Dobrý den,
Prosím o kontrolu logu a pomoc.
Byl jsem unavenej a zachoval jsem se jako totální lama.
Při instalaci video kodeku jsem cosi odklepl a už bylo pozdě.
Indikuji zatím jen změněné chování Internet Exploreru (ano, používám ho, žena je na něj zvyklá)
IE8
na každé nové stránce záložky bylo nějaké vyhledávání Delta (neuvedené v poskytovatelích vyhledávání) , už se nezobrazuje původní seznam naposledy použitých záložek, ale jen prázdná.
Přestože jsou příslušné doplňky zapnuty, hlásí to:
- Pro správnou funkčnost této aplikace je nutné mít povolený JavaScript!
- No adequate Adobe Flash Player version.
Asi mne to chce donutit k aktualizaci.
Díky moc
RSIT log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-09-23 20:34:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 24 GB (32%) free of 75 GB
Total RAM: 3062 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:34:33, on 23.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Xmarks\IE Extension\xmarkssync.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Admin\Dokumenty\inst\v_i_R_130923\RSIT.exe
C:\Program Files\trend micro\Admin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe /T:NTRU12
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [SecureUpgrade] "C:\Program Files\Wave Systems Corp\SecureUpgrade.exe"
O4 - HKLM\..\Run: [EmbassySecurityCheck] "C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Xmarks] C:\Program Files\Xmarks\IE Extension\xmarkssync.exe -q
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O9 - Extra 'Tools' menuitem: Xmarks for IE... - {638F11AA-DF27-433b-BA2E-7281CE561D71} - C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 6303852890
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CE2079C-3F59-4D9C-8A74-DA8F1EC29152}: NameServer = 193.85.1.100,10.25.8.7,193.85.2.100,10.25.8.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Broadcom ASF IP Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
--
End of file - 7792 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-02 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-02 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-05-29 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-05-29 170520]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-05-29 141848]
"PMX Daemon"=C:\WINDOWS\system32\ICO.EXE [2006-11-08 49152]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-08-03 1044480]
"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2009-02-26 184320]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2009-03-06 145408]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2009-03-06 656696]
"EmbassySecurityCheck"=C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2009-03-06 95544]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11 958576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Xmarks"=C:\Program Files\Xmarks\IE Extension\xmarkssync.exe [2011-02-05 1092808]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-04-02 212992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"EditLevel"=0
"NoRun"=0
"NoClose"=0
"NoCommonGroups"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\MYTH-Age2_x1.exe"="C:\Documents and Settings\Admin\Plocha\Age
Of Empires 2 & The Conquerors Expansion - Full Game\MYTH-Age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe"="C:\Documents and Settings\Admin\Plocha\Age Of
Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"vidc.yv12"=yv12vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
======List of files/folders created in the last 1 month======
2013-09-23 20:34:01 ----D---- C:\rsit
2013-09-23 20:34:01 ----D---- C:\Program Files\trend micro
2013-09-22 15:25:13 ----D---- C:\Program Files\BandiMPEG1
2013-09-22 15:23:04 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2013-09-22 15:23:01 ----D---- C:\Program Files\ffdshow
2013-09-22 15:22:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Babylon
2013-09-22 15:22:51 ----D---- C:\Documents and Settings\Admin\Data aplikací\Babylon
2013-09-22 15:22:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
2013-09-22 15:22:48 ----D---- C:\Documents and Settings\Admin\Data aplikací\File Scout
2013-09-13 08:38:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-13 08:38:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-13 08:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-08-28 12:15:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-26 11:41:39 ----A---- C:\WINDOWS\IE4 Error Log.txt
======List of files/folders modified in the last 1 month======
2013-09-23 20:34:01 ----RD---- C:\Program Files
2013-09-23 20:33:22 ----D---- C:\WINDOWS\Temp
2013-09-23 20:19:14 ----SD---- C:\WINDOWS\Tasks
2013-09-23 20:10:46 ----D---- C:\WINDOWS\system32\CatRoot2
2013-09-23 20:10:32 ----D---- C:\WINDOWS\Prefetch
2013-09-23 19:33:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-09-22 23:35:46 ----D---- C:\Documents and Settings\Admin\Data aplikací\foobar2000
2013-09-22 22:40:39 ----A---- C:\WINDOWS\NeroDigital.ini
2013-09-22 21:43:54 ----D---- C:\Documents and Settings\Admin\Data aplikací\vlc
2013-09-22 21:42:56 ----A---- C:\WINDOWS\mp3tunes.ini
2013-09-22 21:42:56 ----A---- C:\dirtreelog.txt
2013-09-22 15:25:15 ----D---- C:\WINDOWS\system32
2013-09-15 08:39:57 ----D---- C:\WINDOWS
2013-09-15 08:39:13 ----SHD---- C:\Config.Msi
2013-09-13 08:39:53 ----HD---- C:\WINDOWS\inf
2013-09-13 08:39:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-09-13 08:39:48 ----D---- C:\Program Files\Internet Explorer
2013-09-13 08:39:35 ----D---- C:\WINDOWS\ie8updates
2013-09-13 08:39:27 ----SHD---- C:\WINDOWS\Installer
2013-09-13 08:39:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-09-13 08:38:39 ----A---- C:\WINDOWS\imsins.BAK
2013-09-13 08:32:03 ----D---- C:\WINDOWS\system32\MRT
2013-09-13 08:31:57 ----A---- C:\WINDOWS\system32\MRT.exe
2013-09-04 23:46:35 ----D---- C:\Program Files\Microsoft Security Client
2013-09-04 23:46:19 ----D---- C:\WINDOWS\system32\drivers
2013-08-26 11:33:44 ----RSD---- C:\WINDOWS\assembly
2013-08-26 11:33:44 ----D---- C:\WINDOWS\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 PBADRV;PBADRV; C:\WINDOWS\system32\DRIVERS\PBADRV.sys [2009-03-06 26608]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 BASFND;BASFND; \??\C:\Program Files\Broadcom\ASFIPMon\BASFND.sys []
R2 WavxDMgr;WavxDMgr; C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys [2009-03-06 208824]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-07-20 339456]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-06-06 161792]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-04-02 6008704]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S0 cercsr6;cercsr6; C:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASFIPmon;Broadcom ASF IP Monitor; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [2006-03-17 65536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-07-02 182184]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2009-02-18 991232]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18
130384]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29
46104]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26
64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2008-12-12 638976]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
[2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25
69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nefunkčnost java/flash, podezřelá instalace
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
Zdravim 
No jo, je to tam 
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
No jo, je to tam Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Spustte tradicne dvouklikem
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
Vše provedeno:
Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 09/23/2013 08:46:19 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Documents and Settings\Admin\Nabídka Start\
Searching C:\Documents and Settings\All Users\Nabídka Start\
Searching C:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Documents and Settings\All Users\Plocha\
Searching C:\Documents and Settings\Admin\Plocha
0 bad shortcuts found.
Program finished at: 09/23/2013 08:46:21 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Microsoft Windows XP x86
Ran by Admin on po 23.09.2013 at 20:49:15,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\file scout"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 23.09.2013 at 20:59:51,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.005 - Report created 23/09/2013 at 21:05:38
# Updated 22/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Admin - OH3
# Running from : C:\Documents and Settings\Admin\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
*************************
AdwCleaner[R0].txt - [797 octets] - [23/09/2013 21:04:24]
AdwCleaner[S0].txt - [727 octets] - [23/09/2013 21:05:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [786 octets] ##########
Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 09/23/2013 08:46:19 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Documents and Settings\Admin\Nabídka Start\
Searching C:\Documents and Settings\All Users\Nabídka Start\
Searching C:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Documents and Settings\All Users\Plocha\
Searching C:\Documents and Settings\Admin\Plocha
0 bad shortcuts found.
Program finished at: 09/23/2013 08:46:21 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Microsoft Windows XP x86
Ran by Admin on po 23.09.2013 at 20:49:15,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\file scout"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 23.09.2013 at 20:59:51,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.005 - Report created 23/09/2013 at 21:05:38
# Updated 22/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Admin - OH3
# Running from : C:\Documents and Settings\Admin\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
*************************
AdwCleaner[R0].txt - [797 octets] - [23/09/2013 21:04:24]
AdwCleaner[S0].txt - [727 octets] - [23/09/2013 21:05:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [786 octets] ##########
Re: Nefunkčnost java/flash, podezřelá instalace
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll services.exe svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
- Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
OTL logfile created on: 23.9.2013 21:45:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 81,41% Memory free
4,83 Gb Paging File | 4,39 Gb Available in Paging File | 90,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 73,24 Gb Total Space | 23,40 Gb Free Space | 31,96% Space Free | Partition Type: NTFS
Drive E: | 1,28 Gb Total Space | 0,26 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 1397,25 Gb Total Space | 248,24 Gb Free Space | 17,77% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 150,24 Gb Free Space | 32,26% Space Free | Partition Type: NTFS
Computer Name: OH3 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.09.23 21:41:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
PRC - [2013.07.02 22:16:00 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.06.20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.06.20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.02.05 10:55:48 | 001,092,808 | ---- | M] (Xmarks.com) -- C:\Program Files\Xmarks\IE Extension\xmarkssync.exe
PRC - [2009.03.06 10:40:10 | 000,656,696 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2009.03.06 10:39:10 | 000,145,408 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009.02.18 14:10:14 | 000,991,232 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.17 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2006.11.08 15:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006.03.17 17:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
========== Modules (No Company Name) ==========
MOD - [2013.08.23 11:25:47 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.15 14:16:54 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a12a09aaa2c560a808dea7eaba5040c1\System.Windows.Forms.ni.dll
MOD - [2013.08.15 14:16:39 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.15 14:15:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.07.12 23:56:17 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2012.05.06 15:44:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2012.05.06 15:44:31 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.04.09 00:40:34 | 003,470,848 | ---- | M] () -- C:\Program Files\ffdshow\ffdshow.ax
MOD - [2010.04.11 18:48:06 | 000,327,680 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.03.06 10:39:10 | 000,249,856 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
========== Services (SafeList) ==========
SRV - [2013.07.02 22:16:00 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.06.20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.02.18 14:10:14 | 000,991,232 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2008.12.12 09:54:00 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008.11.12 13:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2006.03.17 17:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.06 10:39:10 | 000,208,824 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009.03.06 10:39:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2007.06.06 12:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2003.04.24 16:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope =
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{69742F06-3E33-4B64-9746-9BC7F7EF8775}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2004.08.18 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003..\Run: [Xmarks] C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (Xmarks.com)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6303852890 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CE2079C-3F59-4D9C-8A74-DA8F1EC29152}: NameServer = 193.85.1.100,10.25.8.7,193.85.2.100,10.25.8.5
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (http://www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.09.23 21:41:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2013.09.23 21:04:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.23 20:49:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.09.23 20:48:27 | 001,030,038 | ---- | C] (Thisisu) -- C:\Documents and Settings\Admin\Plocha\JRT.exe
[2013.09.23 20:45:08 | 000,406,144 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe
[2013.09.23 20:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.23 20:34:01 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.22 15:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2013.09.22 15:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ffdshow
[2013.09.22 15:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
========== Files - Modified Within 7 Days ==========
[2013.09.23 21:46:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.23 21:41:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2013.09.23 21:17:14 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.23 21:07:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.23 21:07:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\WavXMapDrive.bat
[2013.09.23 21:07:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.23 21:02:23 | 001,042,066 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\adwcleaner.exe
[2013.09.23 20:48:35 | 001,030,038 | ---- | M] (Thisisu) -- C:\Documents and Settings\Admin\Plocha\JRT.exe
[2013.09.23 20:45:13 | 000,406,144 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe
[2013.09.23 14:56:04 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.22 23:07:37 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
[2013.09.22 22:40:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.09.22 21:42:56 | 000,001,256 | ---- | M] () -- C:\WINDOWS\mp3tunes.ini
========== Files Created - No Company Name ==========
[2013.09.23 21:46:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.23 21:02:02 | 001,042,066 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\adwcleaner.exe
[2013.09.22 23:04:19 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
[2013.09.22 15:23:04 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012.07.21 17:30:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012.07.16 08:01:44 | 000,065,576 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2012.07.16 08:01:42 | 000,022,560 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll
[2012.06.03 01:47:54 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2012.06.03 01:47:54 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2012.06.03 01:47:53 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2012.06.03 01:47:53 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2012.06.03 01:47:53 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2012.06.03 00:41:23 | 000,001,256 | ---- | C] () -- C:\WINDOWS\mp3tunes.ini
[2012.06.02 23:52:58 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2012.06.02 22:23:18 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.02 21:28:10 | 000,000,157 | ---- | C] () -- C:\Documents and Settings\Admin\default.pls
[2012.06.02 21:27:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.05.06 15:38:44 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2012.05.06 13:55:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\WavXMapDrive.bat
[2012.05.06 13:36:34 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.05.06 13:35:27 | 000,270,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.06 13:15:32 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2012.05.06 13:13:56 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll.bak
[2012.05.06 13:13:56 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2012.05.06 13:13:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll.bak
[2012.05.06 13:13:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2012.05.06 12:41:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.05.06 12:36:37 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2012.05.06 12:36:37 | 000,131,070 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2012.05.06 12:29:25 | 001,445,112 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012.05.06 12:29:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4943.dll
[2012.05.06 11:57:57 | 000,000,796 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2012.05.06 11:50:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.05.06 11:46:03 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012.05.06 13:11:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.02.28 20:49:53 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.22 23:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ArduoRenamer
[2012.06.03 22:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Canon
[2013.07.31 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\fltk.org
[2013.09.22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2012.06.02 23:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.12.17 23:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\VideoReDoPlus
[2012.05.06 13:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Wave Systems Corp
[2012.05.06 15:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2012.06.22 18:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Search
[2012.06.03 22:17:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.06.03 22:47:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2012.06.03 22:39:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2012.06.02 22:28:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.07.31 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fltk.org
[2012.05.06 13:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NTRU Cryptosystems
[2012.12.17 22:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.05.06 13:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Wave Systems Corp
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012.05.06 11:46:58 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.05.06 11:52:03 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.09.05 10:08:09 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.22 23:04:19 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[2004.08.18 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 12:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.18 12:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 12:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.18 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 12:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[28 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\62ac60e9517ccffb65dcfe2e09b92844\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\62ac60e9517ccffb65dcfe2e09b92844\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.07.13 16:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2012.06.02 21:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ahead
[2013.02.22 23:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ArduoRenamer
[2012.06.03 22:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Canon
[2013.03.17 22:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\dvdcss
[2013.07.31 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\fltk.org
[2013.09.22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2012.06.02 22:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GRETECH
[2012.05.06 11:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2012.05.06 12:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InstallShield
[2012.05.07 11:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2013.07.13 16:17:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2012.06.02 23:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.02 23:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2012.12.17 23:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\VideoReDoPlus
[2013.09.22 21:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\vlc
[2012.05.06 13:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Wave Systems Corp
[2012.05.06 15:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2012.06.22 18:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Search
[2012.05.06 11:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.09.23 21:17:14 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.22 23:07:37 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.05.06 13:34:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.05.06 13:34:10 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.05.06 13:34:10 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.09.23 21:07:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Xmarks" = C:\Program Files\Xmarks\IE Extension\xmarkssync.exe -q -- [2011.02.05 10:55:48 | 001,092,808 | ---- | M] (Xmarks.com)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.23 21:46:56 | 000,000,512 | ---- | M] () MD5=8E5B6B9BC8EF74C02E72578D7937FB12 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.07.13 19:51:52 | 000,000,884 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\img\favicons\cracked.com.png
[2013.03.10 19:21:41 | 000,004,125 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\CrackedCom.class
< *keygen* /s >
< *loader* /s >
[2012.07.21 14:39:47 | 000,000,782 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mihov Picture Downloader.lnk
[2012.06.02 23:18:22 | 000,000,860 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Zástupce (2) - JDownloader.exe.lnk
[2009.06.13 20:55:10 | 000,214,528 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.exe
[2011.10.18 21:02:13 | 000,743,728 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.jar
[2013.09.22 23:35:54 | 000,777,583 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.log
[2012.03.30 18:54:20 | 000,000,226 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.log.1
[2012.02.12 23:23:56 | 000,214,528 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloaderNIGHTLY.exe
[2011.10.18 20:58:58 | 000,214,528 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloaderNIGHTLY_old_stejny.exe
[2012.06.02 23:18:16 | 000,000,860 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\Zástupce (2) - JDownloader.exe.lnk
[2010.11.07 15:04:42 | 000,001,010 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\img\favicons\jdownloader.org.png
[2009.06.13 21:47:30 | 000,003,548 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\decrypt\JDLoader.class
[2009.06.13 23:12:40 | 000,002,223 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\decrypt\SuperUploaderNet.class
[2009.06.13 21:47:34 | 000,005,962 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\host\UploaderPl.class
[2012.10.09 20:33:36 | 000,011,082 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\MyDownloaderNet.class
[2013.02.13 21:05:42 | 000,004,584 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.30 20:38:04 | 000,003,880 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\UploaderJp.class
[2012.10.09 20:33:23 | 000,007,073 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\UploaderPl.class
[2011.10.18 21:03:37 | 000,032,222 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\licenses\jdownloader.license
[2013.09.19 20:23:56 | 000,002,545 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\0F858QV0\ajax-loader[1].gif
[2013.09.22 23:02:00 | 000,003,900 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\33X1ZZNC\Advert.Advantage.Reloader[1].js
[3 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\33X1ZZNC\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\33X1ZZNC\*.tmp -> ]
[2013.09.22 23:03:09 | 000,010,819 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\loader[1].gif
[5 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\*.tmp -> ]
[2013.09.18 02:01:36 | 000,000,414 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\3ODRWZHG\facebook_api_loader[1].js
[2 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\3ODRWZHG\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\3ODRWZHG\*.tmp -> ]
[2013.09.19 20:52:40 | 000,000,673 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\loader.white[1].gif
[2013.09.19 22:49:08 | 000,000,493 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\lsa-loader[1].js
[1 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\*.tmp -> ]
[2013.09.22 09:02:00 | 000,016,516 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\FSTEWI1V\preloader[1].gif
[3 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\FSTEWI1V\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\FSTEWI1V\*.tmp -> ]
[2013.07.02 22:12:39 | 000,010,819 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\QAJZE5E6\loader[1].gif
[2013.09.18 00:55:39 | 000,009,427 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\T29295IS\ajax-loader[1].gif
[2013.09.18 08:25:03 | 000,001,737 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\T29295IS\ajax-loader[2].gif
[2013.09.19 22:49:13 | 000,002,971 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\T29295IS\loader[1].gif
[2013.09.19 20:20:23 | 000,002,526 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\U4HS4B14\loader[1].gif
[2012.07.21 12:51:21 | 000,001,672 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader Help.lnk
[2012.07.21 12:51:21 | 000,001,663 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader Q&A.lnk
[2012.07.21 12:51:21 | 000,001,672 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader Web Page.lnk
[2012.07.21 12:51:21 | 000,001,688 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader.lnk
[2012.07.21 12:51:21 | 000,001,688 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Uninstall Mihov Picture Downloader.lnk
[2013.09.23 11:18:35 | 000,000,160 | ---- | M] () -- \Documents and Settings\Admin\Oblíbené položky\Pocitace\Software\Picture_download\Google Image Downloader.url
[2013.09.23 11:18:38 | 000,000,124 | ---- | M] () -- \Documents and Settings\Admin\Oblíbené položky\TV_video\Archivy\YouTube on-line downloader » Stahujte videa z YouTube stream-download (...).url
[2012.07.21 12:51:21 | 000,000,782 | ---- | M] () -- \Documents and Settings\Admin\Plocha\Mihov Picture Downloader.lnk
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader80.tlb
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 12:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2012.05.06 16:49:41 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 81,41% Memory free
4,83 Gb Paging File | 4,39 Gb Available in Paging File | 90,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 73,24 Gb Total Space | 23,40 Gb Free Space | 31,96% Space Free | Partition Type: NTFS
Drive E: | 1,28 Gb Total Space | 0,26 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 1397,25 Gb Total Space | 248,24 Gb Free Space | 17,77% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 150,24 Gb Free Space | 32,26% Space Free | Partition Type: NTFS
Computer Name: OH3 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2013.09.23 21:41:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
PRC - [2013.07.02 22:16:00 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.06.20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.06.20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.02.05 10:55:48 | 001,092,808 | ---- | M] (Xmarks.com) -- C:\Program Files\Xmarks\IE Extension\xmarkssync.exe
PRC - [2009.03.06 10:40:10 | 000,656,696 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2009.03.06 10:39:10 | 000,145,408 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009.02.18 14:10:14 | 000,991,232 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.17 18:06:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2006.11.08 15:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\WINDOWS\system32\ico.exe
PRC - [2006.03.17 17:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
========== Modules (No Company Name) ==========
MOD - [2013.08.23 11:25:47 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.15 14:16:54 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a12a09aaa2c560a808dea7eaba5040c1\System.Windows.Forms.ni.dll
MOD - [2013.08.15 14:16:39 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.15 14:15:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.07.12 23:56:17 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2012.05.06 15:44:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2012.05.06 15:44:31 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.04.09 00:40:34 | 003,470,848 | ---- | M] () -- C:\Program Files\ffdshow\ffdshow.ax
MOD - [2010.04.11 18:48:06 | 000,327,680 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.03.06 10:39:10 | 000,249,856 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
========== Services (SafeList) ==========
SRV - [2013.07.02 22:16:00 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.06.20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.02.18 14:10:14 | 000,991,232 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2008.12.12 09:54:00 | 000,638,976 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2008.11.12 13:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2006.03.17 17:25:16 | 000,065,536 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.06 10:39:10 | 000,208,824 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009.03.06 10:39:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2007.06.06 12:51:04 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2003.04.24 16:21:50 | 000,006,025 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope =
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{69742F06-3E33-4B64-9746-9BC7F7EF8775}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2004.08.18 12:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PMX Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003..\Run: [Xmarks] C:\Program Files\Xmarks\IE Extension\xmarkssync.exe (Xmarks.com)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EditLevel = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6303852890 (MUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9CE2079C-3F59-4D9C-8A74-DA8F1EC29152}: NameServer = 193.85.1.100,10.25.8.7,193.85.2.100,10.25.8.5
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.bdmpeg - C:\WINDOWS\System32\bdmpega.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I420 - C:\WINDOWS\System32\i420vfw.dll (http://www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\bdmjpeg.dll ()
Drivers32: vidc.mpeg - C:\WINDOWS\System32\bdmpegv.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2013.09.23 21:41:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2013.09.23 21:04:20 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.23 20:49:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.09.23 20:48:27 | 001,030,038 | ---- | C] (Thisisu) -- C:\Documents and Settings\Admin\Plocha\JRT.exe
[2013.09.23 20:45:08 | 000,406,144 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe
[2013.09.23 20:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.23 20:34:01 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.22 15:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\BandiMPEG1
[2013.09.22 15:23:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\ffdshow
[2013.09.22 15:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
========== Files - Modified Within 7 Days ==========
[2013.09.23 21:46:56 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.23 21:41:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Plocha\OTL.exe
[2013.09.23 21:17:14 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.23 21:07:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.09.23 21:07:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\WavXMapDrive.bat
[2013.09.23 21:07:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.09.23 21:02:23 | 001,042,066 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\adwcleaner.exe
[2013.09.23 20:48:35 | 001,030,038 | ---- | M] (Thisisu) -- C:\Documents and Settings\Admin\Plocha\JRT.exe
[2013.09.23 20:45:13 | 000,406,144 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe
[2013.09.23 14:56:04 | 000,050,176 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.09.22 23:07:37 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
[2013.09.22 22:40:39 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.09.22 21:42:56 | 000,001,256 | ---- | M] () -- C:\WINDOWS\mp3tunes.ini
========== Files Created - No Company Name ==========
[2013.09.23 21:46:56 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.23 21:02:02 | 001,042,066 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\adwcleaner.exe
[2013.09.22 23:04:19 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
[2013.09.22 15:23:04 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2012.07.21 17:30:40 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012.07.16 08:01:44 | 000,065,576 | ---- | C] () -- C:\WINDOWS\System32\bdmpegv.dll
[2012.07.16 08:01:42 | 000,022,560 | ---- | C] () -- C:\WINDOWS\System32\bdmjpeg.dll
[2012.06.03 01:47:54 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2012.06.03 01:47:54 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2012.06.03 01:47:53 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2012.06.03 01:47:53 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2012.06.03 01:47:53 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2012.06.03 00:41:23 | 000,001,256 | ---- | C] () -- C:\WINDOWS\mp3tunes.ini
[2012.06.02 23:52:58 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2012.06.02 22:23:18 | 000,050,176 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.02 21:28:10 | 000,000,157 | ---- | C] () -- C:\Documents and Settings\Admin\default.pls
[2012.06.02 21:27:29 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.05.06 15:38:44 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat
[2012.05.06 13:55:47 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\WavXMapDrive.bat
[2012.05.06 13:36:34 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.05.06 13:35:27 | 000,270,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.05.06 13:15:32 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2012.05.06 13:13:56 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll.bak
[2012.05.06 13:13:56 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2012.05.06 13:13:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll.bak
[2012.05.06 13:13:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2012.05.06 12:41:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.05.06 12:36:37 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FontZoom.exe
[2012.05.06 12:36:37 | 000,131,070 | ---- | C] () -- C:\WINDOWS\System32\DellPM.ini
[2012.05.06 12:29:25 | 001,445,112 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2012.05.06 12:29:25 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4943.dll
[2012.05.06 11:57:57 | 000,000,796 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2012.05.06 11:50:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.05.06 11:46:03 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2012.05.06 13:11:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.02.28 20:49:53 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.22 23:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ArduoRenamer
[2012.06.03 22:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Canon
[2013.07.31 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\fltk.org
[2013.09.22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2012.06.02 23:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.12.17 23:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\VideoReDoPlus
[2012.05.06 13:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Wave Systems Corp
[2012.05.06 15:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2012.06.22 18:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Search
[2012.06.03 22:17:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2012.06.03 22:47:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2012.06.03 22:39:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2012.06.02 22:28:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.07.31 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\fltk.org
[2012.05.06 13:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NTRU Cryptosystems
[2012.12.17 22:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.05.06 13:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Wave Systems Corp
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012.05.06 11:46:58 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.05.06 11:52:03 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.09.05 10:08:09 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.22 23:04:19 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
< >
< MD5 for: ATAPI.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\atapi.sys
[2004.08.18 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 12:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 12:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 12:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 12:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.18 12:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 12:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.18 12:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 12:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 12:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 12:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.18 12:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< >
< %systemroot%*.* /U /s >
[26 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[28 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\62ac60e9517ccffb65dcfe2e09b92844\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\62ac60e9517ccffb65dcfe2e09b92844\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.07.13 16:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2012.06.02 21:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Ahead
[2013.02.22 23:29:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ArduoRenamer
[2012.06.03 22:39:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Canon
[2013.03.17 22:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\dvdcss
[2013.07.31 22:41:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\fltk.org
[2013.09.22 23:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\foobar2000
[2012.06.02 22:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GRETECH
[2012.05.06 11:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2012.05.06 12:36:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InstallShield
[2012.05.07 11:01:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2013.07.13 16:17:24 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2012.06.02 23:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Oracle
[2012.06.02 23:19:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2012.12.17 23:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\VideoReDoPlus
[2013.09.22 21:43:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\vlc
[2012.05.06 13:57:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Wave Systems Corp
[2012.05.06 15:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2012.06.22 18:54:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Search
[2012.05.06 11:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2013.09.23 21:17:14 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.09.22 23:07:37 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2012.05.06 13:34:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.05.06 13:34:10 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.05.06 13:34:10 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2013.09.23 21:07:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Xmarks" = C:\Program Files\Xmarks\IE Extension\xmarkssync.exe -q -- [2011.02.05 10:55:48 | 001,092,808 | ---- | M] (Xmarks.com)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.23 21:46:56 | 000,000,512 | ---- | M] () MD5=8E5B6B9BC8EF74C02E72578D7937FB12 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2011.07.13 19:51:52 | 000,000,884 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\img\favicons\cracked.com.png
[2013.03.10 19:21:41 | 000,004,125 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\CrackedCom.class
< *keygen* /s >
< *loader* /s >
[2012.07.21 14:39:47 | 000,000,782 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mihov Picture Downloader.lnk
[2012.06.02 23:18:22 | 000,000,860 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Zástupce (2) - JDownloader.exe.lnk
[2009.06.13 20:55:10 | 000,214,528 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.exe
[2011.10.18 21:02:13 | 000,743,728 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.jar
[2013.09.22 23:35:54 | 000,777,583 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.log
[2012.03.30 18:54:20 | 000,000,226 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloader.log.1
[2012.02.12 23:23:56 | 000,214,528 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloaderNIGHTLY.exe
[2011.10.18 20:58:58 | 000,214,528 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\JDownloaderNIGHTLY_old_stejny.exe
[2012.06.02 23:18:16 | 000,000,860 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\Zástupce (2) - JDownloader.exe.lnk
[2010.11.07 15:04:42 | 000,001,010 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\img\favicons\jdownloader.org.png
[2009.06.13 21:47:30 | 000,003,548 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\decrypt\JDLoader.class
[2009.06.13 23:12:40 | 000,002,223 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\decrypt\SuperUploaderNet.class
[2009.06.13 21:47:34 | 000,005,962 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\host\UploaderPl.class
[2012.10.09 20:33:36 | 000,011,082 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\MyDownloaderNet.class
[2013.02.13 21:05:42 | 000,004,584 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\OmpLoaderOrg.class
[2013.06.30 20:38:04 | 000,003,880 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\UploaderJp.class
[2012.10.09 20:33:23 | 000,007,073 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\jd\plugins\hoster\UploaderPl.class
[2011.10.18 21:03:37 | 000,032,222 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\inst\neinstaluje_se\JDownloader 0.6.193\licenses\jdownloader.license
[2013.09.19 20:23:56 | 000,002,545 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\0F858QV0\ajax-loader[1].gif
[2013.09.22 23:02:00 | 000,003,900 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\33X1ZZNC\Advert.Advantage.Reloader[1].js
[3 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\33X1ZZNC\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\33X1ZZNC\*.tmp -> ]
[2013.09.22 23:03:09 | 000,010,819 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\loader[1].gif
[5 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\*.tmp -> ]
[2013.09.18 02:01:36 | 000,000,414 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\3ODRWZHG\facebook_api_loader[1].js
[2 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\3ODRWZHG\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\3ODRWZHG\*.tmp -> ]
[2013.09.19 20:52:40 | 000,000,673 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\loader.white[1].gif
[2013.09.19 22:49:08 | 000,000,493 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\lsa-loader[1].js
[1 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4I3ZHUS5\*.tmp -> ]
[2013.09.22 09:02:00 | 000,016,516 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\FSTEWI1V\preloader[1].gif
[3 \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\FSTEWI1V\*.tmp files -> \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\FSTEWI1V\*.tmp -> ]
[2013.07.02 22:12:39 | 000,010,819 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\QAJZE5E6\loader[1].gif
[2013.09.18 00:55:39 | 000,009,427 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\T29295IS\ajax-loader[1].gif
[2013.09.18 08:25:03 | 000,001,737 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\T29295IS\ajax-loader[2].gif
[2013.09.19 22:49:13 | 000,002,971 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\T29295IS\loader[1].gif
[2013.09.19 20:20:23 | 000,002,526 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\U4HS4B14\loader[1].gif
[2012.07.21 12:51:21 | 000,001,672 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader Help.lnk
[2012.07.21 12:51:21 | 000,001,663 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader Q&A.lnk
[2012.07.21 12:51:21 | 000,001,672 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader Web Page.lnk
[2012.07.21 12:51:21 | 000,001,688 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Mihov Picture Downloader.lnk
[2012.07.21 12:51:21 | 000,001,688 | ---- | M] () -- \Documents and Settings\Admin\Nabídka Start\Programy\Mihov Picture Downloader\Uninstall Mihov Picture Downloader.lnk
[2013.09.23 11:18:35 | 000,000,160 | ---- | M] () -- \Documents and Settings\Admin\Oblíbené položky\Pocitace\Software\Picture_download\Google Image Downloader.url
[2013.09.23 11:18:38 | 000,000,124 | ---- | M] () -- \Documents and Settings\Admin\Oblíbené položky\TV_video\Archivy\YouTube on-line downloader » Stahujte videa z YouTube stream-download (...).url
[2012.07.21 12:51:21 | 000,000,782 | ---- | M] () -- \Documents and Settings\Admin\Plocha\Mihov Picture Downloader.lnk
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader80.tlb
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.18 12:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2012.05.06 16:49:41 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409
< End of report >
-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
OTL Extras logfile created on: 23.9.2013 21:45:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 81,41% Memory free
4,83 Gb Paging File | 4,39 Gb Available in Paging File | 90,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 73,24 Gb Total Space | 23,40 Gb Free Space | 31,96% Space Free | Partition Type: NTFS
Drive E: | 1,28 Gb Total Space | 0,26 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 1397,25 Gb Total Space | 248,24 Gb Free Space | 17,77% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 150,24 Gb Free Space | 32,26% Space Free | Partition Type: NTFS
Computer Name: OH3 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\Admin\Data aplikací\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\MYTH-Age2_x1.exe" = C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\MYTH-Age2_x1.exe:*:Enabled:Age of Empires II Expansion
"C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe" = C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}" = Broadcom ASF Management Applications
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{087E06A0-4514-4CEA-918A-D6A9AB0F8433}" = upekmsi
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{1687A8A1-F0F3-44AA-9DA8-ABAE6654AAF4}" = Start Menu Cleanup
"{177D1318-3E4B-4A7C-A300-AC4E21BE090B}" = Broadcom Management Programs
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{8048F0F3-C5AB-4C3C-8518-2B5E41DDFABA}" = AuthenTec Fingerprint Sensor Minimum Install
"{86A8FD76-3268-4102-9674-7118881EC2C0}" = Wave Infrastructure Installer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3379132-291E-4B3D-B1FE-BCFAD8157B46}" = Xmarks for IE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EFBC91F4-A6CD-0EE1-0121-210DCDA11029}" = Nero 7 Demo
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Balíček ovladače systému Windows - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ArduoRenamer_is1" = ArduoRenamer 1.2
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DirTree_is1" = DirTree 1.02
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Efficient WMA MP3 Converter_is1" = Efficient WMA MP3 Converter v0.99
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"FileHippo.com" = FileHippo.com Update Checker
"foobar2000" = foobar2000 v1.1.13
"GOM Player" = GOM Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{1687A8A1-F0F3-44AA-9DA8-ABAE6654AAF4}" = Start Menu Cleanup
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"Media Tagger_is1" = Media Tagger v1.3.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mihov Picture Downloader" = Mihov Picture Downloader 1.4 (remove only)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MP3Tunes" = MP3 Tunes v1.8
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Registrace uživatele zařízení Canon MP540 series" = Registrace uživatele zařízení Canon MP540 series
"Shuangs Audio Joiner_is1" = Shuangs Audio Joiner 1.0
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"Totalcmd" = Total Commander (Remove or Repair)
"Trout_is1" = Trout
"UltimateReNamerJG_is1" = UltimateReNamerJG 1.0.4.0
"VideoReDo-Plus_is1" = VideoReDo/Plus Version 2.5.6.512
"VLC media player" = VLC media player 2.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.9.2013 2:26:45 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:20:13 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:20:15 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:22:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\ADMIN\DOKUMENTY\WWW_TMP\KOPIE -
PIERRE HENRY - PSYCHE ROCK (FATBOY SLIM MALPASO MIX) ++=UPR.MP3> v mapě algoritmu
hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti: Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ Application Events ]
Error - 23.9.2013 2:26:45 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:20:13 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:20:15 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:22:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\ADMIN\DOKUMENTY\WWW_TMP\KOPIE -
PIERRE HENRY - PSYCHE ROCK (FATBOY SLIM MALPASO MIX) ++=UPR.MP3> v mapě algoritmu
hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti: Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ Application Events ]
Error - 23.9.2013 2:26:45 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:20:13 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:20:15 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:22:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\ADMIN\DOKUMENTY\WWW_TMP\KOPIE -
PIERRE HENRY - PSYCHE ROCK (FATBOY SLIM MALPASO MIX) ++=UPR.MP3> v mapě algoritmu
hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti: Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ System Events ]
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:23 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 19.9.2013 12:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7022
Description = Služba TdmService přestala během spouštění reagovat.
[ System Events ]
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:23 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 19.9.2013 12:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7022
Description = Služba TdmService přestala během spouštění reagovat.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,99 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 81,41% Memory free
4,83 Gb Paging File | 4,39 Gb Available in Paging File | 90,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 73,24 Gb Total Space | 23,40 Gb Free Space | 31,96% Space Free | Partition Type: NTFS
Drive E: | 1,28 Gb Total Space | 0,26 Gb Free Space | 20,39% Space Free | Partition Type: NTFS
Drive F: | 1397,25 Gb Total Space | 248,24 Gb Free Space | 17,77% Space Free | Partition Type: NTFS
Drive H: | 465,76 Gb Total Space | 150,24 Gb Free Space | 32,26% Space Free | Partition Type: NTFS
Computer Name: OH3 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Documents and Settings\Admin\Data aplikací\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"80:TCP" = 80:TCP:*:Disabled:Vzdálená správa systému Windows – režim kompatibility (HTTP-In)
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\MYTH-Age2_x1.exe" = C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\MYTH-Age2_x1.exe:*:Enabled:Age of Empires II Expansion
"C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe" = C:\Documents and Settings\Admin\Plocha\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}" = Broadcom ASF Management Applications
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{087E06A0-4514-4CEA-918A-D6A9AB0F8433}" = upekmsi
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{1687A8A1-F0F3-44AA-9DA8-ABAE6654AAF4}" = Start Menu Cleanup
"{177D1318-3E4B-4A7C-A300-AC4E21BE090B}" = Broadcom Management Programs
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{448E2D77-E504-4221-B2C2-93646B344729}" = Mouse Suite for Desktop Computers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{8048F0F3-C5AB-4C3C-8518-2B5E41DDFABA}" = AuthenTec Fingerprint Sensor Minimum Install
"{86A8FD76-3268-4102-9674-7118881EC2C0}" = Wave Infrastructure Installer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3379132-291E-4B3D-B1FE-BCFAD8157B46}" = Xmarks for IE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EFBC91F4-A6CD-0EE1-0121-210DCDA11029}" = Nero 7 Demo
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{FC57FC53-104C-415C-98D7-B05E659461A9}" = Broadcom Gigabit Integrated Controller
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Balíček ovladače systému Windows - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ArduoRenamer_is1" = ArduoRenamer 1.2
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DirTree_is1" = DirTree 1.02
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Efficient WMA MP3 Converter_is1" = Efficient WMA MP3 Converter v0.99
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"FileHippo.com" = FileHippo.com Update Checker
"foobar2000" = foobar2000 v1.1.13
"GOM Player" = GOM Player
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{1687A8A1-F0F3-44AA-9DA8-ABAE6654AAF4}" = Start Menu Cleanup
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"Media Tagger_is1" = Media Tagger v1.3.5
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mihov Picture Downloader" = Mihov Picture Downloader 1.4 (remove only)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"MP3Tunes" = MP3 Tunes v1.8
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Registrace uživatele zařízení Canon MP540 series" = Registrace uživatele zařízení Canon MP540 series
"Shuangs Audio Joiner_is1" = Shuangs Audio Joiner 1.0
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"Totalcmd" = Total Commander (Remove or Repair)
"Trout_is1" = Trout
"UltimateReNamerJG_is1" = UltimateReNamerJG 1.0.4.0
"VideoReDo-Plus_is1" = VideoReDo/Plus Version 2.5.6.512
"VLC media player" = VLC media player 2.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.9.2013 2:26:45 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:20:13 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:20:15 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:22:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\ADMIN\DOKUMENTY\WWW_TMP\KOPIE -
PIERRE HENRY - PSYCHE ROCK (FATBOY SLIM MALPASO MIX) ++=UPR.MP3> v mapě algoritmu
hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti: Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ Application Events ]
Error - 23.9.2013 2:26:45 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:20:13 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:20:15 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:22:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\ADMIN\DOKUMENTY\WWW_TMP\KOPIE -
PIERRE HENRY - PSYCHE ROCK (FATBOY SLIM MALPASO MIX) ++=UPR.MP3> v mapě algoritmu
hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti: Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ Application Events ]
Error - 23.9.2013 2:26:45 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:20:13 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:20:15 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 9:22:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <C:\DOCUMENTS AND SETTINGS\ADMIN\DOKUMENTY\WWW_TMP\KOPIE -
PIERRE HENRY - PSYCHE ROCK (FATBOY SLIM MALPASO MIX) ++=UPR.MP3> v mapě algoritmu
hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex Podrobnosti: Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 9:23:19 | Computer Name = OH3 | Source = Windows Search Service | ID = 3013
Description = Položka <F:\MUSIC\MUSIC_ZAKLAD\PENDULUM\PENDULUM 2005 - HOLD YOUR
COLOUR> v mapě algoritmu hash nebyla aktualizována. Kontext: aplikace , katalog SystemIndex
Podrobnosti:
Zařízení
připojené k systému nefunguje. (0x8007001f)
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 14:09:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 23.9.2013 15:07:22 | Computer Name = OH3 | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ System Events ]
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:23 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 19.9.2013 12:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7022
Description = Služba TdmService přestala během spouštění reagovat.
[ System Events ]
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:37:52 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 13.9.2013 2:39:23 | Computer Name = OH3 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Windows Search.
Error - 13.9.2013 2:39:24 | Computer Name = OH3 | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053
Error - 19.9.2013 12:39:00 | Computer Name = OH3 | Source = Service Control Manager | ID = 7022
Description = Služba TdmService přestala během spouštění reagovat.
< End of report >
Re: Nefunkčnost java/flash, podezřelá instalace
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm) DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass) DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{69742F06-3E33-4B64-9746-9BC7F7EF8775}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-1645522239-725345543-1417001333-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC [2013.09.23 20:45:08 | 000,406,144 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe [2013.09.23 21:17:14 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job [2013.09.22 23:07:37 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job @Alternate Data Stream - 178 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409 :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "Adobe ARM"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=- "Xmarks"=- :files %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
Pardon, radši se zeptám, mám v OTL zase zadat:
•Zaskrtnete okenko Pro vsechny uzivatele
•Zaskrtnete okenko Kontrola na havet "LOP"
•Zaskrtnete okenko Kontrola na havet "Purity"
•Stari souboru zmente z 30 dnu na 7 dnu
? diky
•Zaskrtnete okenko Pro vsechny uzivatele
•Zaskrtnete okenko Kontrola na havet "LOP"
•Zaskrtnete okenko Kontrola na havet "Purity"
•Stari souboru zmente z 30 dnu na 7 dnu
? diky
Re: Nefunkčnost java/flash, podezřelá instalace
Nic se nedeje, radeji se zeptat 
Nemusite nic zadavat, toto nastaveni melo vliv jen na skenovani. Takze jen vlozit dolu skript a klik na Opravit"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service InCDRm stopped successfully!
Service InCDRm deleted successfully!
File system32\drivers\InCDRm.sys not found.
Service InCDPass stopped successfully!
Service InCDPass deleted successfully!
File system32\drivers\InCDPass.sys not found.
Service InCDFs stopped successfully!
Service InCDFs deleted successfully!
File system32\drivers\InCDFs.sys not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{69742F06-3E33-4B64-9746-9BC7F7EF8775}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69742F06-3E33-4B64-9746-9BC7F7EF8775}\ not found.
Registry key HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Xmarks deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 587199122 bytes
->Temporary Internet Files folder emptied: 1144557764 bytes
->Flash cache emptied: 3464 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 623614 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: TEMP
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5955444 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 118431204 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 7310654 bytes
Total Files Cleaned = 1 778,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: TEMP
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Admin
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: TEMP
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 09242013_185849
Files\Folders moved on Reboot...
C:\Documents and Settings\Admin\Local Settings\Temp\JavaDeployReg.log moved successfully.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\afr[2].htm moved successfully.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\viewtopic[1].php moved successfully.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service InCDRm stopped successfully!
Service InCDRm deleted successfully!
File system32\drivers\InCDRm.sys not found.
Service InCDPass stopped successfully!
Service InCDPass deleted successfully!
File system32\drivers\InCDPass.sys not found.
Service InCDFs stopped successfully!
Service InCDFs deleted successfully!
File system32\drivers\InCDFs.sys not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{69742F06-3E33-4B64-9746-9BC7F7EF8775}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69742F06-3E33-4B64-9746-9BC7F7EF8775}\ not found.
Registry key HKEY_USERS\S-1-5-21-1645522239-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Documents and Settings\Admin\Plocha\sc-cleaner.exe moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{DF575295-614C-422A-B424-BD440D4C3C96}.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0888F409 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Xmarks deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: Admin
->Temp folder emptied: 587199122 bytes
->Temporary Internet Files folder emptied: 1144557764 bytes
->Flash cache emptied: 3464 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 623614 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: TEMP
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5955444 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 118431204 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 7310654 bytes
Total Files Cleaned = 1 778,00 mb
[EMPTYFLASH]
User: Admin
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: TEMP
Total Flash Files Cleaned = 0,00 mb
[EMPTYJAVA]
User: Admin
User: All Users
User: Default User
User: LocalService
User: NetworkService
User: TEMP
Total Java Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 09242013_185849
Files\Folders moved on Reboot...
C:\Documents and Settings\Admin\Local Settings\Temp\JavaDeployReg.log moved successfully.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\afr[2].htm moved successfully.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\39J5OF8P\viewtopic[1].php moved successfully.
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: Nefunkčnost java/flash, podezřelá instalace
OTL nam udelalo co melo, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
Co se týká chodu PC, předtím jsem si všiml jen změněného chování Internet Exploreru, a to je bohužel stále stejné:
IE8
na každé nové stránce záložky už se nezobrazuje původní seznam naposledy použitých záložek
Přestože jsou příslušné doplňky zapnuty, hlásí to:
- Pro správnou funkčnost této aplikace je nutné mít povolený JavaScript!
- No adequate Adobe Flash Player version.
IE8
na každé nové stránce záložky už se nezobrazuje původní seznam naposledy použitých záložek
Přestože jsou příslušné doplňky zapnuty, hlásí to:
- Pro správnou funkčnost této aplikace je nutné mít povolený JavaScript!
- No adequate Adobe Flash Player version.
Re: Nefunkčnost java/flash, podezřelá instalace
Stahnete WIGI http://tigzy.geekstogo.com/Tools/WhyIGotInfected.exe
- Pokud pouzivate Win Vista ci W7, kliknete na WIGI pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Scan
- Po dokonceni scanu (obdelnik vedle bude cely zeleny) kliknete na Report
- Otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
zbynadovirycz
- Vzorný návštěvník
- Příspěvky: 80
- Registrován: 08 úno 2009 12:46
Re: Nefunkčnost java/flash, podezřelá instalace
WhyIGotInfected 1.8.0.0(by Tigzy)
********************************
Run : 24.9.2013 19:42:05 [Normal Mode]
Machine : OH3 (2 CPUs) [Admin : ADMIN]
OS: Windows XP Professional Service Pack 3 (x86)
~~ Plugins check: ~~
UPTODATE [Windows XP Professional Service Pack 3] Current : Service Pack 3 -- Latest : Service Pack 3
UPTODATE [Internet Explorer] Current : 8.0.6001.18702 -- Latest : 8.0.6001.18702
OUTDATED [Java 7] Current : 1.7.0_25 -- Latest : 1.7.0_40
UPTODATE [Adobe Reader] Current : 11 -- Latest : 11
OUTDATED [Adobe Flash] Current : 11.3.300.265 -- Latest : 11.8.800.174
OUTDATED [Adobe Flash ActiveX] Current : 11.3.300.265 -- Latest : 11.8.800.174
Finished
<C:\Documents and Settings\Admin\Plocha\WIGIReport[0].txt>
WIGIReport[0].txt
********************************
Run : 24.9.2013 19:42:05 [Normal Mode]
Machine : OH3 (2 CPUs) [Admin : ADMIN]
OS: Windows XP Professional Service Pack 3 (x86)
~~ Plugins check: ~~
UPTODATE [Windows XP Professional Service Pack 3] Current : Service Pack 3 -- Latest : Service Pack 3
UPTODATE [Internet Explorer] Current : 8.0.6001.18702 -- Latest : 8.0.6001.18702
OUTDATED [Java 7] Current : 1.7.0_25 -- Latest : 1.7.0_40
UPTODATE [Adobe Reader] Current : 11 -- Latest : 11
OUTDATED [Adobe Flash] Current : 11.3.300.265 -- Latest : 11.8.800.174
OUTDATED [Adobe Flash ActiveX] Current : 11.3.300.265 -- Latest : 11.8.800.174
Finished
<C:\Documents and Settings\Admin\Plocha\WIGIReport[0].txt>
WIGIReport[0].txt
Re: Nefunkčnost java/flash, podezřelá instalace
I log potvrzuje, ze je tam zastarala Java a Flash Player Stahnete aktualni verze
- Java odsud http://java.com/en/
- Flash Player odsud http://get.adobe.com/cz/flashplayer/
- U FlashPlayeru odkliknete instalaci McAfee Security Scan Plus - ten je zbytecny pridavek
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?