dd-a6f3-001f3c361305}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\D\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.12.22 01:34:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.12.22 01:27:52 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.12.22 01:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.12.22 00:44:10 | 000,000,000 | ---D | C] -- C:\rsit
[2012.12.21 23:45:46 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.12.22 11:15:59 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
[2012.12.22 11:15:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.22 10:42:16 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\agremove.exe
[2012.12.22 10:40:22 | 000,040,579 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2012.12.22 10:39:22 | 000,000,021 | ---- | M] () -- C:\Windows\S.dirmngr
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:39:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.22 10:39:10 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.22 01:27:52 | 000,001,062 | ---- | M] () -- C:\Users\Hanka\Desktop\Revo Uninstaller.lnk
[2012.12.21 23:45:45 | 000,001,827 | ---- | M] () -- C:\Users\Hanka\Desktop\JDownloader.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.22 11:15:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.22 10:39:22 | 000,000,021 | ---- | C] () -- C:\Windows\S.dirmngr
[2012.12.22 01:27:52 | 000,001,062 | ---- | C] () -- C:\Users\Hanka\Desktop\Revo Uninstaller.lnk
[2012.12.21 23:45:45 | 000,001,827 | ---- | C] () -- C:\Users\Hanka\Desktop\JDownloader.lnk
[2012.12.21 23:45:32 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.12.21 23:45:32 | 000,001,735 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.21 23:45:32 | 000,001,714 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.04.06 06:03:35 | 000,000,218 | ---- | C] () -- C:\Users\Hanka\.recently-used.xbel
[2012.02.10 18:19:15 | 000,000,053 | ---- | C] () -- C:\Windows\Eraser.INI
[2012.01.09 10:53:44 | 000,000,256 | ---- | C] () -- C:\Users\Hanka\.pulse-cookie
[2012.01.09 10:53:44 | 000,000,016 | ---- | C] () -- C:\Users\Hanka\.esd_auth
[2011.05.26 06:50:54 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.05.26 06:50:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.26 17:42:24 | 000,000,088 | ---- | C] () -- C:\Users\Hanka\AppData\Roaming\mainhst.zgh
[2008.06.11 13:02:52 | 000,064,000 | ---- | C] () -- C:\Users\Hanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.10 21:38:09 | 000,024,206 | ---- | C] () -- C:\Users\Hanka\AppData\Roaming\UserTile.png
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.19 08:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2008.10.13 18:28:17 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\acccore
[2012.01.18 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer
[2012.01.18 12:25:37 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer Pro
[2012.03.11 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Claws-mail
[2012.01.09 15:10:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Dev-Cpp
[2009.03.19 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\GHISLER
[2012.04.06 06:03:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gnupg
[2012.04.06 06:03:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gtk-2.0
[2010.03.24 14:14:42 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\inkscape
[2011.02.17 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\jabbim
[2012.12.22 01:39:45 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
[2008.09.08 08:55:03 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Opera
[2008.06.10 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\PeerNetworking
[2010.12.03 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\SWI-Prolog
[2010.05.12 13:58:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Thunderbird
[2008.06.10 20:54:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Toshiba
[2011.01.14 22:18:27 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\TrueCrypt
[2010.06.09 14:49:39 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Wireshark
[2010.10.28 20:49:24 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\XnView
[2010.12.03 17:48:57 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\xpce
[2008.07.26 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ZipGenius
[2010.01.31 12:30:36 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Zoner
[2012.10.30 00:18:04 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\.minecraft
[2012.03.11 07:02:04 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\BSplayer
[2012.03.11 21:26:14 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\Claws-mail
[2012.03.11 18:39:20 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\enchant
[2012.03.11 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\GHISLER
[2012.11.30 21:12:36 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\gnupg
[2012.04.12 10:37:32 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\gtk-2.0
[2012.03.11 21:00:41 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\Mail
[2012.08.04 10:46:46 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\TrueCrypt
[2012.09.10 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\Wuala
[2012.08.12 10:48:30 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\XnView
[2012.10.24 19:15:48 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\.minecraft
[2011.11.09 00:30:46 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\.purple
[2012.01.18 14:40:18 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\BSplayer
[2012.04.06 05:59:45 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Claws-mail
[2008.10.02 08:11:48 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\GHISLER
[2012.12.17 06:39:54 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\gnupg
[2012.11.05 16:12:50 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\gtk-2.0
[2010.03.02 12:49:54 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\inkscape
[2008.07.18 17:36:10 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Opera
[2012.12.22 00:39:34 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\SWI-Prolog
[2008.07.25 18:54:55 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Toshiba
[2011.01.14 21:19:10 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\TrueCrypt
[2011.01.27 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Wireshark
[2012.09.10 13:28:55 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Wuala
[2010.10.22 12:28:43 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\XnView
========== Purity Check ==========
========== Custom Scans ==========
< >
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,540 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2008.03.11 18:32:45 | 000,000,364 | ---- | C] () -- C:\Windows\Tasks\McQcTask.job
[2008.03.11 18:32:48 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\McDefragTask.job
[2012.01.29 13:57:11 | 000,000,460 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
< >
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.07.05 07:30:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.07.05 07:30:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.07.05 07:30:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] () MD5=49DB28FAA82775EA1C25CB0FB040DB7D -- C:\Windows\System32\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] () MD5=49DB28FAA82775EA1C25CB0FB040DB7D -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.03.11 16:50:24 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.03.11 16:50:24 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2008.01.19 08:42:34 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.01.19 08:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008.01.19 08:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006.11.02 10:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.07.05 07:29:55 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.07.05 07:29:56 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.10.13 18:28:17 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\acccore
[2012.01.19 15:09:44 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Adobe
[2012.01.18 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer
[2012.01.18 12:25:37 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer Pro
[2012.03.11 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Claws-mail
[2012.01.09 15:10:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Dev-Cpp
[2009.03.19 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\GHISLER
[2012.04.06 06:03:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gnupg
[2008.06.12 16:01:30 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Google
[2012.04.06 06:03:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gtk-2.0
[2008.06.10 19:01:54 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Identities
[2010.03.24 14:14:42 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\inkscape
[2008.06.10 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\InstallShield
[2011.02.17 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\jabbim
[2012.12.22 01:39:45 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
[2008.12.09 17:50:27 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Media Center Programs
[2011.05.25 07:27:32 | 000,000,000 | --SD | M] -- C:\Users\Hanka\AppData\Roaming\Microsoft
[2008.07.04 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Mozilla
[2011.04.20 18:02:14 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\OpenOffice.org2
[2008.09.08 08:55:03 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Opera
[2008.06.10 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\PeerNetworking
[2010.05.26 16:03:58 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Sun
[2010.12.03 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\SWI-Prolog
[2010.05.12 13:58:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Thunderbird
[2008.06.10 20:54:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Toshiba
[2011.01.14 22:18:27 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\TrueCrypt
[2011.01.30 19:16:07 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\U3
[2009.01.07 10:28:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Winamp
[2010.06.09 14:49:39 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Wireshark
[2010.10.28 20:49:24 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\XnView
[2010.12.03 17:48:57 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\xpce
[2008.07.26 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ZipGenius
[2010.01.31 12:30:36 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2010.10.21 20:12:40 | 003,920,702 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\firesheep@codebutler.com\platform\WINNT_x86-msvc\firesheep-backend.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Hanka\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.11.15 01:00:00 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2012.12.01 01:00:00 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2012.12.22 12:30:59 | 000,000,460 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:42:16 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\system32\agremove.exe
[2012.12.22 10:40:22 | 000,040,579 | ---- | M] () -- C:\Windows\system32\Config.MPF
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"WindowsWelcomeCenter" = rundll32.exe oobefldr.dll,ShowWelcomeCenter
"TOSCDSPD" = C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe -- [2007.12.29 09:06:02 | 000,430,080 | ---- | M] ()
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 08:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.03 18:42:38 | 000,912,344 | ---- | M] (Mozilla Corporation) MD5=1A4C10F3BD1552BC05D5E7CBFE4FCDB4 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.05.28 07:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=ED65737D70FDEAC29F738E77D2496EE5 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.05.30 21:32:58 | 000,949,104 | ---- | M] (Opera Software) MD5=E8F78F11945EE6F91408C99AF15143EA -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.12.22 11:15:35 | 000,000,512 | ---- | M] () MD5=CD79994B957457E763536B5AFFC2E17A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.05.29 21:41:56 | 000,114,899 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
< *keygen* /s >
[2009.04.09 00:31:58 | 000,015,784 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\spec\RSAKeyGenParameterSpec.html
[2009.04.09 00:29:44 | 000,006,397 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\spec\class-use\RSAKeyGenParameterSpec.html
[2009.04.09 00:32:10 | 000,026,617 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\KeyGenerator.html
[2009.04.09 00:28:22 | 000,013,948 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\KeyGeneratorSpi.html
[2009.04.09 00:31:04 | 000,008,837 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\class-use\KeyGenerator.html
[2009.04.09 00:27:42 | 000,007,553 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\class-use\KeyGeneratorSpi.html
[2009.04.09 00:31:10 | 000,015,083 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\spec\RSAKeyGenParameterSpec.html
[2009.04.09 00:28:18 | 000,005,914 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\spec\class-use\RSAKeyGenParameterSpec.html
< *loader* /s >
[2010.03.06 09:24:56 | 000,003,614 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 09:24:56 | 000,023,124 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 09:24:56 | 000,020,218 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 09:24:56 | 000,029,770 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 09:24:56 | 000,017,513 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 09:24:56 | 000,021,012 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 09:24:56 | 000,026,304 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 09:24:56 | 000,016,291 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 09:24:56 | 000,028,336 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 09:24:56 | 000,019,084 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 09:24:56 | 000,015,455 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 09:24:56 | 000,017,756 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 09:24:56 | 000,022,745 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 09:24:56 | 000,014,791 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 09:24:56 | 000,019,638 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 09:24:56 | 000,028,802 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 09:24:56 | 000,014,813 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 10:41:40 | 000,032,958 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 10:41:40 | 000,001,847 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 10:41:40 | 000,057,685 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 10:41:40 | 000,029,336 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 10:41:40 | 000,001,341 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 10:41:40 | 000,028,643 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 10:41:40 | 000,055,918 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 10:41:40 | 000,038,308 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 10:41:40 | 000,001,949 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 10:41:40 | 000,007,779 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 10:41:40 | 000,017,301 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 10:41:40 | 000,015,416 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 10:41:40 | 000,015,832 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 10:41:40 | 000,038,937 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 10:41:40 | 000,014,300 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 10:41:40 | 000,017,550 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2009.11.08 20:01:54 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.11.08 20:01:54 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Užovka\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,38% Memory free
4,21 Gb Paging File | 3,05 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,54 Gb Total Space | 28,90 Gb Free Space | 24,58% Space Free | Partition Type: NTFS
Drive E: | 113,88 Gb Total Space | 26,60 Gb Free Space | 23,36% Space Free | Partition Type: NTFS
Computer Name: HANKA-PC | User Name: Hanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012.12.22 11:07:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Užovka\Desktop\OTL.exe
PRC - [2011.03.02 16:20:58 | 000,224,256 | ---- | M] () -- C:\Program Files\GNU\GnuPG\dirmngr.exe
PRC - [2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.25 14:43:22 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008.01.25 12:33:50 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2008.01.25 10:24:08 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008.01.22 20:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2008.01.22 13:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008.01.22 10:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.01.19 08:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2008.01.17 15:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008.01.09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2007.12.29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.10.29 14:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.25 16:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007.10.04 18:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.28 16:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007.08.24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007.08.15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007.08.03 22:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007.07.25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007.07.24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007.07.18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007.07.13 07:14:56 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
PRC - [2007.06.18 10:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
PRC - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2011.06.28 09:24:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
MOD - [2011.06.28 08:02:54 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
MOD - [2011.06.28 08:02:28 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
MOD - [2011.06.28 08:02:17 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
MOD - [2011.06.28 08:01:10 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
MOD - [2011.06.28 07:59:27 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.03.02 16:18:28 | 000,656,384 | ---- | M] () -- C:\Program Files\GNU\GnuPG\gpgex.dll
MOD - [2008.09.15 23:24:37 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008.09.15 23:24:37 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.01.22 10:00:30 | 004,624,384 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2007.12.29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
MOD - [2007.12.25 11:03:40 | 000,015,184 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2007.12.14 20:40:00 | 000,090,112 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2007.12.14 20:28:38 | 004,726,784 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2007.09.13 14:11:18 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007.01.18 09:30:00 | 000,094,208 | ---- | M] () -- C:\Program Files\IDM\Desktop SMS\oehook.dll
MOD - [2006.12.01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- c:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll
MOD - [2005.07.22 21:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.10 18:28:00 | 000,519,040 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe -- (JYBOBQHN)
SRV - [2012.02.10 18:21:10 | 000,408,448 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Hanka\AppData\Local\Temp\SUZG.exe -- (SUZG)
SRV - [2011.03.02 16:20:58 | 000,224,256 | ---- | M] () [Auto | Running] -- C:\Program Files\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2008.01.25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.01.19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2008.01.09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007.09.28 16:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.08.24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service)
SRV - [2007.08.15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007.07.25 02:16:16 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007.07.25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007.07.24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007.07.18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011.01.14 21:12:29 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010.06.25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009.12.08 20:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2009.03.30 02:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008.05.24 23:36:32 | 000,068,096 | ---- | M] () [Kernel | Auto | Running] -- C:\Portable_Ubuntu\linux.sys -- (CoLinuxDriver)
DRV - [2008.02.01 11:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2008.01.21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.15 10:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2007.12.26 14:11:30 | 000,131,584 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.12.17 10:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.11.29 16:47:36 | 000,074,240 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.11.29 09:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.10.18 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.10.02 11:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.09.26 05:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007.07.24 12:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007.07.24 07:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007.07.21 09:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007.07.21 09:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007.07.21 09:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007.07.13 09:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007.06.06 15:21:32 | 000,111,616 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2007.04.09 16:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)
DRV - [2006.11.02 08:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2005.01.07 05:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\SearchScopes,DefaultScope = {1184580E-75B1-4BDA-ADA0-2B7518384FA8}
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTe ... urceid=ie7;
IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: firesheep@codebutler.com:0.1
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.03 18:42:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.05 13:32:09 | 000,000,000 | ---D | M]
[2010.05.12 13:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Extensions
[2010.05.12 13:58:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.12.22 10:37:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions
[2011.01.27 14:59:34 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\firesheep@codebutler.com
[2012.02.29 21:23:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2008.10.10 11:42:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[2011.01.24 18:29:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\HANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GN0DO0YH.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
[2008.01.23 07:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011.05.25 09:13:37 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npdrmv2.dll
[2011.05.25 09:13:18 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll
[2007.04.16 18:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2011.05.25 09:13:28 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npwmsdrm.dll
[2012.02.29 21:24:52 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.02.29 21:24:52 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.02.29 21:24:52 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.02.29 21:24:52 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.02.29 21:24:52 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun File not found
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1001..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [Del29693261] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [Report] \AdwCleaner[S1].txt ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\PROGRA~1\STARDO~1\sdie.htm File not found
O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ File not found
O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home File not found
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..Trusted Ranges: GD ([http] in Místní intranet)
O15 - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..Trusted Ranges: GD ([http] in Místní intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C9848EF-F447-4899-B6DF-BF35A8774F0C}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCC7D105-D5BE-4991-A9A1-EDD1A3066195}: DhcpNameServer = 217.170.96.24 217.170.96.2
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Toshiba\WALLPAPERS\redfoxs.jpg
O24 - Desktop BackupWallPaper: C:\Toshiba\WALLPAPERS\redfoxs.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\Shell - "" = AutoRun
O33 - MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{f69a960d-d057-11dd-a6f3-001f3c361305}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\D\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012.12.22 01:34:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.12.22 01:27:52 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.12.22 01:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.12.22 00:44:10 | 000,000,000 | ---D | C] -- C:\rsit
[2012.12.21 23:45:46 | 000,000,000 | ---D | C] -- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2012.12.22 11:15:59 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
[2012.12.22 11:15:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.12.22 10:42:16 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\agremove.exe
[2012.12.22 10:40:22 | 000,040,579 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2012.12.22 10:39:22 | 000,000,021 | ---- | M] () -- C:\Windows\S.dirmngr
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:39:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.22 10:39:10 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.22 01:27:52 | 000,001,062 | ---- | M] () -- C:\Users\Hanka\Desktop\Revo Uninstaller.lnk
[2012.12.21 23:45:45 | 000,001,827 | ---- | M] () -- C:\Users\Hanka\Desktop\JDownloader.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.22 11:15:34 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.12.22 10:39:22 | 000,000,021 | ---- | C] () -- C:\Windows\S.dirmngr
[2012.12.22 01:27:52 | 000,001,062 | ---- | C] () -- C:\Users\Hanka\Desktop\Revo Uninstaller.lnk
[2012.12.21 23:45:45 | 000,001,827 | ---- | C] () -- C:\Users\Hanka\Desktop\JDownloader.lnk
[2012.12.21 23:45:32 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.12.21 23:45:32 | 000,001,735 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.21 23:45:32 | 000,001,714 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.04.06 06:03:35 | 000,000,218 | ---- | C] () -- C:\Users\Hanka\.recently-used.xbel
[2012.02.10 18:19:15 | 000,000,053 | ---- | C] () -- C:\Windows\Eraser.INI
[2012.01.09 10:53:44 | 000,000,256 | ---- | C] () -- C:\Users\Hanka\.pulse-cookie
[2012.01.09 10:53:44 | 000,000,016 | ---- | C] () -- C:\Users\Hanka\.esd_auth
[2011.05.26 06:50:54 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.05.26 06:50:54 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.26 17:42:24 | 000,000,088 | ---- | C] () -- C:\Users\Hanka\AppData\Roaming\mainhst.zgh
[2008.06.11 13:02:52 | 000,064,000 | ---- | C] () -- C:\Users\Hanka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.10 21:38:09 | 000,024,206 | ---- | C] () -- C:\Users\Hanka\AppData\Roaming\UserTile.png
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 05:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.19 08:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2008.10.13 18:28:17 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\acccore
[2012.01.18 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer
[2012.01.18 12:25:37 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer Pro
[2012.03.11 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Claws-mail
[2012.01.09 15:10:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Dev-Cpp
[2009.03.19 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\GHISLER
[2012.04.06 06:03:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gnupg
[2012.04.06 06:03:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gtk-2.0
[2010.03.24 14:14:42 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\inkscape
[2011.02.17 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\jabbim
[2012.12.22 01:39:45 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
[2008.09.08 08:55:03 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Opera
[2008.06.10 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\PeerNetworking
[2010.12.03 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\SWI-Prolog
[2010.05.12 13:58:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Thunderbird
[2008.06.10 20:54:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Toshiba
[2011.01.14 22:18:27 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\TrueCrypt
[2010.06.09 14:49:39 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Wireshark
[2010.10.28 20:49:24 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\XnView
[2010.12.03 17:48:57 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\xpce
[2008.07.26 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ZipGenius
[2010.01.31 12:30:36 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Zoner
[2012.10.30 00:18:04 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\.minecraft
[2012.03.11 07:02:04 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\BSplayer
[2012.03.11 21:26:14 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\Claws-mail
[2012.03.11 18:39:20 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\enchant
[2012.03.11 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\GHISLER
[2012.11.30 21:12:36 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\gnupg
[2012.04.12 10:37:32 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\gtk-2.0
[2012.03.11 21:00:41 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\Mail
[2012.08.04 10:46:46 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\TrueCrypt
[2012.09.10 15:21:03 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\Wuala
[2012.08.12 10:48:30 | 000,000,000 | ---D | M] -- C:\Users\Prac\AppData\Roaming\XnView
[2012.10.24 19:15:48 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\.minecraft
[2011.11.09 00:30:46 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\.purple
[2012.01.18 14:40:18 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\BSplayer
[2012.04.06 05:59:45 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Claws-mail
[2008.10.02 08:11:48 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\GHISLER
[2012.12.17 06:39:54 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\gnupg
[2012.11.05 16:12:50 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\gtk-2.0
[2010.03.02 12:49:54 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\inkscape
[2008.07.18 17:36:10 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Opera
[2012.12.22 00:39:34 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\SWI-Prolog
[2008.07.25 18:54:55 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Toshiba
[2011.01.14 21:19:10 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\TrueCrypt
[2011.01.27 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Wireshark
[2012.09.10 13:28:55 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\Wuala
[2010.10.22 12:28:43 | 000,000,000 | ---D | M] -- C:\Users\Užovka\AppData\Roaming\XnView
========== Purity Check ==========
========== Custom Scans ==========
< >
[2006.11.02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006.11.02 14:01:49 | 000,032,540 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2008.03.11 18:32:45 | 000,000,364 | ---- | C] () -- C:\Windows\Tasks\McQcTask.job
[2008.03.11 18:32:48 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\McDefragTask.job
[2012.01.29 13:57:11 | 000,000,460 | -H-- | C] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
< >
< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.07.05 07:30:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.07.05 07:30:36 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.07.05 07:30:34 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.04.11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] () MD5=49DB28FAA82775EA1C25CB0FB040DB7D -- C:\Windows\System32\autochk.exe
[2008.01.19 08:33:01 | 000,642,560 | ---- | M] () MD5=49DB28FAA82775EA1C25CB0FB040DB7D -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2006.11.02 10:44:50 | 000,640,000 | ---- | M] (Microsoft Corporation) MD5=C08D1FE284C3330934E45D6E5F5B768B -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.16386_none_dfbd2b4dc4d6121b\autochk.exe
< MD5 for: CDROM.SYS >
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.19 06:49:51 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.10.29 07:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 04:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008.03.11 16:50:24 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.03.11 16:50:24 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 03:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: HAL.DLL >
[2008.01.19 08:42:34 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=A00B0EDD048786E30EBB2DA65D9A8F74 -- C:\Windows\System32\hal.dll
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: SERVICES.EXE >
[2008.01.19 08:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008.01.19 08:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006.11.02 10:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009.04.11 07:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SVCHOST.EXE >
[2006.11.02 10:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.19 08:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.26 09:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 07:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 21:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 22:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 18:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 12:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 15:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 15:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 21:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 15:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 13:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2008.07.05 07:29:55 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009.12.08 21:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2008.07.05 07:29:56 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2010.06.16 16:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009.08.14 17:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010.06.16 17:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.16 16:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2008.04.26 09:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 18:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 18:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 18:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2010.06.16 17:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2009.12.08 18:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006.11.02 09:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010.02.18 15:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 21:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.19 08:43:39 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 17:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\3bd8fe73c6fda64a95e9e60ac46184d4\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.10.13 18:28:17 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\acccore
[2012.01.19 15:09:44 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Adobe
[2012.01.18 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer
[2012.01.18 12:25:37 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\BSplayer Pro
[2012.03.11 20:55:28 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Claws-mail
[2012.01.09 15:10:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Dev-Cpp
[2009.03.19 00:00:14 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\GHISLER
[2012.04.06 06:03:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gnupg
[2008.06.12 16:01:30 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Google
[2012.04.06 06:03:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\gtk-2.0
[2008.06.10 19:01:54 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Identities
[2010.03.24 14:14:42 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\inkscape
[2008.06.10 18:58:56 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\InstallShield
[2011.02.17 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\jabbim
[2012.12.22 01:39:45 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
[2008.12.09 17:50:27 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Media Center Programs
[2011.05.25 07:27:32 | 000,000,000 | --SD | M] -- C:\Users\Hanka\AppData\Roaming\Microsoft
[2008.07.04 20:42:20 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Mozilla
[2011.04.20 18:02:14 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\OpenOffice.org2
[2008.09.08 08:55:03 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Opera
[2008.06.10 21:38:09 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\PeerNetworking
[2010.05.26 16:03:58 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Sun
[2010.12.03 16:56:55 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\SWI-Prolog
[2010.05.12 13:58:16 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Thunderbird
[2008.06.10 20:54:00 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Toshiba
[2011.01.14 22:18:27 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\TrueCrypt
[2011.01.30 19:16:07 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\U3
[2009.01.07 10:28:34 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Winamp
[2010.06.09 14:49:39 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Wireshark
[2010.10.28 20:49:24 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\XnView
[2010.12.03 17:48:57 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\xpce
[2008.07.26 17:44:26 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\ZipGenius
[2010.01.31 12:30:36 | 000,000,000 | ---D | M] -- C:\Users\Hanka\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2010.10.21 20:12:40 | 003,920,702 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\firesheep@codebutler.com\platform\WINNT_x86-msvc\firesheep-backend.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Hanka\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\Hanka\AppData\Roaming\U3\temp\Launchpad Removal.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2012.11.15 01:00:00 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2012.12.01 01:00:00 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2012.12.22 12:30:59 | 000,000,460 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:39:17 | 000,003,568 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.22 10:42:16 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\system32\agremove.exe
[2012.12.22 10:40:22 | 000,040,579 | ---- | M] () -- C:\Windows\system32\Config.MPF
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"WindowsWelcomeCenter" = rundll32.exe oobefldr.dll,ShowWelcomeCenter
"TOSCDSPD" = C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe -- [2007.12.29 09:06:02 | 000,430,080 | ---- | M] ()
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.19 08:33:09 | 000,125,952 | ---- | M] (Microsoft Corporation)
"WMPNSCFG" = C:\Program Files\Windows Media Player\WMPNSCFG.exe -- [2008.01.19 08:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.04.03 18:42:38 | 000,912,344 | ---- | M] (Mozilla Corporation) MD5=1A4C10F3BD1552BC05D5E7CBFE4FCDB4 -- C:\Program Files\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.05.28 07:09:21 | 000,638,232 | ---- | M] (Microsoft Corporation) MD5=ED65737D70FDEAC29F738E77D2496EE5 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2012.05.30 21:32:58 | 000,949,104 | ---- | M] (Opera Software) MD5=E8F78F11945EE6F91408C99AF15143EA -- C:\Program Files\Opera\opera.exe
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.12.22 11:15:35 | 000,000,512 | ---- | M] () MD5=CD79994B957457E763536B5AFFC2E17A -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2010.05.29 21:41:56 | 000,114,899 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\numpy\f2py\crackfortran.py
< *keygen* /s >
[2009.04.09 00:31:58 | 000,015,784 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\spec\RSAKeyGenParameterSpec.html
[2009.04.09 00:29:44 | 000,006,397 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\spec\class-use\RSAKeyGenParameterSpec.html
[2009.04.09 00:32:10 | 000,026,617 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\KeyGenerator.html
[2009.04.09 00:28:22 | 000,013,948 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\KeyGeneratorSpi.html
[2009.04.09 00:31:04 | 000,008,837 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\class-use\KeyGenerator.html
[2009.04.09 00:27:42 | 000,007,553 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\jce10\javax\crypto\class-use\KeyGeneratorSpi.html
[2009.04.09 00:31:10 | 000,015,083 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\spec\RSAKeyGenParameterSpec.html
[2009.04.09 00:28:18 | 000,005,914 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\spec\class-use\RSAKeyGenParameterSpec.html
< *loader* /s >
[2010.03.06 09:24:56 | 000,003,614 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\etc\gtk-2.0\gdk-pixbuf.loaders
[2010.03.06 09:24:56 | 000,023,124 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2010.03.06 09:24:56 | 000,020,218 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2010.03.06 09:24:56 | 000,029,770 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2010.03.06 09:24:56 | 000,017,513 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2010.03.06 09:24:56 | 000,021,012 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2010.03.06 09:24:56 | 000,026,304 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2010.03.06 09:24:56 | 000,016,291 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2010.03.06 09:24:56 | 000,028,336 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2010.03.06 09:24:56 | 000,019,084 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2010.03.06 09:24:56 | 000,015,455 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2010.03.06 09:24:56 | 000,017,756 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2010.03.06 09:24:56 | 000,022,745 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2010.03.06 09:24:56 | 000,014,791 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2010.03.06 09:24:56 | 000,019,638 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2010.03.06 09:24:56 | 000,028,802 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2010.03.06 09:24:56 | 000,014,813 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010.08.16 10:41:40 | 000,032,958 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ailoader.py
[2010.08.16 10:41:40 | 000,001,847 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\bziploader.py
[2010.08.16 10:41:40 | 000,057,685 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\ccxloader.py
[2010.08.16 10:41:40 | 000,029,336 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrloader.py
[2010.08.16 10:41:40 | 000,001,341 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cdrziploader.py
[2010.08.16 10:41:40 | 000,028,643 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cgmloader.py
[2010.08.16 10:41:40 | 000,055,918 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\cmxloader.py
[2010.08.16 10:41:40 | 000,038,308 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\dxfloader.py
[2010.08.16 10:41:40 | 000,001,949 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\gziploader.py
[2010.08.16 10:41:40 | 000,007,779 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\pltloader.py
[2010.08.16 10:41:40 | 000,017,301 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\sk1loader.py
[2010.08.16 10:41:40 | 000,015,416 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\skloader.py
[2010.08.16 10:41:40 | 000,015,832 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\stitchloader.py
[2010.08.16 10:41:40 | 000,038,937 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\svgloader.py
[2010.08.16 10:41:40 | 000,014,300 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\wmfloader.py
[2010.08.16 10:41:40 | 000,017,550 | ---- | M] () -- \Inkscape\InkscapePortable\App\Inkscape\python\Lib\site-packages\sk1libs\filters\import\xfigloader.py
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7Debug\coloader80.tlb
[2009.11.08 20:01:54 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.11.08 20:01:54 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
Re: Preventivka
[2010.02.07 21:30:56 | 000,025,294 | ---- | M] () -- \Program Files\GNU\GnuPG\gdk-pixbuf-query-loaders.exe
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GNU\GnuPG\etc\gtk-2.0\gdk-pixbuf.loaders
[2007.01.31 15:09:52 | 000,012,800 | ---- | M] () -- \Program Files\Google\Google Earth\apiloader.dll
[2008.10.10 11:40:11 | 000,007,697 | ---- | M] () -- \Program Files\Java\jdk1.6.0\demo\jvmti\hprof\src\hprof_loader.c
[2008.10.10 11:40:11 | 000,002,173 | ---- | M] () -- \Program Files\Java\jdk1.6.0\demo\jvmti\hprof\src\hprof_loader.h
[2009.07.23 04:08:52 | 000,019,992 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2009.07.23 04:08:52 | 000,019,992 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 00:57:18 | 000,001,373 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 03:51:22 | 000,001,648 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 03:51:22 | 000,004,525 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2009.12.05 01:15:11 | 000,000,456 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\config\Modules\org-openide-loaders.xml
[2010.03.03 22:57:40 | 001,058,157 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\org-openide-loaders.jar
[2010.03.03 22:57:37 | 000,006,046 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\locale\org-openide-loaders_ja.jar
[2010.03.03 22:57:36 | 000,005,551 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\locale\org-openide-loaders_pt_BR.jar
[2010.03.03 22:57:36 | 000,005,780 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\locale\org-openide-loaders_zh_CN.jar
[2010.03.03 22:58:29 | 000,000,380 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\update_tracking\org-openide-loaders.xml
[2010.07.29 01:06:10 | 000,000,483 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2010.11.29 03:39:41 | 002,549,382 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\org-netbeans-modules-j2ee-ddloaders.jar
[2010.11.29 03:39:32 | 000,033,680 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_ja.jar
[2010.11.29 03:39:30 | 000,031,129 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_pt_BR.jar
[2010.11.29 03:39:30 | 000,032,362 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_zh_CN.jar
[2010.11.29 03:40:01 | 000,000,431 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\update_tracking\org-netbeans-modules-j2ee-ddloaders.xml
[2010.07.28 23:12:37 | 000,000,484 | ---- | M] () -- \Program Files\NetBeans 6.9.1\ergonomics\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2010.07.29 01:06:10 | 000,000,526 | ---- | M] () -- \Program Files\NetBeans 6.9.1\ergonomics\config\Modules\org-netbeans-modules-visualweb-extension-openide-loaders.xml
[2010.07.29 01:06:13 | 000,019,348 | ---- | M] () -- \Program Files\NetBeans 6.9.1\javacard\JCDK3.0.2_ConnectedEdition\docs\api\spi\com\sun\javacard\spi\cardmgmt\DeploymentUnitLoader.html
[2009.04.09 00:30:54 | 000,004,261 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\apps\SVGDemo\src\com\sun\perseus\demo\ImageLoader.java
[2009.04.09 00:27:28 | 000,075,179 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\lang\ClassLoader.html
[2009.04.09 00:29:26 | 000,025,070 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\lang\class-use\ClassLoader.html
[2009.04.09 00:31:18 | 000,035,485 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\net\URLClassLoader.html
[2009.04.09 00:29:48 | 000,008,749 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\net\class-use\URLClassLoader.html
[2009.04.09 00:27:10 | 000,021,745 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\security\SecureClassLoader.html
[2009.04.09 00:29:42 | 000,007,912 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\security\class-use\SecureClassLoader.html
[2009.04.09 00:31:22 | 000,075,257 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\lang\ClassLoader.html
[2009.04.09 00:27:52 | 000,025,144 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\lang\class-use\ClassLoader.html
[2009.04.09 00:27:30 | 000,035,559 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\net\URLClassLoader.html
[2009.04.09 00:29:28 | 000,008,823 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\net\class-use\URLClassLoader.html
[2009.04.09 00:30:48 | 000,021,827 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\SecureClassLoader.html
[2009.04.09 00:27:10 | 000,007,986 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\class-use\SecureClassLoader.html
[2009.04.09 00:31:58 | 000,073,570 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\lang\ClassLoader.html
[2009.04.09 00:30:02 | 000,027,469 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\lang\class-use\ClassLoader.html
[2009.04.09 00:27:34 | 000,034,597 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\net\URLClassLoader.html
[2009.04.09 00:28:20 | 000,008,293 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\net\class-use\URLClassLoader.html
[2009.04.09 00:28:00 | 000,021,104 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\SecureClassLoader.html
[2009.04.09 00:31:02 | 000,007,466 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\class-use\SecureClassLoader.html
[2010.11.29 03:40:49 | 000,002,977 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\toolkit-lib\process\memory-profiler\code\memprof-loader.jar
[2010.07.29 01:06:16 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2010.07.29 01:06:16 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\config\Modules\org-openide-loaders.xml
[2010.11.29 03:37:01 | 001,330,310 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\org-openide-loaders.jar
[2010.11.29 03:36:58 | 000,006,961 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\locale\org-openide-loaders_ja.jar
[2010.11.29 03:36:56 | 000,006,373 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2010.11.29 03:36:56 | 000,006,650 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2010.11.29 03:37:57 | 000,000,465 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\update_tracking\org-openide-loaders.xml
[2008.05.30 08:41:12 | 000,022,528 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\javaloader.uno.dll
[2008.05.30 23:03:18 | 000,006,528 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.py
[2008.05.30 13:41:00 | 000,016,384 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.dll
[2008.05.31 00:10:48 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.ini
[2008.05.30 13:26:44 | 000,004,064 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\classes\unoloader.jar
[2007.02.05 15:54:52 | 000,045,056 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.exe
[2006.03.20 11:43:36 | 000,000,273 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.ini
[2009.06.01 10:38:12 | 000,003,614 | ---- | M] () -- \Program Files\Wireshark\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.06.01 10:23:46 | 000,028,560 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.06.01 10:23:42 | 000,027,492 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.06.01 10:23:44 | 000,041,827 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.06.01 10:23:54 | 000,020,750 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.06.01 10:23:44 | 000,027,004 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.06.01 10:23:48 | 000,033,364 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.06.01 10:23:56 | 000,021,329 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.06.01 10:23:40 | 000,035,326 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.06.01 10:23:48 | 000,023,528 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.06.01 10:23:50 | 000,018,354 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.06.01 10:23:54 | 000,023,858 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.06.01 10:23:50 | 000,028,334 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.06.01 10:23:42 | 000,017,895 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.06.01 10:23:52 | 000,023,851 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.06.01 10:23:52 | 000,041,060 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2012.12.21 23:45:32 | 000,001,735 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.21 23:45:32 | 000,001,714 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.12.21 23:45:32 | 000,001,791 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.21 23:45:32 | 000,001,735 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.21 23:45:32 | 000,001,714 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.12.21 23:45:32 | 000,001,791 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010.12.05 17:16:36 | 000,000,483 | ---- | M] () -- \Users\Hanka\.netbeans\6.9\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2012.12.21 23:49:45 | 000,000,013 | ---- | M] () -- \Users\Hanka\AppData\Local\Microsoft\Internet Explorer\DOMStore\O0N7LCGK\jdownloader[1].xml
[2012.12.21 23:42:40 | 001,165,952 | ---- | M] () -- \Users\Hanka\AppData\Local\Temp\JDownloaderSetup.exe
[9 \Users\Hanka\AppData\Local\Temp\*.tmp files -> \Users\Hanka\AppData\Local\Temp\*.tmp -> ]
[2012.05.22 12:33:34 | 025,101,952 | ---- | M] () -- \Users\Hanka\AppData\Local\Temp\is1070216317\JDownloaderSetup_IC.exe
[2012.12.21 23:45:45 | 000,001,827 | ---- | M] () -- \Users\Hanka\Desktop\JDownloader.lnk
[2012.12.16 09:17:07 | 000,009,427 | ---- | M] () -- \Users\Prac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HKLCBG61\ajax-loader[1].gif
[2012.12.15 19:32:43 | 000,000,673 | ---- | M] () -- \Users\Prac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RE7GIIDH\loader.white[1].gif
[2012.12.10 05:53:25 | 000,178,746 | ---- | M] () -- \Users\Prac\Desktop\sklady_soubory\FeatureLoader.js
[2010.11.29 03:49:42 | 000,000,483 | ---- | M] () -- \Users\Užovka\.netbeans\6.9\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2010.01.27 10:29:17 | 000,018,654 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\kry.inf\561-bezpecnostni-audit-pres-obed_soubory\client_restserver_data\FeatureLoader.js
[2011.08.22 08:15:30 | 000,018,454 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\Vlasy\domaci-recepty-pro-plet_soubory\FeatureLoader.js
[2011.08.22 08:15:19 | 000,018,454 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\Vlasy\top-tema-domaci-recepty_smpon_soubory\FeatureLoader.js
[2010.12.09 21:15:03 | 000,018,245 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\Vlasy\Vlas\navod-na-samozastrizeni-od-feye_soubory\FeatureLoader.js
[2011.12.13 17:45:51 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\jak-kreslit-ilustrace-pro-fotobanky_soubory\loader.gif
[2011.12.13 17:48:41 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\kdy-se-prodavaji-vanocni-motivy_soubory\loader.gif
[2011.12.13 17:57:16 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\prehled-fotobank-prodej_soubory\loader.gif
[2011.12.13 17:46:15 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\shutterstock-registrace-navod_soubory\loader.gif
[2012.02.22 13:20:30 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\fotobanky-brigada-prace-z-domova_soubory\loader.gif
[2012.02.22 13:20:25 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\jak-kreslit-ilustrace-pro-fotobanky_soubory\loader.gif
[2011.11.21 11:34:12 | 000,004,254 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\Knihy_P\Macha\45_soubory\rate_data\js_preloader.gif
[2011.12.16 09:06:53 | 000,008,787 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\Vyroba techniky\159-fusing-mikrovlnka_soubory\loaderb.gif
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.05.24 21:39:01 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.05.24 21:39:01 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.05.24 21:39:01 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.05.24 21:37:42 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.05.24 21:37:43 | 000,988,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winload.exe_75835076
[2011.05.24 21:37:43 | 000,927,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winresume.exe_85cd1215
[2011.05.24 21:39:14 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.05.24 21:39:14 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.07.04 20:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.07.04 20:49:34 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.07.04 20:49:41 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.07.04 20:49:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.07.04 20:49:47 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.07.04 20:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.07.04 20:49:33 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.07.04 20:49:40 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.07.04 20:49:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.07.04 20:49:46 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 03:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.07.04 20:49:23 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.07.04 20:49:23 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.18 23:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.07.04 20:49:17 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.07.04 20:49:17 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.18 23:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< End of report >
[2010.02.07 21:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GNU\GnuPG\etc\gtk-2.0\gdk-pixbuf.loaders
[2007.01.31 15:09:52 | 000,012,800 | ---- | M] () -- \Program Files\Google\Google Earth\apiloader.dll
[2008.10.10 11:40:11 | 000,007,697 | ---- | M] () -- \Program Files\Java\jdk1.6.0\demo\jvmti\hprof\src\hprof_loader.c
[2008.10.10 11:40:11 | 000,002,173 | ---- | M] () -- \Program Files\Java\jdk1.6.0\demo\jvmti\hprof\src\hprof_loader.h
[2009.07.23 04:08:52 | 000,019,992 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Tools\Binn\SqlResourceLoader.dll
[2009.07.23 04:08:52 | 000,019,992 | ---- | M] () -- \Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SqlResourceLoader.dll
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll
[2010.03.18 00:57:18 | 000,001,373 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.dll.manifest
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\coloader80.tlb
[2009.08.31 03:51:22 | 000,001,648 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\VC\atlmfc\include\afxribboninfoloader.h
[2009.08.31 03:51:22 | 000,004,525 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\VC\atlmfc\src\mfc\afxribboninfoloader.cpp
[2009.12.05 01:15:11 | 000,000,456 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\config\Modules\org-openide-loaders.xml
[2010.03.03 22:57:40 | 001,058,157 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\org-openide-loaders.jar
[2010.03.03 22:57:37 | 000,006,046 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\locale\org-openide-loaders_ja.jar
[2010.03.03 22:57:36 | 000,005,551 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\locale\org-openide-loaders_pt_BR.jar
[2010.03.03 22:57:36 | 000,005,780 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\modules\locale\org-openide-loaders_zh_CN.jar
[2010.03.03 22:58:29 | 000,000,380 | ---- | M] () -- \Program Files\NetBeans 6.8\platform11\update_tracking\org-openide-loaders.xml
[2010.07.29 01:06:10 | 000,000,483 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2010.11.29 03:39:41 | 002,549,382 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\org-netbeans-modules-j2ee-ddloaders.jar
[2010.11.29 03:39:32 | 000,033,680 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_ja.jar
[2010.11.29 03:39:30 | 000,031,129 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_pt_BR.jar
[2010.11.29 03:39:30 | 000,032,362 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_zh_CN.jar
[2010.11.29 03:40:01 | 000,000,431 | ---- | M] () -- \Program Files\NetBeans 6.9.1\enterprise\update_tracking\org-netbeans-modules-j2ee-ddloaders.xml
[2010.07.28 23:12:37 | 000,000,484 | ---- | M] () -- \Program Files\NetBeans 6.9.1\ergonomics\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2010.07.29 01:06:10 | 000,000,526 | ---- | M] () -- \Program Files\NetBeans 6.9.1\ergonomics\config\Modules\org-netbeans-modules-visualweb-extension-openide-loaders.xml
[2010.07.29 01:06:13 | 000,019,348 | ---- | M] () -- \Program Files\NetBeans 6.9.1\javacard\JCDK3.0.2_ConnectedEdition\docs\api\spi\com\sun\javacard\spi\cardmgmt\DeploymentUnitLoader.html
[2009.04.09 00:30:54 | 000,004,261 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\apps\SVGDemo\src\com\sun\perseus\demo\ImageLoader.java
[2009.04.09 00:27:28 | 000,075,179 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\lang\ClassLoader.html
[2009.04.09 00:29:26 | 000,025,070 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\lang\class-use\ClassLoader.html
[2009.04.09 00:31:18 | 000,035,485 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\net\URLClassLoader.html
[2009.04.09 00:29:48 | 000,008,749 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\net\class-use\URLClassLoader.html
[2009.04.09 00:27:10 | 000,021,745 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\security\SecureClassLoader.html
[2009.04.09 00:29:42 | 000,007,912 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\cdc-1.1\java\security\class-use\SecureClassLoader.html
[2009.04.09 00:31:22 | 000,075,257 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\lang\ClassLoader.html
[2009.04.09 00:27:52 | 000,025,144 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\lang\class-use\ClassLoader.html
[2009.04.09 00:27:30 | 000,035,559 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\net\URLClassLoader.html
[2009.04.09 00:29:28 | 000,008,823 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\net\class-use\URLClassLoader.html
[2009.04.09 00:30:48 | 000,021,827 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\SecureClassLoader.html
[2009.04.09 00:27:10 | 000,007,986 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\fp-1.1\java\security\class-use\SecureClassLoader.html
[2009.04.09 00:31:58 | 000,073,570 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\lang\ClassLoader.html
[2009.04.09 00:30:02 | 000,027,469 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\lang\class-use\ClassLoader.html
[2009.04.09 00:27:34 | 000,034,597 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\net\URLClassLoader.html
[2009.04.09 00:28:20 | 000,008,293 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\net\class-use\URLClassLoader.html
[2009.04.09 00:28:00 | 000,021,104 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\SecureClassLoader.html
[2009.04.09 00:31:02 | 000,007,466 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\docs\api\pbp11\java\security\class-use\SecureClassLoader.html
[2010.11.29 03:40:49 | 000,002,977 | ---- | M] () -- \Program Files\NetBeans 6.9.1\mobility\Java_ME_platform_SDK_3.0\toolkit-lib\process\memory-profiler\code\memprof-loader.jar
[2010.07.29 01:06:16 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2010.07.29 01:06:16 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\config\Modules\org-openide-loaders.xml
[2010.11.29 03:37:01 | 001,330,310 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\org-openide-loaders.jar
[2010.11.29 03:36:58 | 000,006,961 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\locale\org-openide-loaders_ja.jar
[2010.11.29 03:36:56 | 000,006,373 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2010.11.29 03:36:56 | 000,006,650 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2010.11.29 03:37:57 | 000,000,465 | ---- | M] () -- \Program Files\NetBeans 6.9.1\platform\update_tracking\org-openide-loaders.xml
[2008.05.30 08:41:12 | 000,022,528 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\javaloader.uno.dll
[2008.05.30 23:03:18 | 000,006,528 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.py
[2008.05.30 13:41:00 | 000,016,384 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.dll
[2008.05.31 00:10:48 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\pythonloader.uno.ini
[2008.05.30 13:26:44 | 000,004,064 | ---- | M] () -- \Program Files\OpenOffice.org 2.4\program\classes\unoloader.jar
[2007.02.05 15:54:52 | 000,045,056 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.exe
[2006.03.20 11:43:36 | 000,000,273 | ---- | M] () -- \Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\accLoader.ini
[2009.06.01 10:38:12 | 000,003,614 | ---- | M] () -- \Program Files\Wireshark\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.06.01 10:23:46 | 000,028,560 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.06.01 10:23:42 | 000,027,492 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.06.01 10:23:44 | 000,041,827 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.06.01 10:23:54 | 000,020,750 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.06.01 10:23:44 | 000,027,004 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.06.01 10:23:48 | 000,033,364 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.06.01 10:23:56 | 000,021,329 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.06.01 10:23:40 | 000,035,326 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.06.01 10:23:48 | 000,023,528 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.06.01 10:23:50 | 000,018,354 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.06.01 10:23:54 | 000,023,858 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.06.01 10:23:50 | 000,028,334 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.06.01 10:23:42 | 000,017,895 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.06.01 10:23:52 | 000,023,851 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.06.01 10:23:52 | 000,041,060 | ---- | M] () -- \Program Files\Wireshark\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2012.12.21 23:45:32 | 000,001,735 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.21 23:45:32 | 000,001,714 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.12.21 23:45:32 | 000,001,791 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.21 23:45:32 | 000,001,735 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Uninstaller.lnk
[2012.12.21 23:45:32 | 000,001,714 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.12.21 23:45:32 | 000,001,791 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2010.12.05 17:16:36 | 000,000,483 | ---- | M] () -- \Users\Hanka\.netbeans\6.9\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2012.12.21 23:49:45 | 000,000,013 | ---- | M] () -- \Users\Hanka\AppData\Local\Microsoft\Internet Explorer\DOMStore\O0N7LCGK\jdownloader[1].xml
[2012.12.21 23:42:40 | 001,165,952 | ---- | M] () -- \Users\Hanka\AppData\Local\Temp\JDownloaderSetup.exe
[9 \Users\Hanka\AppData\Local\Temp\*.tmp files -> \Users\Hanka\AppData\Local\Temp\*.tmp -> ]
[2012.05.22 12:33:34 | 025,101,952 | ---- | M] () -- \Users\Hanka\AppData\Local\Temp\is1070216317\JDownloaderSetup_IC.exe
[2012.12.21 23:45:45 | 000,001,827 | ---- | M] () -- \Users\Hanka\Desktop\JDownloader.lnk
[2012.12.16 09:17:07 | 000,009,427 | ---- | M] () -- \Users\Prac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HKLCBG61\ajax-loader[1].gif
[2012.12.15 19:32:43 | 000,000,673 | ---- | M] () -- \Users\Prac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\RE7GIIDH\loader.white[1].gif
[2012.12.10 05:53:25 | 000,178,746 | ---- | M] () -- \Users\Prac\Desktop\sklady_soubory\FeatureLoader.js
[2010.11.29 03:49:42 | 000,000,483 | ---- | M] () -- \Users\Užovka\.netbeans\6.9\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2010.01.27 10:29:17 | 000,018,654 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\kry.inf\561-bezpecnostni-audit-pres-obed_soubory\client_restserver_data\FeatureLoader.js
[2011.08.22 08:15:30 | 000,018,454 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\Vlasy\domaci-recepty-pro-plet_soubory\FeatureLoader.js
[2011.08.22 08:15:19 | 000,018,454 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\Vlasy\top-tema-domaci-recepty_smpon_soubory\FeatureLoader.js
[2010.12.09 21:15:03 | 000,018,245 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\ctivo\Vlasy\Vlas\navod-na-samozastrizeni-od-feye_soubory\FeatureLoader.js
[2011.12.13 17:45:51 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\jak-kreslit-ilustrace-pro-fotobanky_soubory\loader.gif
[2011.12.13 17:48:41 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\kdy-se-prodavaji-vanocni-motivy_soubory\loader.gif
[2011.12.13 17:57:16 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\prehled-fotobank-prodej_soubory\loader.gif
[2011.12.13 17:46:15 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\foto\shutterstock-registrace-navod_soubory\loader.gif
[2012.02.22 13:20:30 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\fotobanky-brigada-prace-z-domova_soubory\loader.gif
[2012.02.22 13:20:25 | 000,001,644 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\jak-kreslit-ilustrace-pro-fotobanky_soubory\loader.gif
[2011.11.21 11:34:12 | 000,004,254 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\Knihy_P\Macha\45_soubory\rate_data\js_preloader.gif
[2011.12.16 09:06:53 | 000,008,787 | ---- | M] () -- \Users\Užovka\Desktop\UnDos\Vyroba techniky\159-fusing-mikrovlnka_soubory\loaderb.gif
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.05.24 21:39:01 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2011.05.24 21:39:01 | 000,027,648 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winload.exe.mui_3bc5b827
[2011.05.24 21:39:01 | 000,019,968 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15_winresume.exe.mui_ff8b5358
[2011.05.24 21:37:42 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2011.05.24 21:37:43 | 000,988,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winload.exe_75835076
[2011.05.24 21:37:43 | 000,927,288 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b_winresume.exe_85cd1215
[2011.05.24 21:39:14 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2011.05.24 21:39:14 | 000,021,048 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2_spldr.sys_98bd87a0
[2008.07.04 20:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_de-de_cb9c6772f81a418b.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_en-us_748d3d6be6f84d50.manifest
[2008.07.04 20:49:34 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_es-es_74589a4fe71f3ef5.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_fr-fr_1710104ed9f15557.manifest
[2008.07.04 20:49:41 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_it-it_01380695b1233ad5.manifest
[2008.07.04 20:49:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_ja-jp_a35d85a2a43e4cb0.manifest
[2008.07.04 20:49:47 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.16646_nl-nl_2d992eca70004957.manifest
[2008.07.04 20:49:30 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_de-de_cbf6c366115bebbd.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_en-us_74e7995f0039f782.manifest
[2008.07.04 20:49:33 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_es-es_74b2f6430060e927.manifest
[2008.07.04 20:49:25 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_fr-fr_176a6c41f332ff89.manifest
[2008.07.04 20:49:40 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_it-it_01926288ca64e507.manifest
[2008.07.04 20:49:42 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_ja-jp_a3b7e195bd7ff6e2.manifest
[2008.07.04 20:49:46 | 000,003,414 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6000.20782_nl-nl_2df38abd8941f389.manifest
[2008.01.19 03:14:52 | 000,003,402 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.0.6001.18000_cs-cz_33426ea9fd097a15.manifest
[2008.07.04 20:49:23 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.16646_none_591b3d986f9b5725.manifest
[2008.07.04 20:49:23 | 000,004,858 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6000.20782_none_5975998b88dd0157.manifest
[2008.01.18 23:00:00 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18000_none_5b26ba326ca6e048.manifest
[2008.07.04 20:49:17 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.18027_none_5b181c606cb0c98b.manifest
[2008.07.04 20:49:17 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6001.22125_none_5b9fb89785d036a7.manifest
[2009.04.10 23:12:44 | 000,004,864 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.0.6002.18005_none_5d12333e69c8ab94.manifest
[2006.11.02 11:13:06 | 000,003,970 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6000.16386_none_68fc663d5430d3de.manifest
[2008.01.18 23:05:22 | 000,003,885 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.0.6001.18000_none_6b332839511be4b2.manifest
[2006.11.02 13:34:33 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6000.16386_none_43bd59f592b7be86\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6001.18000_none_45f41bf18fa2cf5a\dmloader.dll
[2008.01.19 08:34:04 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.0.6002.18005_none_47df94fd8cc49aa6\dmloader.dll
< End of report >
Re: Preventivka
OTL Extras logfile created on: 22.12.2012 11:11:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Užovka\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,38% Memory free
4,21 Gb Paging File | 3,05 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,54 Gb Total Space | 28,90 Gb Free Space | 24,58% Space Free | Partition Type: NTFS
Drive E: | 113,88 Gb Total Space | 26,60 Gb Free Space | 23,36% Space Free | Partition Type: NTFS
Computer Name: HANKA-PC | User Name: Hanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D0E9B3BF-C9C0-4A37-B504-518BDF6F6381}" = lport=15962 | protocol=17 | dir=in | name=bitcomet 15962 udp |
"{E7403F55-9AB0-4B08-BBD5-33620A38436B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{FD95F90C-F152-4CAE-9EB4-8AF696E8B36E}" = lport=15962 | protocol=6 | dir=in | name=bitcomet 15962 tcp |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A0481BA-61D7-428C-9C48-C2BA28A147E9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{34C88753-0AAD-4E08-B19F-2629953938F5}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{3DE0A41C-5240-44CF-B711-61B5A76AE0F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{413F7DEF-6C9D-41BB-AB73-B296C14C5EEC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{8037B659-BD01-4F8B-8CBF-DE162D8556D1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{8155FB36-B627-4663-9EC4-57C5BEED0B15}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{AB1A3382-A568-4FCD-B785-53D52FE650D3}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B2E2A6DD-0364-44EE-A973-090F4ABA2B3F}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{CD310796-ED7A-40D7-8212-B94F09E3FCAD}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{E2CAF03E-FFA9-45E9-ACD3-6A9CCB5A4CB3}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{0E19E46A-7E70-4348-938D-EBA68AF51161}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"TCP Query User{15748808-7C33-4D29-AE82-1DFE0E1395DE}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{1A68C8D9-0936-4578-AF3D-2BF1DAAEB94C}C:\program files\psi\psi.exe" = protocol=6 | dir=in | app=c:\program files\psi\psi.exe |
"TCP Query User{1ACEB976-1E3C-42AF-95AE-E843F9BDC480}D:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=6 | dir=in | app=d:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
"TCP Query User{249E4009-9A19-4986-AC5E-B2A49A196182}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"TCP Query User{3428CAE4-4070-4C30-B383-57198CCE60FD}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=6 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"TCP Query User{35FA2525-F2B6-4EB5-839F-4A3C00456674}C:\program files\java\jdk1.6.0\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0\jre\bin\java.exe |
"TCP Query User{38640F8D-7504-4FFB-B66D-C065AC99FA9F}D:\portable_ubuntu\xming\xming.exe" = protocol=6 | dir=in | app=d:\portable_ubuntu\xming\xming.exe |
"TCP Query User{39684D65-1F17-46BD-BDC4-15D2463D73A8}C:\program files\jabbim\jabbim.exe" = protocol=6 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"TCP Query User{4617B99D-0CB8-4177-AC01-9A866C734B40}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{4C509F90-6287-449D-B582-85142174AA6F}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"TCP Query User{5434FA9D-BDD8-4A27-995E-86DC8B4FACEF}C:\users\užovka\desktop\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\miranda im\miranda32.exe |
"TCP Query User{561BD61A-2170-4C8C-B3BD-ACFDEE03B545}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{585C967D-AFF0-4385-8A07-07272ACCDDB1}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{6D045074-EC90-47B5-876C-2B7EE7C5CF6A}C:\portable_ubuntu\xming\xming.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"TCP Query User{6DD533BE-6B67-415B-A803-8D4EADC45FEF}D:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=6 | dir=in | app=d:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"TCP Query User{73BEBC48-F515-4BBB-87FC-CE9261E593B1}C:\users\užovka\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\užovka\appdata\roaming\wuala\wuala.exe |
"TCP Query User{77B08BB3-6616-4AE9-A6AC-97B4E86B983E}C:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe |
"TCP Query User{7DBA26CD-F927-4BA3-9366-2F45E5F880F8}C:\portable_ubuntu\xming\xming.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"TCP Query User{7DCBF3EB-DF46-4901-B2BF-CE66635C1391}C:\program files\winpcap\rpcapd.exe" = protocol=6 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"TCP Query User{862B2978-79E2-483A-B953-7D225A98370E}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{8770C9A7-8991-442C-B6FF-E2BCB2CB11A2}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{8E22F8EB-9CD2-4126-90D2-8C1E3834586C}C:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe |
"TCP Query User{A1714A7F-49EF-48E8-974A-F4EEF59C6985}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{A48C5660-39DA-4A04-9653-951C42EB9360}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=6 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"TCP Query User{A6C5CD18-2A7F-4BAC-8D70-71BF36561E0F}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{ACF691C5-8289-4C2B-8D40-64AD43AF1010}C:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"TCP Query User{AD831771-4046-47F6-9B9F-E51C59D7E26F}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"TCP Query User{BA40CC0F-C2D4-4D40-BBE2-539D78CFE6FB}C:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe |
"TCP Query User{C1B3B5E7-AD83-4DEA-837F-469815929F97}C:\program files\xirc2\xchat.exe" = protocol=6 | dir=in | app=c:\program files\xirc2\xchat.exe |
"TCP Query User{C4AAA341-F10D-4588-80D0-C7C63BABAB7D}C:\users\užovka\desktop\utorrent-portable\utorrent.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\utorrent-portable\utorrent.exe |
"TCP Query User{C65AFC81-A21A-415F-AF19-D172F1992565}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{C71111B6-8113-4793-8845-767CBCC6FDA2}C:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
"TCP Query User{D004EF54-6940-4754-8914-AF01A4E62E01}C:\program files\jabbim\jabbim.exe" = protocol=6 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"TCP Query User{D5B4EFFF-40DE-48B2-9FD9-A9D8A7143CDF}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{D8698EBC-FB84-4F03-AEF1-08E3C042AD88}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{DCF72EE3-5CA2-4C80-BBF1-1F72FD4C6820}C:\program files\maxima-5.21.1\bin\xmaxima.exe" = protocol=6 | dir=in | app=c:\program files\maxima-5.21.1\bin\xmaxima.exe |
"TCP Query User{E23195E9-8733-4BA9-BF46-8FD76CF45732}C:\program files\raketu\raketu.exe" = protocol=6 | dir=in | app=c:\program files\raketu\raketu.exe |
"TCP Query User{F33B7C3B-4B79-46F2-B717-0CC63D04D9D9}C:\program files\xchat\irc-chat\adiirc.exe" = protocol=6 | dir=in | app=c:\program files\xchat\irc-chat\adiirc.exe |
"TCP Query User{F442E986-80B0-454E-B8E9-840D3786412B}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{F8B80865-3E25-42D3-AFDC-4871BD791294}C:\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\miranda im\miranda32.exe |
"TCP Query User{FB7A84A6-9245-4988-A703-7B0844A67538}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{12CCB3E8-71D4-4280-B12E-B7A136C6E3D4}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{1A0670DD-6078-411F-A79F-430DF833BC7F}D:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=17 | dir=in | app=d:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"UDP Query User{1D82BAAA-D0FC-45EC-89D8-A615472093FD}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{1E7E26C1-092A-47F3-8D53-548504760459}C:\program files\raketu\raketu.exe" = protocol=17 | dir=in | app=c:\program files\raketu\raketu.exe |
"UDP Query User{217C2355-8B68-4B0F-883C-D717D35A0B7C}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{29073799-66F6-4E57-8F3D-4CA4DB8996D8}C:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe |
"UDP Query User{2C13BA7B-C5B0-491E-84A9-041BEF93D3E5}C:\program files\winpcap\rpcapd.exe" = protocol=17 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"UDP Query User{32BC6EDA-39BD-4FCD-AD07-88D8B16009B9}C:\program files\psi\psi.exe" = protocol=17 | dir=in | app=c:\program files\psi\psi.exe |
"UDP Query User{36130329-0B6E-4759-BAD4-AFC4DB05EFFA}C:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe |
"UDP Query User{3C5B8E45-D7B7-4C45-8772-53CE5AB95267}C:\program files\maxima-5.21.1\bin\xmaxima.exe" = protocol=17 | dir=in | app=c:\program files\maxima-5.21.1\bin\xmaxima.exe |
"UDP Query User{43A84A72-E978-4892-8ED9-AE2B8BEDF001}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"UDP Query User{495CB1FC-DE4B-4D74-9333-4869D5FEAA7B}D:\portable_ubuntu\xming\xming.exe" = protocol=17 | dir=in | app=d:\portable_ubuntu\xming\xming.exe |
"UDP Query User{4A5318CC-C502-4B02-84DA-F74668695F76}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"UDP Query User{4E89B62A-C713-4F37-9964-602BB03CC4DB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5BFFB8B7-F479-4672-98EC-66AACFD17D4A}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"UDP Query User{62062C9A-163B-4715-8391-948F710A7B20}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7C0AC2EA-2922-4120-9381-B1C7B134893C}D:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=17 | dir=in | app=d:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
"UDP Query User{7E01D950-B0BF-4122-A6C8-F5BEF8E074C6}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{88480580-BF3D-42CF-8844-985E3F5A6AF2}C:\users\užovka\desktop\utorrent-portable\utorrent.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\utorrent-portable\utorrent.exe |
"UDP Query User{8C1AB540-E677-41F6-A967-AA69F3438C92}C:\program files\jabbim\jabbim.exe" = protocol=17 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"UDP Query User{8DE7F043-1CC8-4758-B162-0A7E487471C5}C:\users\užovka\desktop\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\miranda im\miranda32.exe |
"UDP Query User{92D2F14D-21CE-4E08-AE1B-F8F35DA62A9B}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{975D38A8-3968-40E9-B873-737ECF5D22B6}C:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"UDP Query User{98B32191-1618-4393-A7BD-CF22479D0282}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{A19ABC1B-BEE5-4965-8A0D-898FF3883020}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{A86A68E4-D9BF-4915-9D1C-62A8B04C43A8}C:\program files\xchat\irc-chat\adiirc.exe" = protocol=17 | dir=in | app=c:\program files\xchat\irc-chat\adiirc.exe |
"UDP Query User{C3AC3877-7AF3-4F5A-A7D3-4AA5F80D1675}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{C3F35FB1-B54E-4979-A1D0-7CBDD8C9E889}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=17 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"UDP Query User{C51244B7-3823-4C02-A84F-69DA8C5AD99F}C:\program files\xirc2\xchat.exe" = protocol=17 | dir=in | app=c:\program files\xirc2\xchat.exe |
"UDP Query User{C63F372F-EDAA-46CB-815D-2F267A7DA171}C:\portable_ubuntu\xming\xming.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"UDP Query User{C9284264-9E77-4D19-9EDC-8FE241D50132}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"UDP Query User{CE347949-2ABF-4B40-A2E1-761C00E0EB6B}C:\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\miranda im\miranda32.exe |
"UDP Query User{CFA90FFA-E30C-4D79-9A59-BC6BF20E47EF}C:\users\užovka\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\užovka\appdata\roaming\wuala\wuala.exe |
"UDP Query User{D2112A1E-1930-43EB-9287-0AC79E5B2518}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{D62CA02E-07F4-49D5-9151-D32453154C33}C:\program files\java\jdk1.6.0\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0\jre\bin\java.exe |
"UDP Query User{E8359BE4-2892-4906-8865-CBEA258B8722}C:\portable_ubuntu\xming\xming.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"UDP Query User{F2D63ECC-71C2-4BAD-B4B2-FF1A159D26E7}C:\program files\jabbim\jabbim.exe" = protocol=17 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"UDP Query User{F669F5A8-53A0-49A9-B453-D089D7D8A601}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{F7B753DB-20E2-4B6E-9114-56438FC90725}C:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe |
"UDP Query User{F9D18318-EC32-4AB3-93C2-413880B96988}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=17 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"UDP Query User{FAEAAB29-D472-4404-9A4F-7C88F2B5A572}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{FE7955A1-6917-4371-AC1B-D3A9C26CE90E}C:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = Návody TOSHIBA
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160000}" = Java(TM) SE Development Kit 6
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{372B31CF-77FB-4E29-860C-A0EA2985AB7F}" = O2Micro Flash Memory Card Reader Driver (x86)
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Ztlumení jednotky CD/DVD
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-A80000000000}" = Adobe Reader 8 - Czech
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{C2ED62F4-4F0B-44DF-B630-DD02FD7E8C60}" = OpenOffice.org 2.4
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CBDF64B0-8CAB-45C7-B3B2-4637C9F88769}" = HDMI Control Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP2" = AIMP2
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179" = HDAUDIO Soft Data Fax Modem with SmartCP
"CodecInstaller_is1" = CodecInstaller
"FormatFactory" = FormatFactory 2.50
"Google Desktop" = Google Desktop
"GPG4Win" = Gpg4win (2.1.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 1.99.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password
"InstallShield_{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JCreator LE_is1" = JCreator LE 3.50
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"MSC" = McAfee SecurityCenter
"nbi-glassfish-mod-3.0.1.22.0" = GlassFish Server Open Source Edition 3.0.1
"nbi-nb-base-6.8.0.0.0" = NetBeans IDE 6.8
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"QIP 2005_is1" = QIP 2005 8082
"QIP2005" = QIP 2005 Uninstall
"Registrace uživatele zařízení Canon MP540 series" = Registrace uživatele zařízení Canon MP540 series
"Revo Uninstaller" = Revo Uninstaller 1.94
"S7Z" = #7Z 0.7.1 - Basic Archiver
"SMAC 2.0" = SMAC 2.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.2.3
"XnView_is1" = XnView 1.97.8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Opera 11.64.1403" = Opera 11.64
"QIP 2005" = QIP 2005 8092
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.12.2012 5:57:36 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:36 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:37 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:38 | Computer Name = Hanka-PC | Source = Perflib | ID = 1003
Description =
Error - 22.12.2012 5:57:38 | Computer Name = Hanka-PC | Source = Perflib | ID = 1018
Description =
Error - 22.12.2012 5:57:39 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:39 | Computer Name = Hanka-PC | Source = Perflib | ID = 1005
Description =
Error - 22.12.2012 5:57:39 | Computer Name = Hanka-PC | Source = Perflib | ID = 1018
Description =
Error - 22.12.2012 5:57:40 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 6:10:07 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.2.4448, časové razítko 0x4f563b00,
chybující modul NPSWF32_11_4_402_287.dll_unloaded, verze 0.0.0.0, časové razítko
0x5066df1c, kód výjimky 0xc0000005, posun chyby 0x65442c16, ID procesu 0x428, čas
spuštění aplikace 0x01cde02b1364cf97.
[ System Events ]
Error - 20.12.2012 5:58:29 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 20.12.2012 6:00:03 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.12.2012 10:31:25 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 21.12.2012 10:32:56 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.12.2012 4:12:27 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 22.12.2012 4:13:40 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.12.2012 5:31:21 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 22.12.2012 5:31:58 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.12.2012 5:39:15 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 22.12.2012 5:39:47 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Užovka\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,38% Memory free
4,21 Gb Paging File | 3,05 Gb Available in Paging File | 72,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,54 Gb Total Space | 28,90 Gb Free Space | 24,58% Space Free | Partition Type: NTFS
Drive E: | 113,88 Gb Total Space | 26,60 Gb Free Space | 23,36% Space Free | Partition Type: NTFS
Computer Name: HANKA-PC | User Name: Hanka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D0E9B3BF-C9C0-4A37-B504-518BDF6F6381}" = lport=15962 | protocol=17 | dir=in | name=bitcomet 15962 udp |
"{E7403F55-9AB0-4B08-BBD5-33620A38436B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{FD95F90C-F152-4CAE-9EB4-8AF696E8B36E}" = lport=15962 | protocol=6 | dir=in | name=bitcomet 15962 tcp |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A0481BA-61D7-428C-9C48-C2BA28A147E9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{34C88753-0AAD-4E08-B19F-2629953938F5}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{3DE0A41C-5240-44CF-B711-61B5A76AE0F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{413F7DEF-6C9D-41BB-AB73-B296C14C5EEC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{8037B659-BD01-4F8B-8CBF-DE162D8556D1}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{8155FB36-B627-4663-9EC4-57C5BEED0B15}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{AB1A3382-A568-4FCD-B785-53D52FE650D3}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B2E2A6DD-0364-44EE-A973-090F4ABA2B3F}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{CD310796-ED7A-40D7-8212-B94F09E3FCAD}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{E2CAF03E-FFA9-45E9-ACD3-6A9CCB5A4CB3}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{0E19E46A-7E70-4348-938D-EBA68AF51161}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"TCP Query User{15748808-7C33-4D29-AE82-1DFE0E1395DE}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{1A68C8D9-0936-4578-AF3D-2BF1DAAEB94C}C:\program files\psi\psi.exe" = protocol=6 | dir=in | app=c:\program files\psi\psi.exe |
"TCP Query User{1ACEB976-1E3C-42AF-95AE-E843F9BDC480}D:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=6 | dir=in | app=d:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
"TCP Query User{249E4009-9A19-4986-AC5E-B2A49A196182}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"TCP Query User{3428CAE4-4070-4C30-B383-57198CCE60FD}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=6 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"TCP Query User{35FA2525-F2B6-4EB5-839F-4A3C00456674}C:\program files\java\jdk1.6.0\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0\jre\bin\java.exe |
"TCP Query User{38640F8D-7504-4FFB-B66D-C065AC99FA9F}D:\portable_ubuntu\xming\xming.exe" = protocol=6 | dir=in | app=d:\portable_ubuntu\xming\xming.exe |
"TCP Query User{39684D65-1F17-46BD-BDC4-15D2463D73A8}C:\program files\jabbim\jabbim.exe" = protocol=6 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"TCP Query User{4617B99D-0CB8-4177-AC01-9A866C734B40}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{4C509F90-6287-449D-B582-85142174AA6F}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"TCP Query User{5434FA9D-BDD8-4A27-995E-86DC8B4FACEF}C:\users\užovka\desktop\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\miranda im\miranda32.exe |
"TCP Query User{561BD61A-2170-4C8C-B3BD-ACFDEE03B545}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{585C967D-AFF0-4385-8A07-07272ACCDDB1}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{6D045074-EC90-47B5-876C-2B7EE7C5CF6A}C:\portable_ubuntu\xming\xming.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"TCP Query User{6DD533BE-6B67-415B-A803-8D4EADC45FEF}D:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=6 | dir=in | app=d:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"TCP Query User{73BEBC48-F515-4BBB-87FC-CE9261E593B1}C:\users\užovka\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\užovka\appdata\roaming\wuala\wuala.exe |
"TCP Query User{77B08BB3-6616-4AE9-A6AC-97B4E86B983E}C:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe |
"TCP Query User{7DBA26CD-F927-4BA3-9366-2F45E5F880F8}C:\portable_ubuntu\xming\xming.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"TCP Query User{7DCBF3EB-DF46-4901-B2BF-CE66635C1391}C:\program files\winpcap\rpcapd.exe" = protocol=6 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"TCP Query User{862B2978-79E2-483A-B953-7D225A98370E}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{8770C9A7-8991-442C-B6FF-E2BCB2CB11A2}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{8E22F8EB-9CD2-4126-90D2-8C1E3834586C}C:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe |
"TCP Query User{A1714A7F-49EF-48E8-974A-F4EEF59C6985}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{A48C5660-39DA-4A04-9653-951C42EB9360}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=6 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"TCP Query User{A6C5CD18-2A7F-4BAC-8D70-71BF36561E0F}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{ACF691C5-8289-4C2B-8D40-64AD43AF1010}C:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"TCP Query User{AD831771-4046-47F6-9B9F-E51C59D7E26F}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"TCP Query User{BA40CC0F-C2D4-4D40-BBE2-539D78CFE6FB}C:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe |
"TCP Query User{C1B3B5E7-AD83-4DEA-837F-469815929F97}C:\program files\xirc2\xchat.exe" = protocol=6 | dir=in | app=c:\program files\xirc2\xchat.exe |
"TCP Query User{C4AAA341-F10D-4588-80D0-C7C63BABAB7D}C:\users\užovka\desktop\utorrent-portable\utorrent.exe" = protocol=6 | dir=in | app=c:\users\užovka\desktop\utorrent-portable\utorrent.exe |
"TCP Query User{C65AFC81-A21A-415F-AF19-D172F1992565}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{C71111B6-8113-4793-8845-767CBCC6FDA2}C:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=6 | dir=in | app=c:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
"TCP Query User{D004EF54-6940-4754-8914-AF01A4E62E01}C:\program files\jabbim\jabbim.exe" = protocol=6 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"TCP Query User{D5B4EFFF-40DE-48B2-9FD9-A9D8A7143CDF}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"TCP Query User{D8698EBC-FB84-4F03-AEF1-08E3C042AD88}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{DCF72EE3-5CA2-4C80-BBF1-1F72FD4C6820}C:\program files\maxima-5.21.1\bin\xmaxima.exe" = protocol=6 | dir=in | app=c:\program files\maxima-5.21.1\bin\xmaxima.exe |
"TCP Query User{E23195E9-8733-4BA9-BF46-8FD76CF45732}C:\program files\raketu\raketu.exe" = protocol=6 | dir=in | app=c:\program files\raketu\raketu.exe |
"TCP Query User{F33B7C3B-4B79-46F2-B717-0CC63D04D9D9}C:\program files\xchat\irc-chat\adiirc.exe" = protocol=6 | dir=in | app=c:\program files\xchat\irc-chat\adiirc.exe |
"TCP Query User{F442E986-80B0-454E-B8E9-840D3786412B}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{F8B80865-3E25-42D3-AFDC-4871BD791294}C:\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\miranda im\miranda32.exe |
"TCP Query User{FB7A84A6-9245-4988-A703-7B0844A67538}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{12CCB3E8-71D4-4280-B12E-B7A136C6E3D4}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{1A0670DD-6078-411F-A79F-430DF833BC7F}D:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=17 | dir=in | app=d:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"UDP Query User{1D82BAAA-D0FC-45EC-89D8-A615472093FD}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{1E7E26C1-092A-47F3-8D53-548504760459}C:\program files\raketu\raketu.exe" = protocol=17 | dir=in | app=c:\program files\raketu\raketu.exe |
"UDP Query User{217C2355-8B68-4B0F-883C-D717D35A0B7C}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{29073799-66F6-4E57-8F3D-4CA4DB8996D8}C:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\erteterzrtzu\mirandaportable\app\miranda\miranda32.exe |
"UDP Query User{2C13BA7B-C5B0-491E-84A9-041BEF93D3E5}C:\program files\winpcap\rpcapd.exe" = protocol=17 | dir=in | app=c:\program files\winpcap\rpcapd.exe |
"UDP Query User{32BC6EDA-39BD-4FCD-AD07-88D8B16009B9}C:\program files\psi\psi.exe" = protocol=17 | dir=in | app=c:\program files\psi\psi.exe |
"UDP Query User{36130329-0B6E-4759-BAD4-AFC4DB05EFFA}C:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\mirandaportable - kopie\app\miranda\miranda32.exe |
"UDP Query User{3C5B8E45-D7B7-4C45-8772-53CE5AB95267}C:\program files\maxima-5.21.1\bin\xmaxima.exe" = protocol=17 | dir=in | app=c:\program files\maxima-5.21.1\bin\xmaxima.exe |
"UDP Query User{43A84A72-E978-4892-8ED9-AE2B8BEDF001}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"UDP Query User{495CB1FC-DE4B-4D74-9333-4869D5FEAA7B}D:\portable_ubuntu\xming\xming.exe" = protocol=17 | dir=in | app=d:\portable_ubuntu\xming\xming.exe |
"UDP Query User{4A5318CC-C502-4B02-84DA-F74668695F76}C:\program files\java\jdk1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0\bin\java.exe |
"UDP Query User{4E89B62A-C713-4F37-9964-602BB03CC4DB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5BFFB8B7-F479-4672-98EC-66AACFD17D4A}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"UDP Query User{62062C9A-163B-4715-8391-948F710A7B20}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{7C0AC2EA-2922-4120-9381-B1C7B134893C}D:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=17 | dir=in | app=d:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
"UDP Query User{7E01D950-B0BF-4122-A6C8-F5BEF8E074C6}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{88480580-BF3D-42CF-8844-985E3F5A6AF2}C:\users\užovka\desktop\utorrent-portable\utorrent.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\utorrent-portable\utorrent.exe |
"UDP Query User{8C1AB540-E677-41F6-A967-AA69F3438C92}C:\program files\jabbim\jabbim.exe" = protocol=17 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"UDP Query User{8DE7F043-1CC8-4758-B162-0A7E487471C5}C:\users\užovka\desktop\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\miranda im\miranda32.exe |
"UDP Query User{92D2F14D-21CE-4E08-AE1B-F8F35DA62A9B}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{975D38A8-3968-40E9-B873-737ECF5D22B6}C:\portable_ubuntu\colinux-slirp-net-daemon.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\colinux-slirp-net-daemon.exe |
"UDP Query User{98B32191-1618-4393-A7BD-CF22479D0282}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{A19ABC1B-BEE5-4965-8A0D-898FF3883020}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{A86A68E4-D9BF-4915-9D1C-62A8B04C43A8}C:\program files\xchat\irc-chat\adiirc.exe" = protocol=17 | dir=in | app=c:\program files\xchat\irc-chat\adiirc.exe |
"UDP Query User{C3AC3877-7AF3-4F5A-A7D3-4AA5F80D1675}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{C3F35FB1-B54E-4979-A1D0-7CBDD8C9E889}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=17 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"UDP Query User{C51244B7-3823-4C02-A84F-69DA8C5AD99F}C:\program files\xirc2\xchat.exe" = protocol=17 | dir=in | app=c:\program files\xirc2\xchat.exe |
"UDP Query User{C63F372F-EDAA-46CB-815D-2F267A7DA171}C:\portable_ubuntu\xming\xming.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"UDP Query User{C9284264-9E77-4D19-9EDC-8FE241D50132}C:\users\prac\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\prac\appdata\roaming\wuala\wuala.exe |
"UDP Query User{CE347949-2ABF-4B40-A2E1-761C00E0EB6B}C:\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\miranda im\miranda32.exe |
"UDP Query User{CFA90FFA-E30C-4D79-9A59-BC6BF20E47EF}C:\users\užovka\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\užovka\appdata\roaming\wuala\wuala.exe |
"UDP Query User{D2112A1E-1930-43EB-9287-0AC79E5B2518}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{D62CA02E-07F4-49D5-9151-D32453154C33}C:\program files\java\jdk1.6.0\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jdk1.6.0\jre\bin\java.exe |
"UDP Query User{E8359BE4-2892-4906-8865-CBEA258B8722}C:\portable_ubuntu\xming\xming.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\xming\xming.exe |
"UDP Query User{F2D63ECC-71C2-4BAD-B4B2-FF1A159D26E7}C:\program files\jabbim\jabbim.exe" = protocol=17 | dir=in | app=c:\program files\jabbim\jabbim.exe |
"UDP Query User{F669F5A8-53A0-49A9-B453-D089D7D8A601}E:\a\zz\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=e:\a\zz\skypeportable\app\skype\phone\skype.exe |
"UDP Query User{F7B753DB-20E2-4B6E-9114-56438FC90725}C:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe" = protocol=17 | dir=in | app=c:\users\užovka\desktop\mirandaportable\app\miranda\miranda32.exe |
"UDP Query User{F9D18318-EC32-4AB3-93C2-413880B96988}E:\a\pidginportable\app\pidgin\pidgin-portable.exe" = protocol=17 | dir=in | app=e:\a\pidginportable\app\pidgin\pidgin-portable.exe |
"UDP Query User{FAEAAB29-D472-4404-9A4F-7C88F2B5A572}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{FE7955A1-6917-4371-AC1B-D3A9C26CE90E}C:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe" = protocol=17 | dir=in | app=c:\portable_ubuntu\pulseaudio-0.9.6\pulseaudio.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = Návody TOSHIBA
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32A3A4F4-B792-11D6-A78A-00B0D0160000}" = Java(TM) SE Development Kit 6
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{372B31CF-77FB-4E29-860C-A0EA2985AB7F}" = O2Micro Flash Memory Card Reader Driver (x86)
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Ztlumení jednotky CD/DVD
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1029-7B44-A80000000000}" = Adobe Reader 8 - Czech
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{C2ED62F4-4F0B-44DF-B630-DD02FD7E8C60}" = OpenOffice.org 2.4
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CBDF64B0-8CAB-45C7-B3B2-4637C9F88769}" = HDMI Control Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIMP2" = AIMP2
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179" = HDAUDIO Soft Data Fax Modem with SmartCP
"CodecInstaller_is1" = CodecInstaller
"FormatFactory" = FormatFactory 2.50
"Google Desktop" = Google Desktop
"GPG4Win" = Gpg4win (2.1.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 1.99.1
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password
"InstallShield_{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"JCreator LE_is1" = JCreator LE 3.50
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"MSC" = McAfee SecurityCenter
"nbi-glassfish-mod-3.0.1.22.0" = GlassFish Server Open Source Edition 3.0.1
"nbi-nb-base-6.8.0.0.0" = NetBeans IDE 6.8
"nbi-nb-base-6.9.1.0.0" = NetBeans IDE 6.9.1
"QIP 2005_is1" = QIP 2005 8082
"QIP2005" = QIP 2005 Uninstall
"Registrace uživatele zařízení Canon MP540 series" = Registrace uživatele zařízení Canon MP540 series
"Revo Uninstaller" = Revo Uninstaller 1.94
"S7Z" = #7Z 0.7.1 - Basic Archiver
"SMAC 2.0" = SMAC 2.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.2.3
"XnView_is1" = XnView 1.97.8
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Opera 11.64.1403" = Opera 11.64
"QIP 2005" = QIP 2005 8092
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.12.2012 5:57:36 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:36 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:37 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:38 | Computer Name = Hanka-PC | Source = Perflib | ID = 1003
Description =
Error - 22.12.2012 5:57:38 | Computer Name = Hanka-PC | Source = Perflib | ID = 1018
Description =
Error - 22.12.2012 5:57:39 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 5:57:39 | Computer Name = Hanka-PC | Source = Perflib | ID = 1005
Description =
Error - 22.12.2012 5:57:39 | Computer Name = Hanka-PC | Source = Perflib | ID = 1018
Description =
Error - 22.12.2012 5:57:40 | Computer Name = Hanka-PC | Source = Perflib | ID = 1008
Description =
Error - 22.12.2012 6:10:07 | Computer Name = Hanka-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.2.4448, časové razítko 0x4f563b00,
chybující modul NPSWF32_11_4_402_287.dll_unloaded, verze 0.0.0.0, časové razítko
0x5066df1c, kód výjimky 0xc0000005, posun chyby 0x65442c16, ID procesu 0x428, čas
spuštění aplikace 0x01cde02b1364cf97.
[ System Events ]
Error - 20.12.2012 5:58:29 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 20.12.2012 6:00:03 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 21.12.2012 10:31:25 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 21.12.2012 10:32:56 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.12.2012 4:12:27 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 22.12.2012 4:13:40 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.12.2012 5:31:21 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 22.12.2012 5:31:58 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.12.2012 5:39:15 | Computer Name = Hanka-PC | Source = HTTP | ID = 15016
Description =
Error - 22.12.2012 5:39:47 | Computer Name = Hanka-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Re: Preventivka
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl SRV - File not found [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) IE - HKLM\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKU\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\SearchScopes,DefaultScope = {1184580E-75B1-4BDA-ADA0-2B7518384FA8} IE - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; O4 - HKU\S-1-5-21-2401629453-566057478-488908529-1000..\RunOnce: [Report] \AdwCleaner[S1].txt () O8 - Extra context menu item: Stáhnout Star Downloaderem - C:\PROGRA~1\STARDO~1\sdie.htm File not found O9 - Extra Button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ File not found O9 - Extra Button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2401629453-566057478-488908529-1000\..Trusted Ranges: GD ([http] in Místní intranet) O15 - HKU\S-1-5-21-2401629453-566057478-488908529-1001\..Trusted Ranges: GD ([http] in Místní intranet) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com - No CLSID value found O33 - MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\Shell - "" = AutoRun O33 - MountPoints2\G\Shell - "" = AutoRun [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [14 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] [2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ] [1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ] [2012.11.15 01:00:00 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job [2012.12.01 01:00:00 | 000,000,364 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job [2012.12.22 12:30:59 | 000,000,460 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "SweetIM"=- "Sweetpacks Communicator"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"=- "Skype"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Del29693261"=- "FlashPlayerUpdate"=- :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Tenhle log?
All processes killed
========== OTL ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
File C:\Program Files\Skype\Updater\Updater.exe not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ not found.
Registry key HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ not found.
HKU\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ not found.
Registry value HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report deleted successfully.
File move failed. \AdwCleaner[S1].txt scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Stáhnout Star Downloaderem\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76577871-04EC-495E-A12B-91F7C3600AFA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7c88394-04fb-11e0-9421-001e68555d66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4357.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C78.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7001.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7012.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP865E.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP865E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD1B0.tmp\Microsoft.SqlServer.XmlSrc.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD1B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD43F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF76.tmp\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF76.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEFE9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5E2.tmp folder deleted successfully.
C:\Windows\Installer\MSIDC3B.tmp deleted successfully.
C:\Windows\Installer\MSIFC2A.tmp deleted successfully.
C:\Windows\Temp\DWD7D3C.tmp\Explorer.EXE.xml deleted successfully.
C:\Windows\Temp\DWD7D3C.tmp folder deleted successfully.
C:\Windows\Tasks\McDefragTask.job moved successfully.
C:\Windows\Tasks\McQcTask.job moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Del29693261 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hanka
->Temp folder emptied: 141647646 bytes
->Temporary Internet Files folder emptied: 311904 bytes
->Java cache emptied: 2502240 bytes
->FireFox cache emptied: 50692699 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1631 bytes
User: Prac
->Temp folder emptied: 14723995 bytes
->Temporary Internet Files folder emptied: 108698812 bytes
->Java cache emptied: 12402 bytes
->FireFox cache emptied: 119166688 bytes
->Flash cache emptied: 70213 bytes
User: Public
User: Užovka
->Temp folder emptied: 1116705 bytes
->Temporary Internet Files folder emptied: 1002307 bytes
->Java cache emptied: 2726862 bytes
->FireFox cache emptied: 174020040 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2629965 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 472926 bytes
RecycleBin emptied: 567408 bytes
Total Files Cleaned = 592,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Hanka
->Flash cache emptied: 0 bytes
User: Prac
->Flash cache emptied: 0 bytes
User: Public
User: Užovka
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Hanka
->Java cache emptied: 0 bytes
User: Prac
->Java cache emptied: 0 bytes
User: Public
User: Užovka
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 12222012_141955
All processes killed
========== OTL ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
File C:\Program Files\Skype\Updater\Updater.exe not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ not found.
Registry key HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ not found.
HKU\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1184580E-75B1-4BDA-ADA0-2B7518384FA8}\ not found.
Registry value HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Report deleted successfully.
File move failed. \AdwCleaner[S1].txt scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Stáhnout Star Downloaderem\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{76577871-04EC-495E-A12B-91F7C3600AFA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76577871-04EC-495E-A12B-91F7C3600AFA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A918C1D-E123-4E36-B562-5C1519E434CE}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2401629453-566057478-488908529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7c88394-04fb-11e0-9421-001e68555d66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a7c88394-04fb-11e0-9421-001e68555d66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4357.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6C78.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7001.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7012.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP865E.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP865E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD1B0.tmp\Microsoft.SqlServer.XmlSrc.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD1B0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD43F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF76.tmp\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDF76.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEFE9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5E2.tmp folder deleted successfully.
C:\Windows\Installer\MSIDC3B.tmp deleted successfully.
C:\Windows\Installer\MSIFC2A.tmp deleted successfully.
C:\Windows\Temp\DWD7D3C.tmp\Explorer.EXE.xml deleted successfully.
C:\Windows\Temp\DWD7D3C.tmp folder deleted successfully.
C:\Windows\Tasks\McDefragTask.job moved successfully.
C:\Windows\Tasks\McQcTask.job moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{E40C2C10-2764-4678-BEBB-A3BE4571D650}.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SweetIM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Sweetpacks Communicator not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Del29693261 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56475 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Hanka
->Temp folder emptied: 141647646 bytes
->Temporary Internet Files folder emptied: 311904 bytes
->Java cache emptied: 2502240 bytes
->FireFox cache emptied: 50692699 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1631 bytes
User: Prac
->Temp folder emptied: 14723995 bytes
->Temporary Internet Files folder emptied: 108698812 bytes
->Java cache emptied: 12402 bytes
->FireFox cache emptied: 119166688 bytes
->Flash cache emptied: 70213 bytes
User: Public
User: Užovka
->Temp folder emptied: 1116705 bytes
->Temporary Internet Files folder emptied: 1002307 bytes
->Java cache emptied: 2726862 bytes
->FireFox cache emptied: 174020040 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 2629965 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 472926 bytes
RecycleBin emptied: 567408 bytes
Total Files Cleaned = 592,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Hanka
->Flash cache emptied: 0 bytes
User: Prac
->Flash cache emptied: 0 bytes
User: Public
User: Užovka
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Hanka
->Java cache emptied: 0 bytes
User: Prac
->Java cache emptied: 0 bytes
User: Public
User: Užovka
->Java cache emptied: 0 bytes
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 12222012_141955
Re: Preventivka
Ano tento
jak se chova PC
jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Až na to že v IE je jako home http://windows.microsoft.com/cs-CZ/hotmail/home načež vyskočí Spravovat doplňky... nic zvláštního....
Re: Preventivka
Tak jeste uklidime 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistic
Dejte novy log z RSIT
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistic
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Dejte novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Preventivka
Logfile of random's system information tool 1.09 (written by random/random)
Run by Hanka at 2012-12-22 21:36:26
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 28 GB (23%) free of 120 GB
Total RAM: 2038 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:05, on 22.12.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Užovka\Desktop\RSIT.exe
C:\Program Files\trend micro\Hanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2401629453-566057478-488908529-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Užovka')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files\GNU\GnuPG\dirmngr.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JYBOBQHN - Unknown owner - C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SUZG - Unknown owner - C:\Users\Hanka\AppData\Local\Temp\SUZG.exe (file missing)
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8990 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, firesheep@codebutler.com:0.1, ffxtlbr@babylon.com:1.2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
npdrmv2.dll
npdsplay.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npViewpoint.dll
npViewpoint.xpt
npwmsdrm.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\
firesheep@codebutler.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-09-19 329032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-07-24 66880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-25 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-25 129560]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-22 21:36:26 ----D---- C:\rsit
2012-12-22 15:07:34 ----A---- C:\Windows\system32\rpcnetp.dll
2012-12-22 15:07:13 ----A---- C:\Windows\system32\rpcnetp.exe
2012-12-22 10:37:18 ----A---- C:\AdwCleaner[S1].txt
2012-12-22 02:32:27 ----A---- C:\AdwCleaner[R2].txt
2012-12-22 01:42:52 ----A---- C:\AdwCleaner[R1].txt
2012-12-22 01:27:51 ----D---- C:\Program Files\VS Revo Group
2012-12-21 23:45:46 ----D---- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
======List of files/folders modified in the last 1 month======
2012-12-22 21:36:28 ----D---- C:\Windows\Temp
2012-12-22 21:36:28 ----D---- C:\Program Files\trend micro
2012-12-22 21:16:06 ----D---- C:\Windows
2012-12-22 15:18:54 ----D---- C:\Windows\system32\Tasks
2012-12-22 15:18:51 ----D---- C:\Program Files\CCleaner
2012-12-22 15:07:34 ----AD---- C:\Windows\System32
2012-12-22 15:01:20 ----A---- C:\Windows\system32\agremove.exe
2012-12-22 14:49:09 ----SHD---- C:\Windows\Installer
2012-12-22 14:45:58 ----SHD---- C:\System Volume Information
2012-12-22 14:20:32 ----D---- C:\Windows\system32\drivers\etc
2012-12-22 14:20:04 ----D---- C:\Windows\Tasks
2012-12-22 10:37:26 ----D---- C:\Program Files\Mozilla Firefox
2012-12-22 10:37:20 ----RD---- C:\Program Files
2012-12-22 10:37:19 ----HD---- C:\ProgramData
2012-12-22 00:37:59 ----D---- C:\MC
2012-12-22 00:28:32 ----D---- C:\Windows\system32\drivers
2012-12-14 03:01:14 ----A---- C:\Windows\system32\mrt.exe
2012-12-14 03:01:03 ----D---- C:\Windows\system32\catroot2
2012-12-10 23:22:28 ----D---- C:\Windows\Prefetch
2012-11-23 12:56:22 ----D---- C:\Windows\inf
2012-11-23 12:56:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2007-07-21 201288]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-14 231248]
R2 CoLinuxDriver;CoLinuxDriver; \??\C:\Portable_Ubuntu\linux.sys [2008-05-24 68096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2007-07-24 79304]
R3 mfebopk;McAfee Inc.; C:\Windows\system32\drivers\mfebopk.sys [2007-07-21 35240]
R3 mfesmfk;McAfee Inc.; C:\Windows\system32\drivers\mfesmfk.sys [2007-07-21 40488]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mferkdk;McAfee Inc.; C:\Windows\system32\drivers\mferkdk.sys [2007-07-24 33800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-12-26 131584]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-11-29 74240]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 DirMngr;DirMngr; C:\Program Files\GNU\GnuPG\dirmngr.exe [2011-03-02 224256]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-08-24 23880]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-07-25 695624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-11 1836544]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 JYBOBQHN;JYBOBQHN; C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe []
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-07-25 378184]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 SUZG;SUZG; C:\Users\Hanka\AppData\Local\Temp\SUZG.exe []
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Run by Hanka at 2012-12-22 21:36:26
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 28 GB (23%) free of 120 GB
Total RAM: 2038 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:05, on 22.12.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Užovka\Desktop\RSIT.exe
C:\Program Files\trend micro\Hanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2401629453-566057478-488908529-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Užovka')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DirMngr - Unknown owner - C:\Program Files\GNU\GnuPG\dirmngr.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: JYBOBQHN - Unknown owner - C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe (file missing)
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SUZG - Unknown owner - C:\Users\Hanka\AppData\Local\Temp\SUZG.exe (file missing)
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 8990 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, firesheep@codebutler.com:0.1, ffxtlbr@babylon.com:1.2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
npdrmv2.dll
npdsplay.dll
npnul32.dll
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npViewpoint.dll
npViewpoint.xpt
npwmsdrm.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Hanka\AppData\Roaming\Mozilla\Firefox\Profiles\gn0do0yh.default\extensions\
firesheep@codebutler.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mcapbho.dll [2007-09-19 329032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-07-24 66880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-25 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-25 129560]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-22 21:36:26 ----D---- C:\rsit
2012-12-22 15:07:34 ----A---- C:\Windows\system32\rpcnetp.dll
2012-12-22 15:07:13 ----A---- C:\Windows\system32\rpcnetp.exe
2012-12-22 10:37:18 ----A---- C:\AdwCleaner[S1].txt
2012-12-22 02:32:27 ----A---- C:\AdwCleaner[R2].txt
2012-12-22 01:42:52 ----A---- C:\AdwCleaner[R1].txt
2012-12-22 01:27:51 ----D---- C:\Program Files\VS Revo Group
2012-12-21 23:45:46 ----D---- C:\Users\Hanka\AppData\Roaming\JDownloaderPackages
======List of files/folders modified in the last 1 month======
2012-12-22 21:36:28 ----D---- C:\Windows\Temp
2012-12-22 21:36:28 ----D---- C:\Program Files\trend micro
2012-12-22 21:16:06 ----D---- C:\Windows
2012-12-22 15:18:54 ----D---- C:\Windows\system32\Tasks
2012-12-22 15:18:51 ----D---- C:\Program Files\CCleaner
2012-12-22 15:07:34 ----AD---- C:\Windows\System32
2012-12-22 15:01:20 ----A---- C:\Windows\system32\agremove.exe
2012-12-22 14:49:09 ----SHD---- C:\Windows\Installer
2012-12-22 14:45:58 ----SHD---- C:\System Volume Information
2012-12-22 14:20:32 ----D---- C:\Windows\system32\drivers\etc
2012-12-22 14:20:04 ----D---- C:\Windows\Tasks
2012-12-22 10:37:26 ----D---- C:\Program Files\Mozilla Firefox
2012-12-22 10:37:20 ----RD---- C:\Program Files
2012-12-22 10:37:19 ----HD---- C:\ProgramData
2012-12-22 00:37:59 ----D---- C:\MC
2012-12-22 00:28:32 ----D---- C:\Windows\system32\drivers
2012-12-14 03:01:14 ----A---- C:\Windows\system32\mrt.exe
2012-12-14 03:01:03 ----D---- C:\Windows\system32\catroot2
2012-12-10 23:22:28 ----D---- C:\Windows\Prefetch
2012-11-23 12:56:22 ----D---- C:\Windows\inf
2012-11-23 12:56:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2007-07-21 201288]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2007-10-02 64128]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2011-01-14 231248]
R2 CoLinuxDriver;CoLinuxDriver; \??\C:\Portable_Ubuntu\linux.sys [2008-05-24 68096]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-06-25 35088]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2007-07-24 79304]
R3 mfebopk;McAfee Inc.; C:\Windows\system32\drivers\mfebopk.sys [2007-07-21 35240]
R3 mfesmfk;McAfee Inc.; C:\Windows\system32\drivers\mfesmfk.sys [2007-07-21 40488]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-19 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 mferkdk;McAfee Inc.; C:\Windows\system32\drivers\mferkdk.sys [2007-07-24 33800]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-12-26 131584]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2007-11-29 36608]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-11-29 74240]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-10-18 41856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 DirMngr;DirMngr; C:\Program Files\GNU\GnuPG\dirmngr.exe [2011-03-02 224256]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-08-15 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-08-24 23880]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-07-25 695624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-03-11 1836544]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 JYBOBQHN;JYBOBQHN; C:\Users\Hanka\AppData\Local\Temp\JYBOBQHN.exe []
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-07-25 378184]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 SUZG;SUZG; C:\Users\Hanka\AppData\Local\Temp\SUZG.exe []
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Přispějete na provoz fóra?